Configuring EncrypTight User Authentication

Managing EncrypTight Users

Table 14	EncrypTight account types and privileges

Task		Administrator	User
Enable user ID/password authentication		Yes	No
Set password expiration period		Yes	No
Create EncrypTight users		Yes	No
Modify EncrypTight user names and passwords		Yes	No
Delete EncrypTight users		Yes	No
Change own password		Yes	Yes
Configure appliances and policies		Yes	Yes
View logs and performance statistics		Yes	Yes

NOTE

If EncrypTight is managing ETEP 1.4 and later appliances, we recommend creating a user account in EncrypTight that matches the user name and password that you plan to use on the ETEP appliances. See “How EncrypTight Users Work with ETEP Users” on page 67 for more information.

Configuring EncrypTight User Authentication

The EncrypTight administrator can set the following authentication preferences for EncrypTight users:

●User ID and password authentication

●Password expiration period

●Login session inactivity timer

●Common Access Card authentication

●US government login banner displayed upon application startup

62	EncrypTight User Guide

Page 61

Image 61

Black Box ET0010A, ET1000A, ET0100A Configuring EncrypTight User Authentication, EncrypTight account types and privileges

EncrypTight, ET0100A, ET0010A, ET1000A specifications

The Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are advanced solutions designed for secure data transmission and network management, catering to modern enterprise needs. These tools integrate cutting-edge technologies to enhance connectivity, security, and efficiency within various environments.

The Black Box ET1000A is primarily a high-performance Ethernet over Twisted Pair (EoTP) solution. It enables users to extend Ethernet signals over long distances using existing twisted-pair cabling without sacrificing speed or reliability. With support for speeds up to 100 Mbps, this device is ideal for organizations looking to upgrade their existing infrastructure without extensive rewiring. Key features include plug-and-play installation, which simplifies deployment, and versatile compatibility with both legacy and modern ethernet networks.

The ET0010A model takes connectivity a step further by providing seamless integration with fiber optics. This device supports transmission distances that far exceed traditional copper solutions, making it a perfect fit for larger facilities or multi-building campuses. Its built-in Ethernet switch enhances network efficiency by providing multiple ports for device connectivity, thus facilitating greater data flow.

EncrypTight technology is a notable feature across these Black Box models, offering advanced encryption capabilities to safeguard sensitive data during transmission. With military-grade encryption protocols, EncrypTight ensures that corporate information remains secure from potential eavesdroppers. This technology is essential for businesses operating in regulated industries or that handle confidential customer information.

The ET0100A model combines intelligence with monitoring features to provide users with comprehensive network insights. It boasts built-in diagnostic tools that enable IT professionals to troubleshoot issues quickly and efficiently. Additionally, it features real-time performance monitoring, allowing users to analyze bandwidth usage and optimize network performance accordingly.

In conclusion, the Black Box ET1000A, ET0010A, EncrypTight, and ET0100A are powerful tools that embody the latest in data transmission and network management technologies. With their unique features—including extended connectivity capabilities, robust encryption technologies, and real-time monitoring solutions—these devices cater to the growing demands of businesses seeking to enhance their network infrastructure while ensuring robust security and efficiency. Integrating these tools into any organization’s operations can fundamentally improve both performance and data protection, making them indispensable in today’s digital landscape.

Contents

EncrypTight User Guide Table of Contents Managing EncrypTight Users Provisioning Appliances Getting Started with Etems Managing Appliances 117 Managing IP Networks Managing Key Management SystemsManaging Network Sets Creating Vlan ID Ranges for Layer 2 Networks Policy Design Examples 211 Modifying the Etkms Properties File Using Enhanced Security Features Etep Configuration 299 302 Index 343 About This Document Preface Contacting Black Box Technical Support Part I EncrypTight Installation and Maintenance EncrypTight User Guide Distributed Key Topologies EncrypTight Overview Topology Description Network topologiesLayer 3 IP topologies Layer 2 Ethernet topologies Related topics EncrypTight Elements Policy Manager EncrypTight Element Management SystemKey Management System Single Etkms for multiple sites Policy Enforcement Point Shared keys Point-to-Point Negotiated Topology Layer 2 Point-to-Point Deployment Security within EncrypTight Secure Key Storage within the Etkms Secure Communications Between Devices EncrypTight Component Connections EncrypTight Deployment Planning Etpm to Etkms Connections Management Station Connections Etpm and Etkms on Different Subnetworks Etpm and Etkms on the Same SubnetworkEtpm and Etkms in Layer 3 IP Policies Out-of-band Etkms management in an Ethernet network External Etkms to Etkms Connections Connections for Backup ETKMSs Etkms to Etkms Connections in Ethernet Networks Connecting Multiple ETKMSs in an IP Network Etkms to PEP Connections in IP Networks Etkms to PEP Connections In-line Etkms to PEP communications in IP networks Etkms to PEP Connections in Ethernet Networks IPv6 Address Support Network Clock Synchronization IPv6 address representations Certificate SupportAddress Format Address Representation Network Addressing Options Network Addressing for IP NetworksAddressing Method Description Related topics Before You Start Installation and Configuration Software Requirements Hardware RequirementsEncrypTight management station requirements Third party management station software Installing EncrypTight Software for the First Time EncrypTight Software InstallationTo install the EncrypTight software Firewall Ports To uninstall EncrypTight Uninstalling EncrypTight SoftwareUpgrading to a New Version of EncrypTight Starting EncrypTight Exiting EncrypTight Management Station ConfigurationTo start Etems Related topic Securing the Management Interface To enable the Microsoft FTP Server serviceEnabling the Microsoft FTP Server Etems communications options Configuring ETKMSs Installing ETKMSsConfiguring the Syslog Server Etkms server connections About Local ETKMSs Basic Configuration for Local ETKMSsAdding a Local Etkms Starting the Local Etkms Automatically Launching and Stopping a Local EtkmsTo add a local Etkms To launch a local Etkms Prior to configuring the batch file do the following Configuring External ETKMSsTo configure the batch file Maintaining the start.bat file To change the admin password Changing the Admin PasswordLogging Into the Etkms To log into the Etkms To change the root password Changing the Root Password To configure the network connection and hostname Configure the Network ConnectionStatic IP Netmask Default Gateway IP address IPv4 To set the hostname and IPv6 default gateway address To configure the network interfaceTo set the default DNS server and configure the hosts file IPv6 To set up time synchronization Configure Time and Date PropertiesTo set the time zone To restart the NTP daemon Ntpq -p command outputTo check the time source connection status Field Description Check the Status of the Hardware Security Module Starting and Stopping the Etkms Service To check the status of the Etkms service Configuring Syslog Reporting on the ETKMSsTo configure syslog reporting on a Etkms Checking the Status of the Etkms Policy Enforcement Point Configuration Passwords to change Default User Accounts and PasswordsManaging Licenses Etep Throughput Speeds To install a license on the Etep Installing LicensesTo enter EncrypTight licenses Choose Tools Put License Upgrading Licenses Next StepsUpgrading the EncrypTight License Upgrading Etep Licenses Next Steps Installation and Configuration EncrypTight User Guide Working with EncrypTight User Accounts Managing EncrypTight Users Task Administrator User Configuring EncrypTight User AuthenticationEncrypTight account types and privileges Login Session Inactivity Timer Password Authentication and ExpirationCommon Access Card Authentication DoD Login Banner EncrypTight user name and password conventions Login preferences default settingsPreference Setting Parameter User Name Password To change a password Changing an EncrypTight User PasswordTo add an EncrypTight user account To modify an EncrypTight user account Example 2 Setting up new EncrypTight and Etep users Example 1 Default EncrypTight user and default Etep userHow EncrypTight Users Work with Etep Users Relationship between EncrypTight users and Etep users Example 3 Adding a new Etep user to EncrypTight Working with the EncrypTight Workspace Maintenance TasksAbout the EncrypTight Workspace To save a workspace to a new location Saving a Workspace to a New LocationOn the File menu, click Save Workspace To To load an existing workspace Loading an Existing Workspace Deleting a Workspace Moving a Workspace to a New PCTo move a workspace to a new PC To delete a workspace Schedule the Upgrade Installing Software Updates Prepare Etpm Status and Renew Keys Upgrade the EncrypTight SoftwareVerify Etkms Status and Deploy Policies To deploy policies Upgrade PEP Software On the Tools menu, click Upgrade Software To upgrade software on the PEPsFTP server site information for appliance software upgrades Change the PEP Software Version and Check Status Click Edit Multiple Configurations Software VersionTo change the software version of the PEPs To check the status of the PEPs Upgrading External ETKMSs Return Status Refresh and Key Renewal to Original SettingsTo stop and remove the current Etkms software To configure the new Etkms software To install the new Etkms softwareTo mount the Cdrom drive To start the Etkms software Maintenance Tasks EncrypTight User Guide Etems Part II Working with Appliances using EncrypTight User Guide Getting Started with Etems Defining Appliance ConfigurationsEtems Quick Tour Interface configuration for a new ET1000A appliance Pushing Configurations to Appliances Upgrading Appliance Software Comparing Configurations Maintenance and Troubleshooting Policy and Certificate Support Understanding the Etems Workbench Editors Appliance Manager perspective Views Perspectives ToolbarsTo open a perspective Etems toolbar Appliance Manager toolbar Status IndicatorsCertificate Manager toolbar Status Indicator Description Appliance status indicatorsUnderstanding Roles EncrypTight User Types Modifying Communication Preferences Function Administrator OpsAppliance roles for ETEPs To change communication preferences General communication preferences Strict authentication communication preferencesPreference Description Enable Certificate Ignore CRL accessCRL File Location Policy Extensions Provisioning Basics Provisioning Appliances New Appliance editor for the ET1000A To add a new appliance Adding a New Appliance Saving appliance configurations Saving an Appliance ConfigurationTo push Etems configurations to appliances On the Tools menu, click Put Configurations Viewing Appliance Status Put configuration statusResult Description Appliances view To configure automatic status checking Etems To apply a filter to the appliances in the Appliances view Filtering Appliances Based on Address To reboot appliances Rebooting AppliancesAppliance User Management Etep User Roles Default user names and passwords on the Etep Configuring the Password Enforcement PolicyRole Default user name Default password Appliance roles for ETEPs v 1.4 and later Strong Password Policy Conventions Default Password Policy ConventionsUser Name Conventions Upgrading Software Removing ETEPs From Service Adding Etep Users Managing Appliance UsersTo add a user to the Etep On the Tools menu, click Appliance User Add User Default password Strong password Parameter Policy Password policy values Deleting Etep Users Modifying Etep User CredentialsTo modify Etep user credentials On the Tools menu, click Appliance User Modify User To delete a user from the Etep Viewing Etep UsersOn the Tools menu, click Appliance User Delete User Customizing the Default Configuration Working with Default ConfigurationsTo customize the default configuration On the Edit menu, click Default Configuration To return the default values to factory settings Restoring the Etems Default ConfigurationsOn the Edit menu, click Default Configurations Provisioning Large Numbers of Appliances Importing Configurations from a CSV File Creating a Configuration Template Attribute Description To import appliance configurations to Etems Remote and local keywords and attributes Importing Remote and Local Interface Addresses Changing Configuration Import Preferences Checking the Time on New Appliances Shutting Down AppliancesShutdown operational codes To shut down the Etep Managing Appliances Editing Configurations Changing the Address on the Appliance Changing the Management IP AddressTo change the management IP address on the appliance Change Management IP window Related topics Changing the Address in Etems Operation failed message in response to management IP change Changing the Date and Time Changing Settings on Multiple Appliances Changing Settings on a Single ApplianceTo edit the configuration of a single appliance To change the date and time Deleting Appliances To update an appliance setting on multiple appliances Connecting to the Command Line Interface Connecting Directly to an ApplianceUpgrading Appliance Software To delete appliances 124 EncrypTight User Guide To upgrade software 126 EncrypTight User Guide Canceling an Upgrade Restoring the Backup File SystemWhat to do if an Upgrade is Interrupted Checking Upgrade Status To restore the appliance file system from a backup copy Part III Using Etpm to Create Distributed Key Policies 130 EncrypTight User Guide Opening Etpm Getting Started with EtpmAbout the Etpm User Interface To open Etpm Etpm perspective Component Chapter EncrypTight Components View Editors Status indicators Etpm Status IndicatorsPolicy View To edit an element from the policy view Sorting and Using Drag and Drop Etpm Toolbar To enable or disable automatic status checkingEtpm Status Refresh Interval Etpm toolbar IP Policies About Etpm PoliciesEthernet Policies Policy generation and distribution Policy Generation and Distribution Key generation with one Etkms Key generation with multiple ETKMSs Creating a Policy An Overview Network B Network aNetwork Set a Network Set B To create a policy 144 EncrypTight User Guide EncrypTight User Guide 145 146 EncrypTight User Guide Provisioning PEPs Managing Policy Enforcement Points Configuration Description EncrypTight PEP configurationAdding a New PEP in Etems On the Advanced tab, select Enable Sntp Client On the Features tab, select Enable passing TLS traffic To add a new PEP using Etpm Adding a New PEP Using EtpmAdding Large Numbers of PEPs To push Etems configurations to PEPs Pushing the ConfigurationTo edit a PEP’s configuration Editing PEPs Select Edit Multiple Configurations Sntp Client To change the NTP settings for multiple PEPsEditing Multiple PEPs Editing PEPs From Etpm Changing the IP Address of a PEP Deleting PEPsChanging the PEP from Layer 3 to Layer 2 Encryption To change the IP address of a PEP To delete PEPs Etkms connections Managing Key Management Systems To add an Etkms Adding ETKMSs Deleting ETKMSs Editing ETKMSsEtkms entries To edit an existing Etkms To delete an existing Etkms Adding Networks Managing IP Networks Network entries To add a networkNetwork IP Address Network Mask Grouping Networks into Supernets Advanced Uses for Networks in Policies Using Non-contiguous Network Masks IP Address Network Mask Networks definitions Deleting Networks Editing NetworksTo edit an existing network To delete a network Managing IP Networks 166 EncrypTight User Guide Network Sets Managing Network Sets IP address Mask 40.32.21.0 255.255.255.0 Types of Network SetsIP address Mask 40.55.11.0 255.255.255.0 IP address Mask Network set for a collection of networks To add a Network Set Adding a Network SetNetwork Set fields System Key ManagementNetwork Addressing Mode Network Set editor Importing Networks and Network Sets Networks and network sets import document format in Excel Deleting a Network Set Editing a Network SetTo import networks and network sets into Etpm To edit a Network Set To delete an existing network set Managing Network Sets 176 EncrypTight User Guide Adding a Vlan ID Range Creating Vlan ID Ranges for Layer 2 NetworksTo add a new Vlan ID Range Lower Vlan ID Vlan ID range entriesUpper Vlan ID Deleting a Vlan ID Range Editing a Vlan ID RangeTo edit a Vlan ID range To delete an existing Vlan ID range 180 EncrypTight User Guide Policy Concepts Creating Distributed Key Policies Schedule for Renewing Keys and Refreshing Policy Lifetime Policy Priority Encapsulation Policy Types and Encryption MethodsLayer 2 Ethernet payload encryption Aria Encryption Encryption and Authentication AlgorithmsTo use Aria in an encryption policy, do the following Using Encrypt All Policies with Exceptions Addressing ModeKey Generation and ETKMSs Encrypt all policy with exceptions Policy Size and Etep Operational LimitsPolicy Policy Type Priority Action Protocol Covered Minimizing Policy Size To add a new Layer 2 mesh policy Adding Layer 2 Ethernet Policies Layer 2 Mesh policy entries Layer 2 Mesh policy editor Adding a Hub and Spoke Policy Adding Layer 3 IP Policies Hub and spoke policy entries To add a new hub and spoke policy Addressing IPSecMinimize Policy Size Hub and spoke policy editor To add a new mesh policy Adding a Mesh Policy Mesh policy entries Specifies a method for reducing the policy size Mesh policy editor Multicast network example Adding a Multicast Policy Multicast policy entries To add a multicast policy Network Multicast Multicast policy editor To add a point-to-point policy Adding a Point-to-point Policy Point-to-point policy entries Network Set Point aPoint a Ports Point B Point-to-point policy editor Adding Layer 4 Policies Verifying Policy Rules Before Deployment Policy DeploymentTo create a new Layer 4 policy To enable or disable the deployment warning Setting Deployment Confirmation PreferencesDeploying Policies To verify policies Deleting Policies Editing a PolicyTo edit an existing policy Editing policies To delete all policies To delete an existing policySelect Tools Clear Policies Basic Layer 2 Point-to-Point Policy Example Policy Design Examples Setting PEP Layer 2 Ethernet Policy Using Vlan IDsPoint-to-point Layer 2 encryption policy Policy 3 Discard All Other Policy 2 Partner and Partner Portal Server Encrypt Traffic Between Regional Centers Complex Layer 3 Policy Example Network sets for mesh policy Encrypt Traffic Between Regional Centers and BranchesEncrypt all mesh policy Region a hub and spoke policy Network sets for the hub and spoke policies Region C hub and spoke policy Region B hub and spoke policyRegion D hub and spoke policy Field Pass protocol 88 in the clear mesh policy Passing Routing Protocols EncrypTight User Guide 219 Policy Design Examples 220 EncrypTight User Guide Part IV Troubleshooting 222 EncrypTight User Guide Possible Problems and Solutions Etems Troubleshooting Config to Appliance Symptom Explanation and possible solutionsAppliance Unreachable Preferences Disable-trusted-hosts CLI command Appliance Configuration Appliance Tools Reboot Pushing ConfigurationsCompare Config to Appliance . Do one of the following About upgrades show system-log and show upgrade Status Software UpgradesPinging the Management Port To ping the management port Retrieving Appliance Log Files Tools preferences To change the default ping tool On the Tools menu, click Retrieve Appliance Logs To retrieve log files from an applianceFTP server site information for log retrieval Viewing Statistics Viewing Diagnostic Data Statistic Description Etep Statistics Exporting SAD and SPD Files Viewing Port and Discard Status To access the appliance CLI CLI Diagnostic Commands Viewing the Application Log from within EncrypTight Working with the Application LogTo view the log information Sending Application Log Events to a Syslog Server Setting Log FiltersExporting the Application Log Log File Actions Other Application Log ActionsIcon Description Learning About Problems Etpm and Etkms TroubleshootingMonitoring Status Etpm status problems and solutions Symptoms and Solutions Etep PEPs, see the EncrypTight User Guide Policy Errors Renew Key Errors Status Errors Etpm Log Files Viewing Log FilesEtkms Log Files Linux Commands Etkms Troubleshooting ToolsCommand Description Etkms Server Operation Resetting the Admin Password PEP Troubleshooting ToolsOptimizing Time Synchronization Shutting Down or Restarting an External Etkms Statistics To disable the Sntp client on multiple PEPsEtep PEP Policy and Key Information To view statistics Replacing Licensed ETEPs Troubleshooting PoliciesChecking Traffic and Encryption Statistics To export SAD or SPD files from Etep PEPs Placing PEPs in Bypass Mode Solving Policy ProblemsViewing Policies on a PEP Expired Policies Allowing Local Site Exceptions to Distributed Key Policies Cannot Add a Network Set to a Policy Solving Network Connectivity Problems Modifying EncrypTight Timing Parameters Certificate Implementation ErrorsCannot Communicate with PEP Invalid Certificate Error Etkms Boot ErrorInvalid Parameter in Function Call Enter strict-client-authentication disable To disable strict authentication on ETEPs Etpm and Etkms Troubleshooting 252 EncrypTight User Guide Part V Reference 254 EncrypTight User Guide About the Etkms Properties File Modifying the Etkms Properties File Digital Certificate Configuration Hardware Security Module ConfigurationLogging Setup Peer Etkms and Etpm Communications Timing Base Directory for Storing Operational State Data PEP Communications Timing Policy Refresh Timing PEP Communications Timing Page About Enhanced Security Features Using Enhanced Security Features About Strict Authentication How to Reference Prerequisites for Using Certificates with EncrypTightPrerequisites Order of Operations Certificate Information Setting DescriptionDistinguished name information Usage, you type this string as follows Using Certificates in an EncrypTight System Changing the EncrypTight Keystore Password Changing the Keystore PasswordChanging the Etkms Keystore Password To change the EncrypTight keystore password Changing the Keystore Password on a Etkms Changing the Password Used in the Etkms Properties File Changing the Keystore Password on a Etkms with an HSMTo change the password listed in the Etkms properties file Restart the Etkms Service To start the Etkms service To configure the certificate policies extension for ETEPs Configuring the Certificate Policies ExtensionClick Enable Policy Extensions Click Enable Certificate Policy Extensions To configure certificate policy extensions for ETKMSsEtkms Certificate Policies Entries Parameter Description EncrypTight User Guide 271 Generating a Key Pair Working with Certificates for EncrypTight and the ETKMSs Requesting a Certificate Keytool genkeypair CommandTo generate a key pair To create the certificate request Importing a CA Certificate To install a CA certificateImporting a CA Certificate Reply Keytool Parameters for Importing a CA Certificate Working with Certificates and an HSM Configuring the HSM for KeytoolExporting a Certificate Generating a Key Pair for use with the HSM Importing CA Certificates into the HSM Generating a Certificate Signing Request for the HSM Working with Certificates for the ETEPsImporting Signed Certificates into the HSM To start the Certificate Manager do one of the following Understanding the Certificate Manager Perspective Working with External Certificates Certificate Manager WorkflowObtaining External Certificates To install an external certificate Installing an External CertificateTo obtain a CA certificate from a CA Requesting a Certificate Working with Certificate Requests 282 EncrypTight User Guide Viewing a Pending Certificate Request Installing a Signed CertificateCertificate usage To view a pending certificate signing request Setting Certificate Request Preferences Canceling a Pending Certificate RequestTo cancel a pending certificate request To set certificate request preferences Certificate request preference fields Managing Installed Certificates Viewing a Certificate To export an installed certificateExporting a Certificate Validating Certificates Validating Certificates Using CRLsDeleting a Certificate To delete an external certificate Configuring CRL Usage on ETEPs Configuring CRL Usage in EncrypTight and the ETKMSsTo use CRLs with the EncrypTight software To use CRLs with the Etkms To install a CRL on the Etep Validating Certificates Using OcspHandling Revocation Check Failures To view CRLs Click Enable Online Certificate Status Protocol Ocsp To set up Ocsp in EncrypTightEncrypTight Ocsp Options Options Description To set up Ocsp on the ETEPs To set up Ocsp in the EtkmsClick Enable Ocsp Ocsp Settings To enable strict authentication in the EncrypTight software Enabling and Disabling Strict AuthenticationTo enable strict authentication on the Etkms To enable strict authentication on PEPs Clear the Enable Strict Client Authentication box To disable strict authenticationTo disable strict authentication from the command line Removing Certificates To remove certificates Using a Common Access CardSelect Tools Clear Certificates Enabling Common Access Card Authentication Configuring User Accounts for Use With Common Access CardsTo add common names to the Etkms Click XML-RPC Certificate Authentication To enable CAC Authentication on the EtepTo enable CAC Authentication on the Etkms To enable CAC Authentication in EncrypTight Handling Common Name Lookup Failures To specify how to handle common name failures Using Enhanced Security Features 298 EncrypTight User Guide Etep Configuration Product Family and Software Version Identifying an ApplianceAppliance Name To configure appliance interfaces Interface ConfigurationThroughput Speed Management Port Addressing ET0100A interfaces configuration Related topics IPv4 management port addressing IPv4 Addressing IPv6 management port addressing IPv6 Addressing Link speeds on the management port Auto-negotiation All Ports Transparent Mode Remote and Local Port SettingsLink speeds on the local and remote ports Policy Type Mode of operation When to use transparent modeLocal and Remote Port IP Addresses Default Gateway Transmitter EnableIP Address and Subnet Mask Dhcp Relay IP Address Transmitter Enable settings on the Etep Ignore DF Bit settings Reassembly ModeReassembly mode settings Ignore DF Bit Trusted host list Trusted Hosts To add a trusted host Inbound trusted host protocols used by EncrypTightProtocol Outbound host Appliance Editor Tab System Information Snmp Configuration Snmp system information Community StringsTo define a community name Under Community Strings, click Add Traps reported on the Etep TrapsTrap Description SNMPv2 Trap Hosts To configure a trap hostSNMPv3 SNMPv3 Configuration Related topics Retrieving and Exporting Engine IDs Generating the Engine IDTo retrieve engine IDs Viewing SNMPv3 Engine IDs Related topics Configuring the SNMPv3 Trap Host Users SNMPv3 trap host users SNMPv3 Trap Host configuration To configure a trap host user Etep Logging tab Logging Configuration Log facilities Log Event SettingsFacility Description Log priorities Defining Syslog ServersTo define a syslog server Under Syslog Servers, click Add Log file sizes Log File ManagementLog name File size Internals logs Log files extracted from the Etep Related topics Advanced Configuration Valid Pmtu ranges on Etep appliances Path Maximum Transmission UnitPmtu and fragmentation behavior on the Etep Packet Payload Size Layer 2 Etep Layer 3 Etep Password Strength Policy CLI Inactivity TimerNon IP traffic handling configuration Non IP Traffic Handling XML-RPC Certificate Authentication Sntp Client Settings SSH Access to the EtepTo configure the NTP client IKE Vlan Tags Ocsp Settings Features ConfigurationCertificate Policy Extensions IKE Vlan Tags Enabling Fips Mode Fips ModeFips approved encryption and authentication algorithms Encryption algorithms Authentication algorithms Disabling Fips Policy Type Action upon entering Fips modeVerifying Fips Status on the Etep Operational Notes EncrypTight settings EncrypTight SettingsSetting Definition Encryption policy settings Encryption Policy SettingsWorking with Policies Creating Layer 2 Point-to-Point Policies Using EncrypTight Distributed Key PoliciesTo launch Etpm from Etems Etep Policy tab Using Group IDs Using Preshared Keys for IKE AuthenticationSelecting a Role How the Etep Encrypts and Authenticates Traffic Selecting the Traffic Handling ModeIKE Phase 2 Parameters Parameter Value Interfaces defaults Factory DefaultsInterfaces Default Setting Interfaces Snmp defaults Trusted hosts defaultsTrusted Hosts Policy LoggingAdvanced Hard-coded Settings FeaturesFeatures defaults Features Default Setting Numerics Index Index EncrypTight User Guide 345 Etpm See also HSM Https TLS 348 EncrypTight User Guide EncrypTight User Guide 349 350 EncrypTight User Guide See also TLS trap configuration 352 EncrypTight User Guide Black Box Tech Support FREE! Live /7

Black Box ET0010A, ET1000A Configuring EncrypTight User Authentication, Task Administrator User

Models: EncrypTight ET0100A ET0010A ET1000A

EncrypTight account types and privileges

Task

Administrator

User

Related topics:

Configuring EncrypTight User Authentication

EncrypTight User Guide

EncrypTight, ET0100A, ET0010A, ET1000A specifications