- General Details
Flow-through Encryption Policy and Key Management
The CryptoFlow™ Creator management solutions, including the award-winning Certes TrustNet Manager®, is a web-based management platform that controls the Certes encryptors and encryption policy enforcement points.
CryptoFlow Net Creator simplifies security management while preserving network performance and functionality. It provides a single interface for creating encryption policies and managing keys across any network environment: LAN, WAN, Cloud, data center, virtual environments and the Internet.
CryptoFlow is designed to meet the scalability and performance demands of public and private networks and cloud infrastructures. CryptoFlow Net Creator goes beyond being just a next-generation IPSec VPNsolution by helping organizations reduce the risk of network and cloud-based data breaches.
With CryptoFlow Net Creator’s point-and-click interface, IT managers can quickly and easily set up CryptoFlow group VPNs that permit secure any-to-any encryption over any network.
- Features
Product Support
Supports all Certes Enforcement Point (CEP) appliances, from CEP-5 (5 Mbps) to CEP-10G (10 Gbps) and Virtual Certes Enforcement Point (vCEP) – software only version of appliance for Cloud and virtual deployments
Policy Generation
- Mesh topologies
- Hub and spoke topologies
- Multicast networks
- Point-to-point connections
- IPsec site-to-site connections
Key Generation
- Generates encryption keys associated with policies
- Optional HSM card for hardware-based random number generation
Key Distribution
- Distributes encryption keys to enforcement points
- Schedule key updates by period (hours) or daily at a pre-determined time
- Cluster-based server with disaster recovery for reliable re-keys
- All communications involving policies and keys are secured using TLS and transmitted through the management ports of the enforcement points
- Communications authenticated using X.509 certificates
Certificate Management
- GUI interface for complete certificate management
- Generate signing requests
- Send requests (CSR) from the CEP/vCEP to the CryptoFlow Net Creator
- Install certificates onto the CEP/vCEP
System Synchronization
Time synchronization via Network Time Protocol (NTP) version 3, RFC 1035
- Documents