Black Box ET1000A ユーザーズマニュアル
Adding Layer 3 IP Policies
EncrypTight User Guide
191
Adding Layer 3 IP Policies
An IP policy can be created for hub and spoke, mesh, multicast, and point-to-point networks.
●
●
●
●
Adding a Hub and Spoke Policy
In a hub and spoke network, all transmissions either originate from a hub network and are received by a
spoke network or originate from one of the spoke networks and are received by the hub network.
spoke network or originate from one of the spoke networks and are received by the hub network.
Figure 72
Secured hub and spoke example
●
PEP A encrypts data traffic from network A that goes to Networks B or C. PEP A also decrypts data
that originates from Network B and C.
that originates from Network B and C.
●
PEP B encrypts data from network B that goes to network A and decrypts data that comes from
network A.
network A.
●
PEP C encrypts data from network C that goes to network A and decrypts data that comes from
network A.
network A.
●
PEP B and PEP C have no security associations to allow for decryption of traffic originating from
each other.
each other.
When you create a policy for a hub and spoke network, you must select at least one hub network set and
one spoke network set.
one spoke network set.