Black Box ET0010A User Manual
EncrypTight User Guide
17
1
EncrypTight Overview
EncrypTight™ Policy and Key Manager is an innovative approach to network-wide encryption.
EncrypTight acts as a transparent overlay that integrates easily into any existing network architecture,
providing encryption rules and keys to EncrypTight encryption appliances.
EncrypTight consists of a suite of tools that perform various tasks of appliance and policy management:
EncrypTight acts as a transparent overlay that integrates easily into any existing network architecture,
providing encryption rules and keys to EncrypTight encryption appliances.
EncrypTight consists of a suite of tools that perform various tasks of appliance and policy management:
●
EncrypTight Element Management System (ETEMS) is the network management component of the
EncrypTight software. Use ETEMS to configure and manage your encryption appliances.
EncrypTight software. Use ETEMS to configure and manage your encryption appliances.
●
EncrypTight Policy Manager (ETPM) is the policy generation and management tool. Use ETPM to
create polices for hub and spoke, mesh, point-to-point, and multicast networks that require common
keys to secure traffic between multiple nodes.
create polices for hub and spoke, mesh, point-to-point, and multicast networks that require common
keys to secure traffic between multiple nodes.
●
EncrypTight Key Management System (ETKMS) is the key generation and distribution tool that is
used with ETPM-generated policies. ETKMS can be run on a local machine for small deployments or
on a dedicated server for larger scale networks.
used with ETPM-generated policies. ETKMS can be run on a local machine for small deployments or
on a dedicated server for larger scale networks.
●
EncrypTight Enforcement Points (ETEPs) are the encryption appliances that enforce the security
policies. EncrypTight appliances are also referred to as PEPs.
policies. EncrypTight appliances are also referred to as PEPs.
The type of policies that you create, and the tools that you use to create them, are dependent on your
network topology. EncrypTight supports two types of policies for the following topologies:
network topology. EncrypTight supports two types of policies for the following topologies:
●
Distributed key policies are appropriate for securing a variety of networks, including mesh, hub and
spoke, point-to-point (Layer 3/4 only), and multicast networks.
spoke, point-to-point (Layer 3/4 only), and multicast networks.
●
Negotiated policies are appropriate in Layer 2 point-to-point networks where keys are negotiated with
a peer rather than distributed from a central key server.
a peer rather than distributed from a central key server.
This section includes the following topics:
Distributed Key Topologies
EncrypTight centralizes the creation and distribution of encryption keys and policies. It separates the
functions of policy management, key generation and distribution, and policy enforcement. By doing so,
functions of policy management, key generation and distribution, and policy enforcement. By doing so,