Filter
Top Products
ETEP Configuration
330 EncrypTight User Guide
3 On the Advanced tab, select Enable IKE VLAN Tag.
OCSP Settings
Online Certificate Status Protocol (OCSP) provides a way for devices that use certificates to verify that a
received certificate is currently valid. OCSP is an alternative to using Certificate Revocation Lists
(CRLs). If your organization uses certificates to authenticate management communications in an
EncrypTight deployment, you can use OCSP to check the validity of the certificates you install.
Related topics:
● “Using Enhanced Security Features” on page 261
● “Validating Certificates Using OCSP” on page 289
Certificate Policy Extensions
Certificate policy extensions indicate the purposes for which a certificate was issued, for example signing
e-mail or encryption. If your organization uses certificates and makes use of the certificate policy
extension, you can enable support for the extensions on the ETEP and enter the allowable OIDs.
Related topics:
● “Using Enhanced Security Features” on page 261
● “Configuring the Certificate Policies Extension” on page 269,
Features Configuration
The items on the Features tab define what kind of policies the ETEP can enforce and what layer of traffic
it acts on.
● “FIPS Mode” on page 331
Configures the ETEP for FIPS mode operation (supported in specific versions of ETEP software).
● “EncrypTight Settings” on page 333
Determines whether the ETEP will enforce EncrypTight distributed key policies or stand-alone point-
to-point policies. Also enables strict authentication on the ETEP.
● “Encryption Policy Settings” on page 334
Configures the ETEP for use in Layer 2 or Layer 3 policies.
Table 102 IKE VLAN Tags
Field Description
IKE VLAN tag priority Sets the VLAN priority. Valid values range from 0-7.
IKE VLAN tag identifier Sets the VLAN ID. Valid values range from 0-4094.