Black Box ET0010A Appliance Trim Kit User Manual

Open as PDF

of 352

Policy Deployment

EncrypTight User Guide 207

You create Layer 4 policies using ETEPs that are configured to operate as Layer 3 PEPs. Create the

networks, network sets, and policies as you would for Layer 3 IP policies. In the policy editor, select the

option to preserve the address, protocol, and port. This option encrypts only the payload data, making the

policy a Layer 4 policy.

Layer 4 IP encryption policies use AES-256 for encryption and HMAC-SHA-1 for authentication. The

ETEP PEPs do not support 3DES or HMAC-MD5 at Layer 4.

To create a new Layer 4 policy:

1 Right click anywhere in the policy view and select an IP policy type from the shortcut menu.

2 Follow the instructions for creating the type of policy you selected as discussed in “Adding Layer 3

IP Policies” on page 191.

3 From the Addressing Mode Override section of the policy editor, select Preserve address, protocol

and port (see Figure 80).

4 Save the policy.

Figure 80 Option to Encrypt the Packet Payload Only

Policy Deployment

This section includes the following topics:

● “Verifying Policy Rules Before Deployment” on page 207

● “Deploying Policies” on page 208

● “Setting Deployment Confirmation Preferences” on page 208

Verifying Policy Rules Before Deployment

The Verify Policies tool checks your policies for conformance to the policy rules prior to deployment.

This tool performs the same consistency checks on policies that are performed during a deploy operation.

It differs from the deployment verification in that it does not check communication links to the ETKMS.

The Verify Policies tool checks for features that are not universally supported across PEP models and

software versions. It looks for inconsistencies such as using a mixture of Layer 2 and Layer 3 PEPs in a

policy, using contiguous and non-contiguous network masks in a network set, and the use of virtual IP

addresses.

Verifying policies prior to deployment is useful if you have done any of the following:

● Made edits to any policy element since you last deployed policies: PEPs, networks, network sets, or

policy definitions.

● The PEPs in a policy are running a mix of software versions, for example ETEPs running versions

1.4, 1.5, and 1.6.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Black Box ET0010A Appliance Trim Kit User Manual