2 EncrypTight Deployment Planning

When deploying EncrypTight, you must plan the following:

EncrypTight Component Connections

Network Clock Synchronization

IPv6 Address Support

Certificate Support

Network Addressing for IP Networks

EncrypTight Component Connections

EncrypTight can be managed in-line or out-of-band. When managing in-line, management traffic flows through the data path. You must enable the Passing TLS traffic in the clear feature on all PEPs for proper communication among EncrypTight components (ETEMS, ETPM, ETKMS, PEPs). When passing TLS in the clear is enabled on Layer 2 PEPs, TLS and ARP packets are sent unencrypted.

If your network uses other routing protocols that need to pass in the clear, consider the following:

At Layer 3, create policies to pass the routing protocols in the clear. The PEPs must also be configured to pass non-IP traffic in the clear (this is the default setting on the Advanced tab in ETEMS).

At Layer 2, consider a separate out-of-band management network, or put the management traffic on a separate VLAN and create a Layer 2 policy to pass packets with this VLAN tag in the clear. Customer support can advise you on a solution that works best in your network.

Use local site policies

Local site policies allow you to create locally configured policies using CLI commands, without requiring an EncrypTight ETKMS for key distribution. Using the local-site CLI commands you can create manual key encryption policies, bypass policies, and discard policies at either Layer 2 or Layer 3. Mesh policies can be created by adding policies that share the identical keys and SPIs to multiple ETEPs.

The primary use for local site policies is to facilitate in-line management in Layer 2 encrypted networks. These policies supplement existing encryption policies, adding the flexibility to encrypt or pass in the clear specific Layer 3 routing protocols, or Layer 2 Ethertypes and VLAN IDs.

For information on creating and using local site policies, see the CLI User Guide.

This chapter discusses connections between each of the EncrypTight components, providing in-line and out-of-band examples.

EncrypTight User Guide

25

Page 24
Image 24
Black Box ET1000A, ET0010A, ET0100A manual EncrypTight Deployment Planning, EncrypTight Component Connections

EncrypTight, ET0100A, ET0010A, ET1000A specifications

The Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are advanced solutions designed for secure data transmission and network management, catering to modern enterprise needs. These tools integrate cutting-edge technologies to enhance connectivity, security, and efficiency within various environments.

The Black Box ET1000A is primarily a high-performance Ethernet over Twisted Pair (EoTP) solution. It enables users to extend Ethernet signals over long distances using existing twisted-pair cabling without sacrificing speed or reliability. With support for speeds up to 100 Mbps, this device is ideal for organizations looking to upgrade their existing infrastructure without extensive rewiring. Key features include plug-and-play installation, which simplifies deployment, and versatile compatibility with both legacy and modern ethernet networks.

The ET0010A model takes connectivity a step further by providing seamless integration with fiber optics. This device supports transmission distances that far exceed traditional copper solutions, making it a perfect fit for larger facilities or multi-building campuses. Its built-in Ethernet switch enhances network efficiency by providing multiple ports for device connectivity, thus facilitating greater data flow.

EncrypTight technology is a notable feature across these Black Box models, offering advanced encryption capabilities to safeguard sensitive data during transmission. With military-grade encryption protocols, EncrypTight ensures that corporate information remains secure from potential eavesdroppers. This technology is essential for businesses operating in regulated industries or that handle confidential customer information.

The ET0100A model combines intelligence with monitoring features to provide users with comprehensive network insights. It boasts built-in diagnostic tools that enable IT professionals to troubleshoot issues quickly and efficiently. Additionally, it features real-time performance monitoring, allowing users to analyze bandwidth usage and optimize network performance accordingly.

In conclusion, the Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are powerful tools that embody the latest in data transmission and network management technologies. With their unique features—including extended connectivity capabilities, robust encryption technologies, and real-time monitoring solutions—these devices cater to the growing demands of businesses seeking to enhance their network infrastructure while ensuring robust security and efficiency. Integrating these tools into any organization’s operations can fundamentally improve both performance and data protection, making them indispensable in today’s digital landscape.