Black Box EncrypTight Enforcement Point (ETEP) Installation Guide Manual De Usuario
Features
ETEP Installation Guide
19
Features
ETEPs share many of the same features and capabilities across hardware models, as shown in
.
Hardware differences between the ETEP models are summarized in
.
The ETEP features are summarized in
Table 4
ETEP Hardware Comparison
Model
Form
Factor
Data Port
Speed
Data Port
Interface
Mgmt Port
Interface
Auxiliary
port
Dual
Power
Supplies
ET0010A
1u rack-
mount
(2) 3–50
Mbps
RJ-45
RJ-45
Yes
No
ET0100A
1u rack-
mount
(2) 100–
250 Mbps
RJ-45
RJ-45
No
No
ET1000A
1u rack-
mount
(2) 500–
1000 Mbps
SFP
RJ-45 and
SFP
Yes
Yes
Table 5
ETEP Feature Summary
Category
Feature
Throughput
• ET0010A: Supports encrypted throughput rates of 3, 6, 10, 25
and 50 Mbps
• ET0100A: Supports encrypted throughput rates of 100, 155, and
250 Mbps
• ET1000A: Supports encrypted throughput rates of 500, 650, and
1000 Mbps
Encryption Support
• Advanced Encryption Standard (AES): FIPS 197 (256 bit keys)
• 3DES: ANSI X9.52 (168 bit keys), standard CBC mode
• User-configurable for Layer 2 Ethernet or Layer 3 IP encryption,
• 3DES: ANSI X9.52 (168 bit keys), standard CBC mode
• User-configurable for Layer 2 Ethernet or Layer 3 IP encryption,
with option to encrypt only the Layer 4 payload
Authentication Methods
• X.509 v3 digital certificates (management interface)
• HMAC-SHA-1-96
• HMAC-MD5-96
• HMAC-SHA-1-96
• HMAC-MD5-96
Encapsulation Modes
• Layer 2: Ethernet payload encryption
• Layer 3: IPSec Tunnel mode with original IP header preservation
• IPSec Transport mode for Layer 4 payload encryption option
• Layer 3: IPSec Tunnel mode with original IP header preservation
• IPSec Transport mode for Layer 4 payload encryption option
Device Management
• EncrypTight software for device and policy management
• Out-of-band management
• Alarm condition detection and reporting
• Syslog support
• SNMPv2c and SNMPv3 managed object support
• Audit logging
• Management access using X.509 v3 digital certificates
• Security options include TLS, SSH, IKE/IPsec
• Out-of-band management
• Alarm condition detection and reporting
• Syslog support
• SNMPv2c and SNMPv3 managed object support
• Audit logging
• Management access using X.509 v3 digital certificates
• Security options include TLS, SSH, IKE/IPsec