Creating Distributed Key Policies

4 Click Save when complete.

Table 51 Point-to-point policy entries

Field

Description

Name

Enter a unique name to identify the policy. Names can be 1 - 40 characters in

 

length. Alphanumeric characters and spaces are valid. The special characters

 

<, >, &, ,“ *, ?, /, \, : and cannot be used in the policy name. Names are not

 

case sensitive.

Priority

Enter the priority for this policy from 1 to 65000. PEPs enforce policies in

 

descending priority order with the highest priority number processed first.

Renew Keys/

Specifies the lifetime of the keys and policies, and the frequency at which the

Refresh

keys are regenerated and policies’ lifetimes are updated on the PEPs.

Lifetime

Regenerate keys and update policies either at a specified interval in hours or

 

daily at a specified time. Click either Hours or Daily.

 

• Hours - enter the re-key interval in hours between 0 and 65535 hours. 0

 

hours causes keys and policies to never expire and never update. Use 0

 

hours for drop and clear policy types.

 

• Daily - enter the re-key time using the 24 hour system clock set to the

 

required local time of the ETPM workstation. The re-key time will translate to

 

the local times of the ETKMSs and PEPs that might be located in other time

 

zones.

Type

Specifies the action applied to packets that match the protocol and networks

 

included in this policy.

 

• Drop - drops all packets matching this policy.

 

• Bypass - passes all packets matching this policy with no encryption and

 

authentication.

 

• IPSec - encrypts or decrypts all packets matching this policy.

IPSec

Specifies the encryption and authentication algorithms used in an IPSec policy.

 

Select the encryption algorithm from the Encryption Algorithms list:

 

• AES - Advanced Encryption Standard (default)

 

• 3DES - a more secure variant of Data Encryption Standard

 

Select the authentication algorithm from the Authentication Algorithms list:

 

HMAC-SHA-1- Secure Hash Algorithm

 

HMAC-MD5- Message Digest 5

 

Note: Layer 4 policies require AES and HMAC-SHA-1.

Key Generation

Specifies the key generation and distribution mechanism for the PEPs included

 

in this policy.

 

• By Network Set - The default ETKMS within each network set generates

 

and distributes the keys to the PEPs included in those network sets.

 

• Global ETKMS - A global ETKMS generates the keys and sends them to

 

the default ETKMSs in each network set for distribution to all of PEPs

 

included in the policy.

 

Select the desired ETKMS from the Global ETKMS list.

 

 

204

EncrypTight User Guide

Page 203
Image 203
Black Box ET0100A, ET1000A, ET0010A, EncrypTight manual Point-to-point policy entries, Field Description

EncrypTight, ET0100A, ET0010A, ET1000A specifications

The Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are advanced solutions designed for secure data transmission and network management, catering to modern enterprise needs. These tools integrate cutting-edge technologies to enhance connectivity, security, and efficiency within various environments.

The Black Box ET1000A is primarily a high-performance Ethernet over Twisted Pair (EoTP) solution. It enables users to extend Ethernet signals over long distances using existing twisted-pair cabling without sacrificing speed or reliability. With support for speeds up to 100 Mbps, this device is ideal for organizations looking to upgrade their existing infrastructure without extensive rewiring. Key features include plug-and-play installation, which simplifies deployment, and versatile compatibility with both legacy and modern ethernet networks.

The ET0010A model takes connectivity a step further by providing seamless integration with fiber optics. This device supports transmission distances that far exceed traditional copper solutions, making it a perfect fit for larger facilities or multi-building campuses. Its built-in Ethernet switch enhances network efficiency by providing multiple ports for device connectivity, thus facilitating greater data flow.

EncrypTight technology is a notable feature across these Black Box models, offering advanced encryption capabilities to safeguard sensitive data during transmission. With military-grade encryption protocols, EncrypTight ensures that corporate information remains secure from potential eavesdroppers. This technology is essential for businesses operating in regulated industries or that handle confidential customer information.

The ET0100A model combines intelligence with monitoring features to provide users with comprehensive network insights. It boasts built-in diagnostic tools that enable IT professionals to troubleshoot issues quickly and efficiently. Additionally, it features real-time performance monitoring, allowing users to analyze bandwidth usage and optimize network performance accordingly.

In conclusion, the Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are powerful tools that embody the latest in data transmission and network management technologies. With their unique features—including extended connectivity capabilities, robust encryption technologies, and real-time monitoring solutions—these devices cater to the growing demands of businesses seeking to enhance their network infrastructure while ensuring robust security and efficiency. Integrating these tools into any organization’s operations can fundamentally improve both performance and data protection, making them indispensable in today’s digital landscape.