Trusted Hosts

Related topic:

“Ignore DF Bit” on page 310

“Path Maximum Transmission Unit” on page 326

“Features Configuration” on page 330

Trusted Hosts

In its default state the ETEP management port accepts all packets from any host. The trusted host feature lets you restrict access by specifying the hosts that are allowed to communicate with the management port. When the trusted host feature is enabled, packets that are received from non-trusted hosts are discarded. An exception is SSH, which is a secure protocol. It is always allowed regardless of host.

Figure 107 Trusted host list

The ETEMS management station must be included in the trusted host list when the trusted hosts feature is enabled, and at least one trusted host must have HTTPS enabled. HTTPS (TLS) is required for ETEMS to ETEP communications.

If you enter the management station IP address incorrectly, ETEMS will be unable to communicate with the ETEP. To recover, you will need to log in to the CLI and issue the disable-trusted-hostscommand. See “Appliance Unreachable” on page 224 for more information.

ETKMSs must also be included in the trusted host list. The easiest way to ensure that your ETKMSs are included in the list is to add the ETKMSs in the ETEMS Appliance Manager before enabling the trusted host feature on the ETEP.

If you add a new ETKMS in ETEMS after the trusted host feature is enabled on the ETEP, you can add the ETKMS to its trusted host list in one of the following ways:

Use the ETKMS in a policy definition in ETPM

On each ETEP that is using the trusted host feature, clear the Enable Trusted Hosts checkbox and then select it again

In either case, you must push the new configuration to the ETEPs for the new trusted host list to become effective. Until you push the new configuration, the ETEP’s status is displayed as not equal in the ETEMS Appliance Manager.

The ETEP interacts with two types of hosts:

Inbound hosts are the management station protocols used to communicate with the ETEP: HTTPS, ICMP, and SNMP.

Outbound hosts receive packets initiated by the ETEP: SNMP trap hosts, syslog servers, and NTP server hosts.

EncrypTight User Guide

311

Page 309 Page 311
Page 310
Image 310
Black Box EncrypTight, ET1000A, ET0010A, ET0100A manual Trusted Hosts, Trusted host list
Page 309 Page 311

EncrypTight, ET0100A, ET0010A, ET1000A specifications

The Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are advanced solutions designed for secure data transmission and network management, catering to modern enterprise needs. These tools integrate cutting-edge technologies to enhance connectivity, security, and efficiency within various environments.

The Black Box ET1000A is primarily a high-performance Ethernet over Twisted Pair (EoTP) solution. It enables users to extend Ethernet signals over long distances using existing twisted-pair cabling without sacrificing speed or reliability. With support for speeds up to 100 Mbps, this device is ideal for organizations looking to upgrade their existing infrastructure without extensive rewiring. Key features include plug-and-play installation, which simplifies deployment, and versatile compatibility with both legacy and modern ethernet networks.

The ET0010A model takes connectivity a step further by providing seamless integration with fiber optics. This device supports transmission distances that far exceed traditional copper solutions, making it a perfect fit for larger facilities or multi-building campuses. Its built-in Ethernet switch enhances network efficiency by providing multiple ports for device connectivity, thus facilitating greater data flow.

EncrypTight technology is a notable feature across these Black Box models, offering advanced encryption capabilities to safeguard sensitive data during transmission. With military-grade encryption protocols, EncrypTight ensures that corporate information remains secure from potential eavesdroppers. This technology is essential for businesses operating in regulated industries or that handle confidential customer information.

The ET0100A model combines intelligence with monitoring features to provide users with comprehensive network insights. It boasts built-in diagnostic tools that enable IT professionals to troubleshoot issues quickly and efficiently. Additionally, it features real-time performance monitoring, allowing users to analyze bandwidth usage and optimize network performance accordingly.

In conclusion, the Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are powerful tools that embody the latest in data transmission and network management technologies. With their unique features—including extended connectivity capabilities, robust encryption technologies, and real-time monitoring solutions—these devices cater to the growing demands of businesses seeking to enhance their network infrastructure while ensuring robust security and efficiency. Integrating these tools into any organization’s operations can fundamentally improve both performance and data protection, making them indispensable in today’s digital landscape.
Top Page Image Contents