Black Box ET0010A User Manual

Provisioning PEPs

EncrypTight User Guide

149

●

●

●

●

●

Enable EncrypTight

On the Features tab, select Enable EncrypTight. EncrypTight is 

enabled by default on ETEP PEPs.
After you enable EncrypTight, the default behavior of all PEPs is to 

send all packets in the clear until you deploy new policies. Once 

you deploy policies, the PEPs process traffic as directed by the 

policies.

Enable passing TLS traffic in 

the clear

For all PEPs that pass TLS traffic between the ETPM and ETKMSs 

and between the ETKMSs and PEPs, enable passing TLS traffic in 

the clear. If this is not enabled, any ETPM

 

to ETKMS, or ETKMS to 

PEP

 

communications will not pass through this PEP. 

• On the Features tab, select Enable passing TLS traffic in the 

clear. This is the default setting when EncrypTight is enabled.

Encryption Policy Settings 

(ETEP only)

On the Features tab, specify whether you want the ETEP PEP to 

operate as a Layer 2 (Ethernet) PEP or a Layer 3 (IP) PEP.

Enable the SNTP client for 

time synchronization

If you enable an SNTP client on the PEP, provide a server address 

for the most reliable source that retrieves time from a stratum 3 or 

higher clock source. If the EncrypTight components are not 

synchronized with a reliable clock source and the time difference 

between components is significant, policies and keys can expire 

before they would normally be renewed. Traffic can get dropped or 

mistakenly passed in the clear.
• On the Advanced tab, select Enable SNTP Client.
• Enter the IP address of the NTP service. .

Other configuration settings

For complete information about appliance configuration, refer to 

 and the configuration chapter 

for the PEP that you are using. 

 EncrypTight PEP configuration  (continued)