HP Color LaserJet CM4730 HP LaserJet MPF Products - Configuring Security for M - Page 10

Elevation of Privilege, Network Security, Overall Network Settings

Get HP Color LaserJet CM4730 - Multifunction Printer PDF manuals and user guides View all HP Color LaserJet CM4730 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 10 highlights

• Pulling out the MFP formatter board • Disconnecting the MFP from the network • Causing interference with network communication to the MFP • Changing the network location of the MFP • Causing an error state that interrupts service • Changing access configurations You can address the risks of denial of service attacks in the following ways: • Lock the control panel. • Lock EWS configuration settings. • Close unused ports and protocols. • Disable controls such as the Job Cancel button and the Go button. • Enable the resume feature to allow the MFP to resume operations after an error state. • Configure Job Timeout. • Control physical access to the MFP. • Lock physical access to removable hardware. Elevation of Privilege Elevation of privilege is any method of upgrading authorized access to include unauthorized access. Examples: • Non-administrators changing settings to get administrator privileges • Unauthorized use of management software to provide access for other unauthorized users • Using management software to bypass job accounting functions You can address the risks of elevation of privilege attacks in the following ways: • Configure the administrator (device) password. • Configure SNMPv3 and HTTPS. • Lock the control panel. Network Security This chapter explains how to configure security settings for one or more MFPs. You should use HP Web Jetadmin Version 8.1 with Service Pack 4 to configure as many of these settings as possible, but some settings are available only in the MFP control panels as noted. Overall Network Settings Before you get started, be sure that your network environment provides reasonable security in which your MFPs can operate. This includes configuring network firewalls and providing up-to-date virus controls. This checklist covers only the security settings that apply to MFPs as they are delivered in the box. You might consider other measures that are available to provide further security for MFPs: • HP Digital Send Service (software). Digital Send Service is a separate solution available at hp.com. It provides valuable security features such as encrypting digital send jobs and more types of authentication. • HP Jetdirect 635n Print Server Card. This accessory provides added network security using IPSec and IPv6 protocols. This technology enables security for network traffic including the content of print jobs, the content of email jobs, and the content of digital sending jobs. Look for the HP Jetdirect 635n Print Server Card at hp.com. 10

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
Pulling out the MFP formatter board
Disconnecting the MFP from the network
Causing interference with network communication to the MFP
Changing the network location of the MFP
Causing an error state that interrupts service
Changing access configurations
You can address the risks of denial of service attacks in the following ways:
Lock the control panel.
Lock EWS configuration settings.
Close unused ports and protocols.
Disable controls such as the Job Cancel button and the Go button.
Enable the resume feature to allow the MFP to resume operations after an error state.
Configure Job Timeout.
Control physical access to the MFP.
Lock physical access to removable hardware.
Elevation of Privilege
Elevation of privilege is any method of upgrading authorized access to include unauthorized access.
Examples:
Non-administrators changing settings to get administrator privileges
Unauthorized use of management software to provide access for other unauthorized users
Using management software to bypass job accounting functions
You can address the risks of elevation of privilege attacks in the following ways:
Configure the administrator (device) password.
Configure SNMPv3 and HTTPS.
Lock the control panel.
Network Security
This chapter explains how to configure security settings for one or more MFPs. You should use HP
Web Jetadmin Version 8.1 with Service Pack 4 to configure as many of these settings as possible, but
some settings are available only in the MFP control panels as noted.
Overall Network Settings
Before you get started, be sure that your network environment provides reasonable security in which
your MFPs can operate. This includes configuring network firewalls and providing up-to-date virus
controls.
This checklist covers only the security settings that apply to MFPs as they are delivered in the box. You
might consider other measures that are available to provide further security for MFPs:
HP Digital Send Service (software). Digital Send Service is a separate solution available at
hp.com
.
It provides valuable security features such as encrypting digital send jobs and more types of
authentication.
HP Jetdirect 635n Print Server Card. This accessory provides added network security using IPSec
and IPv6 protocols. This technology enables security for network traffic including the content of print
jobs, the content of email jobs, and the content of digital sending jobs. Look for the HP Jetdirect
635n Print Server Card at
hp.com
.
0