EncrypTight provides a number of features that you can use to increase system security. These features
are disabled by default, but available for your use. Some of these features are specific to the operation of
the ETEPs, while others affect system-wide EncrypTight operations. Enhanced security features include:

●

FIPS mode
Federal Information Processing Standards are security standards that govern the use of computer
systems in non-military U.S. government agencies and contractors. When ETEPs operate in FIPS
mode, only specific encryption and authentication algorithms are accepted. To learn more about
ETEPs and FIPS mode, see

“FIPS Mode” on page 331

●

IPsec on the management interface
By default, communication between the management workstation and the ETEPs is secured using
SSH and TLS. You can provide additional security for EncrypTight management communications by
using IPsec policies on the management ports instead. This feature is controlled through the command
line interface for the ETEP. To learn more about creating IPsec policies for the ETEP management
ports, refer to the ETEP CLI User Guide.