Black Box ET0010A User Manual
Installation and Configuration
42
EncrypTight User Guide
Securing the Management Interface
EncrypTight provides the methods listed in
for encrypted and unencrypted communications
between the management PC and the appliance’s management port.
Consider the following items before choosing a method for securing management communications:
●
HTTP is unavailable on ETEP appliances. If you disable TLS, ETEMS will be unable to communicate
with ETEP appliances.
with ETEP appliances.
●
You can enable IPSec on ETEPs with software version 1.6 or newer to establish secure
communications to specific hosts.
communications to specific hosts.
Enabling the Microsoft FTP Server
EncrypTight uses FTP server software running on the management station to perform software upgrades
on appliances and to extract appliance log files for viewing in ETEMS. This version of EncrypTight has
been qualified with the Microsoft FTP server, which is included with the Windows XP operating system.
on appliances and to extract appliance log files for viewing in ETEMS. This version of EncrypTight has
been qualified with the Microsoft FTP server, which is included with the Windows XP operating system.
If you choose to use an SFTP server, refer to the documentation for your server software to learn about
configuration options.
configuration options.
The following procedures describe how to enable the Microsoft FTP server and set up a new user. Prior
to performing these tasks, check with your Windows administrator for information and restrictions
specific to your organization’s network.
to performing these tasks, check with your Windows administrator for information and restrictions
specific to your organization’s network.
To enable the Microsoft FTP Server service:
1 In the Control Panel, click Add or Remove Programs.
2 Click Add/Remove Windows Components.
3 Select Internet Information Services (IIS).
4 Click Details.
5 Select File Transfer Protocol (FTP) Service, and then click OK.
6 Click Next to start the Windows Component Wizard.
1 In the Control Panel, click Add or Remove Programs.
2 Click Add/Remove Windows Components.
3 Select Internet Information Services (IIS).
4 Click Details.
5 Select File Transfer Protocol (FTP) Service, and then click OK.
6 Click Next to start the Windows Component Wizard.
To create a user on the management station for the FTP client to access:
1 In Windows Explorer, right-click My Computer and select Manage.
2 Expand Local Users and Groups.
3 Select Users and right-click.
4 Select New User to define the user name and password.
1 In Windows Explorer, right-click My Computer and select Manage.
2 Expand Local Users and Groups.
3 Select Users and right-click.
4 Select New User to define the user name and password.
Table 7
ETEMS communications options
Option
Description
TLS
TLS (HTTPS) is used to encrypt communications between ETEMS and the appliance.
TLS is enabled by default in EncrypTight. No additional software or configuration is
required.
SSH
Provides secure remote access to the appliance CLI from the management PC. Available
on ETEP appliances. An SSH client is included with EncrypTight. No additional
configuration is required.