Practical considerations for imaging and printing security
Page 4
... group, and will Common Criteria-certify products to develop checklists that protect the function of configuration for public review at http://csrc.nist.gov/checklists. HP considers security checklists as 802.1x and secure management, scanning, and printing protocols. HP plans to the product's actual capabilities and potential vulnerabilities. Conclusion: look beyond Common Criteria...
... group, and will Common Criteria-certify products to develop checklists that protect the function of configuration for public review at http://csrc.nist.gov/checklists. HP considers security checklists as 802.1x and secure management, scanning, and printing protocols. HP plans to the product's actual capabilities and potential vulnerabilities. Conclusion: look beyond Common Criteria...
Practical considerations for imaging and printing security
Page 6
... is the recommended protocol for HP imaging and printing devices is used for secure management using SSL/TLS, secure IPP requires no additional configuration and is implemented as those with HP Jetdirect devices Network connectivity for securing printing and scanning functions. 6 SNMPv3..., are an integral step in all network access denied. 802.1x can secure network printing and scanning protocols. The HP Jetdirect 635n IPv6/IPsec and Gigabit Ethernet internal print server, available November 2005, uses a cryptographic accelerator to provide click-to avoid installing malware...
... is the recommended protocol for HP imaging and printing devices is used for secure management using SSL/TLS, secure IPP requires no additional configuration and is implemented as those with HP Jetdirect devices Network connectivity for securing printing and scanning functions. 6 SNMPv3..., are an integral step in all network access denied. 802.1x can secure network printing and scanning protocols. The HP Jetdirect 635n IPv6/IPsec and Gigabit Ethernet internal print server, available November 2005, uses a cryptographic accelerator to provide click-to avoid installing malware...
Practical considerations for imaging and printing security
Page 7
.... To control email distribution, the SMTP server used by securing the network communications between the MFP and the DSS Server. HP is currently in the process of imaging and printing products, for the administration and maintenance of...HP Digital Sending Software (DSS) HP Digital Sending Software 4.0 can automatically discover and configure newly installed devices. WJA allows devices to be bridged to the device formatter and cannot be manually administered and can encrypt scanned documents between the DSS Server and the remote server using IPsec. HP imaging and printing...
.... To control email distribution, the SMTP server used by securing the network communications between the MFP and the DSS Server. HP is currently in the process of imaging and printing products, for the administration and maintenance of...HP Digital Sending Software (DSS) HP Digital Sending Software 4.0 can automatically discover and configure newly installed devices. WJA allows devices to be bridged to the device formatter and cannot be manually administered and can encrypt scanned documents between the DSS Server and the remote server using IPsec. HP imaging and printing...
Practical considerations for imaging and printing security
Page 8
...and that transports it . Trusted imaging and printing platforms will allow device activity, including user, document, and destination, to imaging and printing devices. HP supports the IEEE p2600's development of an imaging and printing security standard that render documents for devices, ...expiration of integrity. Logging device activity Logging device activities ensures compliance to its use. Logging functions can also include configuration and management actions. HP chairs the Hardcopy Work Group, which is a standards organization with a greater level of content after a defined...
...and that transports it . Trusted imaging and printing platforms will allow device activity, including user, document, and destination, to imaging and printing devices. HP supports the IEEE p2600's development of an imaging and printing security standard that render documents for devices, ...expiration of integrity. Logging device activity Logging device activities ensures compliance to its use. Logging functions can also include configuration and management actions. HP chairs the Hardcopy Work Group, which is a standards organization with a greater level of content after a defined...
Practical considerations for imaging and printing security
Page 12
...disk when triggered by an administrator or a regularly scheduled event configured by HP Web Jetadmin. Secure Erase can occur continuously as removed, however the data remains on the following devices: • HP LaserJet 2400, 4250, 4350 printers • HP LaserJet 4100mfp, 4345mfp, 4730mfp, 9000mfp, 9000Lmfp, 9040mfp, 9050... overwriting of data from a disk, they are simply marked as files are erased from hard disk storage. Appendix B-HP Secure Erase HP Secure Erase implements the Department of Defense (DoD) specification 5220-22m algorithm for the deletion of the disk data to...
...disk when triggered by an administrator or a regularly scheduled event configured by HP Web Jetadmin. Secure Erase can occur continuously as removed, however the data remains on the following devices: • HP LaserJet 2400, 4250, 4350 printers • HP LaserJet 4100mfp, 4345mfp, 4730mfp, 9000mfp, 9000Lmfp, 9040mfp, 9050... overwriting of data from a disk, they are simply marked as files are erased from hard disk storage. Appendix B-HP Secure Erase HP Secure Erase implements the Department of Defense (DoD) specification 5220-22m algorithm for the deletion of the disk data to...
HP Jetdirect Print Servers - Philosophy of Security
Page 5
..., we 've seen a person performing incorrect application of the very first domino. It depends. Essentially, something had the usernames/passwords configured - For instance, it is all else is through a philosophical concept called First Cause. Example User has revealed critical information to talk.... Another thing that tends to undermine security as the Big Bang Theory. Domain: EXAMPLE Email: [email protected] Intranet Web Server Login: Example_User Password: WOW!I'mAnEntAdminForExample!!! Compare that need to end. whether that people make and we 've seen some category...
..., we 've seen a person performing incorrect application of the very first domino. It depends. Essentially, something had the usernames/passwords configured - For instance, it is all else is through a philosophical concept called First Cause. Example User has revealed critical information to talk.... Another thing that tends to undermine security as the Big Bang Theory. Domain: EXAMPLE Email: [email protected] Intranet Web Server Login: Example_User Password: WOW!I'mAnEntAdminForExample!!! Compare that need to end. whether that people make and we 've seen some category...
HP Jetdirect Print Servers - Philosophy of Security
Page 6
... Directory Access Protocol Server or Hyper-Text Transmission Protocol server for the Certificate Revocation List or trusted access to my Certificate Authority - the management station does it ? I guess we have the outsourcer do this doesn't it automatically! Are you can configure the digital certificate manually...Yes, we have to give my outsourcer access to an Online Certificate Status Protocol server. PC: Oh - My device setup is completely secure and no ". PC: How does the device get configured on the device that would prove to get that it use SSL. PC: ...
... Directory Access Protocol Server or Hyper-Text Transmission Protocol server for the Certificate Revocation List or trusted access to my Certificate Authority - the management station does it ? I guess we have the outsourcer do this doesn't it automatically! Are you can configure the digital certificate manually...Yes, we have to give my outsourcer access to an Online Certificate Status Protocol server. PC: Oh - My device setup is completely secure and no ". PC: How does the device get configured on the device that would prove to get that it use SSL. PC: ...
HP Jetdirect Print Servers - Philosophy of Security
Page 7
...? SD: ahhhhhhhhhhhhhhhh!!! (Runs screaming from the room) In short, trust anchors are satisfied with digital certificates. It is going to be configured, but also, who have implemented a PKI have Single Sign On capability. Hence, why we have to our potential customer (PC) and... it will talk about SSL - SD: Yes - for instance?). • The implementation of administration credentials on . • The configuration of the application that we validate them and determine what needs to happen before secure device management can really impact things like logging into...
...? SD: ahhhhhhhhhhhhhhhh!!! (Runs screaming from the room) In short, trust anchors are satisfied with digital certificates. It is going to be configured, but also, who have implemented a PKI have Single Sign On capability. Hence, why we have to our potential customer (PC) and... it will talk about SSL - SD: Yes - for instance?). • The implementation of administration credentials on . • The configuration of the application that we validate them and determine what needs to happen before secure device management can really impact things like logging into...
HP Jetdirect Print Servers - Philosophy of Security
Page 8
...of a complex security system is this configuration performed, and what knowledge do I need to be established that buying this configuration need to recover your documents using a term from an internal web server. "who configures what settings, where does this configuration take place, when does this product ...using some sort of elimination of variables and focusing in "peace of mind" for device management has to have a printed copy, so the user prints multiple copies. For example, let's assume that break down are marketed with Greedy Reductionism in the 'clear' and could...
...of a complex security system is this configuration performed, and what knowledge do I need to be established that buying this configuration need to recover your documents using a term from an internal web server. "who configures what settings, where does this configuration take place, when does this product ...using some sort of elimination of variables and focusing in "peace of mind" for device management has to have a printed copy, so the user prints multiple copies. For example, let's assume that break down are marketed with Greedy Reductionism in the 'clear' and could...
HP Jetdirect Print Servers - Philosophy of Security
Page 12
...to gain unauthorized access. Sure enough, it easy. Teasing a tech-savvy clerk a bit about people printing in there and doing the same thing tomorrow when X shows up those keystroke loggers and head home. ...and verified I connected my laptop wirelessly to an employee that allows them to do server authentication. We said Security is about 20 minutes from the introduction: • People ... and eat all day on a day that !) and went back outside cable line. Then I configured. People and Technology: An Analysis for him . Well, not home really - At lunchtime on the...
...to gain unauthorized access. Sure enough, it easy. Teasing a tech-savvy clerk a bit about people printing in there and doing the same thing tomorrow when X shows up those keystroke loggers and head home. ...and verified I connected my laptop wirelessly to an employee that allows them to do server authentication. We said Security is about 20 minutes from the introduction: • People ... and eat all day on a day that !) and went back outside cable line. Then I configured. People and Technology: An Analysis for him . Well, not home really - At lunchtime on the...
HP Jetdirect Print Server Administrator's Guide (Firmware V.36)
Page 5
Table of contents 1 Introducing the HP Jetdirect Print Server Supported Print Servers ...1 Supported Network Protocols ...2 Security Protocols ...4 SNMP (IP and IPX) ...4 HTTPS ...4 Authentication ...4 EAP/802.1X Server-Based Authentication 4 IPsec/Firewall ...5 Supplied Manuals ...5 HP Support ...5 HP Online Support ...5 Firmware Upgrades ...5 Firmware Installation Tools 6 HP Support By Phone ...6 Product Registration ...6 Product Accessibility ...7 2 HP Software Solutions Summary HP Install Network Printer Wizard (Windows 10 Requirements...
Table of contents 1 Introducing the HP Jetdirect Print Server Supported Print Servers ...1 Supported Network Protocols ...2 Security Protocols ...4 SNMP (IP and IPX) ...4 HTTPS ...4 Authentication ...4 EAP/802.1X Server-Based Authentication 4 IPsec/Firewall ...5 Supplied Manuals ...5 HP Support ...5 HP Online Support ...5 Firmware Upgrades ...5 Firmware Installation Tools 6 HP Support By Phone ...6 Product Registration ...6 Product Accessibility ...7 2 HP Software Solutions Summary HP Install Network Printer Wizard (Windows 10 Requirements...
HP Jetdirect Print Server Administrator's Guide (Firmware V.36)
Page 6
... Settings 58 Moving to Another Network (IPv4 59 Using the Embedded Web Server ...59 Using the Printer Control Panel ...59 4 Embedded Web Server (V.36.xx) Requirements ...62 Compatible Web Browsers 62 Browser Exceptions 62 Supported HP Web Jetadmin Version 62 Viewing the Embedded Web Server 62 Operating Notes ...64 HP Jetdirect Home Tab ...64 Device Tabs ...65...
... Settings 58 Moving to Another Network (IPv4 59 Using the Embedded Web Server ...59 Using the Printer Control Panel ...59 4 Embedded Web Server (V.36.xx) Requirements ...62 Compatible Web Browsers 62 Browser Exceptions 62 Supported HP Web Jetadmin Version 62 Viewing the Embedded Web Server 62 Operating Notes ...64 HP Jetdirect Home Tab ...64 Device Tabs ...65...
HP Jetdirect Print Server Administrator's Guide (Firmware V.36)
Page 7
... ...92 802.1X Authentication ...93 IPsec/Firewall ...95 Network Statistics ...95 Protocol Info ...95 Configuration Page ...95 Other Links ...95 ? (Help) ...95 Support ...95 5 IPsec/Firewall Configuration (V.36.xx) Default Rule Example ...100 IPsec Security Associations (SA) ...100 HP Jetdirect IPsec/Firewall Wizard 101 Limitations to Rules, Templates and Services 101 Step 1: Specify Address...
... ...92 802.1X Authentication ...93 IPsec/Firewall ...95 Network Statistics ...95 Protocol Info ...95 Configuration Page ...95 Other Links ...95 ? (Help) ...95 Support ...95 5 IPsec/Firewall Configuration (V.36.xx) Default Rule Example ...100 IPsec Security Associations (SA) ...100 HP Jetdirect IPsec/Firewall Wizard 101 Limitations to Rules, Templates and Services 101 Step 1: Specify Address...
HP Jetdirect Print Server Administrator's Guide (Firmware V.36)
Page 8
... 2: Printing an HP Jetdirect Configuration Page 122 Procedure 3: Resolving Printer Display Error Messages 123 Procedure 4: Resolving Printer Communication Problems with the Network 124 8 HP Jetdirect Configuration Pages HP Jetdirect Configuration Page ...128 Status Field Error Messages 128 Configuration Page Format 128 Configuration Page Messages 129 HP Jetdirect Configuration/General Information 129 Security Settings 131 Network Statistics 133 TCP/IP Protocol Information 133 IPv4 Section 134 IPv6 Section...
... 2: Printing an HP Jetdirect Configuration Page 122 Procedure 3: Resolving Printer Display Error Messages 123 Procedure 4: Resolving Printer Communication Problems with the Network 124 8 HP Jetdirect Configuration Pages HP Jetdirect Configuration Page ...128 Status Field Error Messages 128 Configuration Page Format 128 Configuration Page Messages 129 HP Jetdirect Configuration/General Information 129 Security Settings 131 Network Statistics 133 TCP/IP Protocol Information 133 IPv4 Section 134 IPv6 Section...
HP Jetdirect Print Server Administrator's Guide (Firmware V.36)
Page 9
... 156 LPD on UNIX Systems ...156 Configuring Print Queues for BSD-based Systems 156 Configuring Print Queues Using SAM (HP-UX systems 157 Printing a Test File 158 LPD on Windows 2000/Server 2003 Systems 159 Installing TCP/IP Software 159 Configuring a Network Printer for Windows 2000/Server 2003 Systems ........ 160 Verifying the Configuration 161 Printing from Windows Clients 161 LPD on...
... 156 LPD on UNIX Systems ...156 Configuring Print Queues for BSD-based Systems 156 Configuring Print Queues Using SAM (HP-UX systems 157 Printing a Test File 158 LPD on Windows 2000/Server 2003 Systems 159 Installing TCP/IP Software 159 Configuring a Network Printer for Windows 2000/Server 2003 Systems ........ 160 Verifying the Configuration 161 Printing from Windows Clients 161 LPD on...
HP Jetdirect Print Server Administrator's Guide (Firmware V.36)
Page 12
... which it is installed. 4 xx represents a release number. J7988G (en1700)3 J7993E 2 Chapter 1 Introducing the HP Jetdirect Print Server ENWW J7961G (635n) Server 2003, Vista. (Requires HP IPv6/IPv4 port monitor software running on page 2. The HP Jetdirect print server product number and installed firmware version can be identified using various methods, including the HP Jetdirect configuration page (see HP Jetdirect Configuration Pages on page 127), Telnet (see TCP/IP...
... which it is installed. 4 xx represents a release number. J7988G (en1700)3 J7993E 2 Chapter 1 Introducing the HP Jetdirect Print Server ENWW J7961G (635n) Server 2003, Vista. (Requires HP IPv6/IPv4 port monitor software running on page 2. The HP Jetdirect print server product number and installed firmware version can be identified using various methods, including the HP Jetdirect configuration page (see HP Jetdirect Configuration Pages on page 127), Telnet (see TCP/IP...
HP Jetdirect Print Server Administrator's Guide (Firmware V.36)
Page 14
...Introducing the HP Jetdirect Print Server ENWW In cooperation with an authentication server, such as HP Jetdirect en1700, support an SNMP v1/v2c agent only. For more information, see Embedded Web Server (V.36.xx) on client authentication results. Full-featured HP Jetdirect print servers support ...using the Extensible Authentication Protocol (EAP) on IPv4, IPv6 and IPX networks. The network infrastructure device that uses digital certificates for network server authentication and passwords for enhanced security. HP Jetdirect print servers support access to the network (such as ...
...Introducing the HP Jetdirect Print Server ENWW In cooperation with an authentication server, such as HP Jetdirect en1700, support an SNMP v1/v2c agent only. For more information, see Embedded Web Server (V.36.xx) on client authentication results. Full-featured HP Jetdirect print servers support ...using the Extensible Authentication Protocol (EAP) on IPv4, IPv6 and IPX networks. The network infrastructure device that uses digital certificates for network server authentication and passwords for enhanced security. HP Jetdirect print servers support access to the network (such as ...
HP Jetdirect Print Server Administrator's Guide (Firmware V.36)
Page 15
... IPv4 and IPv6 networks. Internet Protocol security (IPsec, RFC 2401) provides additional protection through the embedded Web server. Value-featured print servers, such as HP Jetdirect en1700 do not support IPsec may control IP traffic using Firewall protection only. HP Support HP Online Support Click your HP Jetdirect print server-24 hours a day, 7 days a week. IPsec and Firewall capabilities depend on the print server over your print server...
... IPv4 and IPv6 networks. Internet Protocol security (IPsec, RFC 2401) provides additional protection through the embedded Web server. Value-featured print servers, such as HP Jetdirect en1700 do not support IPsec may control IP traffic using Firewall protection only. HP Support HP Online Support Click your HP Jetdirect print server-24 hours a day, 7 days a week. IPsec and Firewall capabilities depend on the print server over your print server...
HP Jetdirect Print Server Administrator's Guide (Firmware V.36)
Page 19
... Environment Function Remarks HP Install Network Printer Wizard (Windows) on supported systems (Windows XP and Server 2003), Version 5.0 supports printer discovery ● through IPv4 protocols only. TCP/IPv4 HP Web Jetadmin on page 11 (See the HP Website for supported Remote installation, configuration, and ● HP's preferred solution for download from HP's Website. Once the printer is required for HP Jetdirect print servers.
... Environment Function Remarks HP Install Network Printer Wizard (Windows) on supported systems (Windows XP and Server 2003), Version 5.0 supports printer discovery ● through IPv4 protocols only. TCP/IPv4 HP Web Jetadmin on page 11 (See the HP Website for supported Remote installation, configuration, and ● HP's preferred solution for download from HP's Website. Once the printer is required for HP Jetdirect print servers.
HP Jetdirect Print Server Administrator's Guide (Firmware V.36)
Page 20
...IPv6 network, but printer discovery is a utility for HP printers connected to -peer" printing. A version that will send print jobs directly to IPv4 protocols. HP Install Network Printer Wizard (Windows) The HP Install Network Printer Wizard is limited to the printer. Printing through the server, also known as "client-server" printing...(either through an HP Jetdirect print server HP Jetdirect Printer Installer for UNIX The HP Jetdirect Printer Installer for UNIX contains support for HP-UX and Solaris systems. The software installs, configures and provides diagnostics ...
...IPv6 network, but printer discovery is a utility for HP printers connected to -peer" printing. A version that will send print jobs directly to IPv4 protocols. HP Install Network Printer Wizard (Windows) The HP Install Network Printer Wizard is limited to the printer. Printing through the server, also known as "client-server" printing...(either through an HP Jetdirect print server HP Jetdirect Printer Installer for UNIX The HP Jetdirect Printer Installer for UNIX contains support for HP-UX and Solaris systems. The software installs, configures and provides diagnostics ...