Flow-through Encryption Policy & Key Management

  1. General Details

    Flow-through Encryption Policy and Key Management

    The CryptoFlow™ Creator management solutions, including the award-winning Certes TrustNet Manager®, is a web-based management platform that controls the Certes encryptors and encryption policy enforcement points.

    CryptoFlow Net Creator simplifies security management while preserving network performance and functionality. It provides a single interface for creating encryption policies and managing keys across any network environment: LAN, WAN, Cloud, data center, virtual environments and the Internet.

    CryptoFlow is designed to meet the scalability and performance demands of public and private networks and cloud infrastructures. CryptoFlow Net Creator goes beyond being just a next-generation IPSec VPNsolution by helping organizations reduce the risk of network and cloud-based data breaches.

    With CryptoFlow Net Creator’s point-and-click interface, IT managers can quickly and easily set up CryptoFlow group VPNs that permit secure any-to-any encryption over any network.

  2. Features

    Product Support

    Supports all Certes Enforcement Point (CEP) appliances, from CEP-5 (5 Mbps) to CEP-10G (10 Gbps) and Virtual Certes Enforcement Point (vCEP) – software only version of appliance for Cloud and virtual deployments

    Policy Generation

    • Mesh topologies
    • Hub and spoke topologies
    • Multicast networks
    • Point-to-point connections
    • IPsec site-to-site connections

    Key Generation

    • Generates encryption keys associated with policies
    • Optional HSM card for hardware-based random number generation

    Key Distribution

    • Distributes encryption keys to enforcement points
    • Schedule key updates by period (hours) or daily at a pre-determined time
    • Cluster-based server with disaster recovery for reliable re-keys
    • All communications involving policies and keys are secured using TLS and transmitted through the management ports of the enforcement points
    • Communications authenticated using X.509 certificates

    Certificate Management

    • GUI interface for complete certificate management
    • Generate signing requests
    • Send requests (CSR) from the CEP/vCEP to the CryptoFlow Net Creator
    • Install certificates onto the CEP/vCEP

    System Synchronization

    Time synchronization via Network Time Protocol (NTP) version 3, RFC 1035

  3. Download Datasheet