ETEP Configuration

Performs a software integrity test

Clears pre-existing polices and keys, as described in Table 104.

Generates a new self-signed certificate on the management interface

Removes all externally signed certificates

Resets passwords to the factory defaults

Closes remote SSH client sessions

Table 104 Effects of clearing policies and keys when entering FIPS mode

Policy Type

Action upon entering FIPS mode

Distributed key policies

Traffic passes in the clear until new encryption policies are

 

created and deployed to the ETEP.

Point-to-point Layer 2 policies

Keys are automatically renegotiated. Traffic is discarded in the

 

interim.

Management port policies

Keys are automatically renegotiated. Traffic is discarded in the

 

interim.

 

 

Operational Notes

Entering FIPS mode may cause some delays when communicating with the ETEP.

When the ETEP is rebooted with FIPS mode enabled, the ETEP does not become operational until

30-60 seconds after the login prompt is displayed. In the interim, attempts to communicate with the ETEP from ETEMS or the CLI result in error messages (attempting to access a locked shared resource or failure to create input stream). If you receive an error message, wait several seconds and retry.

The Ethernet management interface uses FIPS-approved cipher and authentication algorithms for SSL and SSH connections. When operating in FIPS mode, it can take 30-60 seconds to establish an SSH session.

If you used SSH to manage the ETEP prior to entering FIPS mode, you may not be able to establish an SSH session after FIPS is enabled. To correct this, clear the known host entry for your SSH client and retry.

Disabling FIPS

The ETEP performs the following actions when exiting FIPS mode:

Existing policies continue to run until they are replaced or deleted.

SSH is reset when FIPS is disabled, terminating the current session.

Verifying FIPS Status on the ETEP

You can verify that FIPS is enabled on the ETEP in the following two ways:

In ETEMS, compare the ETEMS and ETEP configurations (Tools > Compare Config to Appliance).

Log in to the CLI and issue one of the following commands: show running-configor show fips- mode.

Related topics:

“Connecting Directly to an Appliance” on page 123

332

EncrypTight User Guide

Page 330 Page 332
Page 331
Image 331
Black Box ET0100A, ET1000A, ET0010A, EncrypTight manual Disabling Fips, Verifying Fips Status on the Etep, Operational Notes
Page 330 Page 332

EncrypTight, ET0100A, ET0010A, ET1000A specifications

The Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are advanced solutions designed for secure data transmission and network management, catering to modern enterprise needs. These tools integrate cutting-edge technologies to enhance connectivity, security, and efficiency within various environments.

The Black Box ET1000A is primarily a high-performance Ethernet over Twisted Pair (EoTP) solution. It enables users to extend Ethernet signals over long distances using existing twisted-pair cabling without sacrificing speed or reliability. With support for speeds up to 100 Mbps, this device is ideal for organizations looking to upgrade their existing infrastructure without extensive rewiring. Key features include plug-and-play installation, which simplifies deployment, and versatile compatibility with both legacy and modern ethernet networks.

The ET0010A model takes connectivity a step further by providing seamless integration with fiber optics. This device supports transmission distances that far exceed traditional copper solutions, making it a perfect fit for larger facilities or multi-building campuses. Its built-in Ethernet switch enhances network efficiency by providing multiple ports for device connectivity, thus facilitating greater data flow.

EncrypTight technology is a notable feature across these Black Box models, offering advanced encryption capabilities to safeguard sensitive data during transmission. With military-grade encryption protocols, EncrypTight ensures that corporate information remains secure from potential eavesdroppers. This technology is essential for businesses operating in regulated industries or that handle confidential customer information.

The ET0100A model combines intelligence with monitoring features to provide users with comprehensive network insights. It boasts built-in diagnostic tools that enable IT professionals to troubleshoot issues quickly and efficiently. Additionally, it features real-time performance monitoring, allowing users to analyze bandwidth usage and optimize network performance accordingly.

In conclusion, the Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are powerful tools that embody the latest in data transmission and network management technologies. With their unique features—including extended connectivity capabilities, robust encryption technologies, and real-time monitoring solutions—these devices cater to the growing demands of businesses seeking to enhance their network infrastructure while ensuring robust security and efficiency. Integrating these tools into any organization’s operations can fundamentally improve both performance and data protection, making them indispensable in today’s digital landscape.
Top Page Image Contents