Black Box EncrypTight Appliance Trim Kit User Manual


 
Installation and Configuration
44 EncrypTight User Guide
This section includes the following topics:
“Basic Configuration for Local ETKMSs” on page 44
“Configuring External ETKMSs” on page 46
“Configuring Syslog Reporting on the ETKMSs” on page 54
Basic Configuration for Local ETKMSs
The basic configuration of a local ETKMS includes assigning an IP address and launching the ETKMS
software.
This section includes the following topics:
“About Local ETKMSs” on page 44
“Adding a Local ETKMS” on page 44
“Launching and Stopping a Local ETKMS” on page 45
“Starting the Local ETKMS Automatically” on page 45
About Local ETKMSs
Local ETKMSs are intended for use with small to medium networks with no more than 10 nodes. When
you use a local ETKMS, the ETKMS software runs on the same workstation as the EncrypTight software.
Keep in mind the following information:
Although the EncrypTight application does not need to remain open, the ETKMS software needs to
run continuously in order to renew keys and refresh policies. For this reason, install the EncrypTight
software on a reliable workstation. In addition, disable the Windows standby and hibernation modes.
The local ETKMS software cannot renew keys and refresh policy lifetimes if the workstation enters
standby or hibernation mode.
It is strongly recommended that you assign a static IP address to the local ETKMS. If the local
ETKMS IP address does not match the management station IP address, an error is generated when
you attempt to launch the local ETKMS. You can use either an IPv4 address or an IPv6 address.
Local ETKMSs use the time and date settings in effect on the workstation on which the EncrypTight
software is installed. Because EncrypTight is dependant on network-wide clock synchronization, it is
strongly recommended that you set up the management workstation to synchronize with an NTP
server rather than setting the date and time manually. You should use the same time service for the
EncrypTight workstation and the PEPs.
You cannot run web server software on the same workstation as the EncrypTight software. The
ETKMS application must use port 443. When a web service is running on the workstation, an error
message appears in the ETKMS window.
To stop the Windows XP web service, click Control Panel > Administrative Tools > Internet
Information Services. Click the Web Sites folder, and stop the Default Web Site service. To stop
another web service that is running or to configure it to use a different port, see the documentation for
the web service.
Adding a Local ETKMS
You add a local ETKMS in the ETEMS Appliance Manager. The IP address must be the IP address of the
workstation on which EncrypTight is installed.