Filter
Top Products
Creating Distributed Key Policies
192 EncrypTight User Guide
To add a new hub and spoke policy:
1 In the Policy view, right-click anywhere in the view and click Add Hub and Spoke Policy.
2 Double click the new policy name added to the policy list.
3 Create the policy in the Hub and Spoke Policy editor described in Table 48. The policy editor is
shown in Figure 73.
4Click Save when complete.
Table 48 Hub and spoke policy entries
Field Description
Name Enter a unique name to identify the policy. Names can be 1 - 40 characters in
length. Alphanumeric characters and spaces are valid. The special characters
<, >, &, ,“ *, ?, /, \, : and | cannot be used in the policy name. Names are not
case sensitive.
Priority Enter the priority for this policy from 1 to 65000. PEPs enforce policies in
descending priority order with the highest priority number processed first.
Renew Keys/
Refresh
Lifetime
Specifies the lifetime of the keys and policies, and the frequency at which the
keys are regenerated and the policies’ lifetimes are updated on the PEPs.
Regenerate keys and update policies either at a specified interval in hours or
daily at a specified time. Click either Hours or Daily.
•Hours - enter the re-key interval in hours between 0 and 65535 hours. 0
hours causes keys and policies to never expire and never update. Use 0
hours for drop and clear policy types.
•Daily - enter the re-key time using the 24 hour system clock set to the
required local time of the ETPM workstation. The re-key time will translate to
the local times of the ETKMSs and PEPs that might be located in other time
zones.
Type Specifies the action applied to packets that match the protocol and networks
included in this policy.
•Drop - drops all packets matching this policy.
•Bypass - passes all packets matching this policy in the clear.
• IPSec - encrypts or decrypts all packets matching this policy.