HP Color LaserJet CM4730 HP LaserJet MPF Products - Configuring Security for M - Page 78

Encryption, Strength, Medium, Enable, Features, Config, Telnet, Printing, FTP Printing

Get HP Color LaserJet CM4730 - Multifunction Printer PDF manuals and user guides View all HP Color LaserJet CM4730 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 78 highlights

This setting is sometimes required for network SSL connections. However, even if it is not required, it improves security by providing better trust between the LDAP server and the MFP. You should configure this setting if possible. If an SSL certificate is not uploaded, the MFPs use a self-signed certificate that might be rejected in some network configurations. If SSL is not used, usernames and even passwords will be passed over network lines in clear text. • Configure Encryption Strength to Medium or High. The Encryption Strength setting covers HTTP communication between a PC and the EWS. When HTTPS is configured (as recommended in this checklist), communication is encrypted according to this Encryption Strength setting. Configure this setting to the highest level supported by the browser you use to access MFP EWSs. With Encryption Strength configured, the EWSs are accessible only from web browsers that support that level of HTTPS communications. Note: This checklist recommends disabling EWS Config during normal use of MFPs. This removes all access to the EWSs; however, you should configure this setting for times when you temporarily enable EWS Config to make changes. • Configure Enable Features options (do not disable EWS Config at this point). These options enable or disable various supported features for the MFP. These features are designed for access and convenience on the network, but they should be disabled when not in use. The following list explains the ramifications of each feature: o Disable Telnet Config. Telnet Config is an access point used by some older (legacy) printer management tools. Jetdirect also supports some Telnet commands. Telnet Config transmits data in clear text, and it should not be used. With it disabled, MFPs will deny access to Telnet sessions. Note that Web Jetadmin is the only solution recommended for managing HP MFPs, and it does not use Telnet Config. o Disable SLP Config. SLP Config accommodates discovery features of Novell (depending on how Novell is configured). Disabling it disables these features. With SLP Config disabled, Novell will not recognize the MFPs on the network. You should enable SLP Config only if your network uses these features of Novell. o Disable FTP Printing. FTP Printing provides some methods of upgrading MFP firmware, and it allows for uploading files onto MFP hard drives. You should disable it and use only Web Jetadmin to upgrade firmware. With FTP Printing disabled, the MFPs will deny access to all FTP sessions. o Disable LPD Printing. LPD Printing is a protocol for printing in UNIX, HPUX, or Linux environments. You should disable it unless your network includes UNIX workstations that might print using the MFPs. With LPD Printing disabled, MFPs will deny access to UNIX machines. o Enable 9100 Printing. 9100 Printing is the standard printing protocol used by MFP print drivers. It should 78

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
This setting is sometimes required for network SSL connections. However, even if it is not required, it
improves security by providing better trust between the LDAP server and the MFP. You should
configure this setting if possible.
If an SSL certificate is not uploaded, the MFPs use a self-signed certificate that might be rejected in
some network configurations. If SSL is not used, usernames and even passwords will be passed
over network lines in clear text.
Configure
Encryption
Strength
to
Medium
or
High
.
The
Encryption
Strength
setting covers HTTP communication between a PC and the EWS. When
HTTPS is configured (as recommended in this checklist), communication is encrypted according to
this
Encryption
Strength
setting. Configure this setting to the highest level supported by the
browser you use to access MFP EWSs.
With
Encryption
Strength
configured, the EWSs are accessible only from web browsers that
support that level of HTTPS communications.
Note:
This checklist recommends disabling
EWS
Config
during normal use of
MFPs. This removes all access to the EWSs; however, you should configure
this setting for times when you temporarily enable EWS Config to make
changes.
Configure
Enable
Features
options (do not disable
EWS
Config
at this point).
These options enable or disable various supported features for the MFP. These features are
designed for access and convenience on the network, but they should be disabled when not in use.
The following list explains the ramifications of each feature:
o
Disable
Telnet
Config
.
Telnet
Config
is an access point used by some older (legacy) printer management
tools. Jetdirect also supports some Telnet commands.
Telnet
Config
transmits data
in clear text, and it should not be used. With it disabled, MFPs will deny access to
Telnet sessions.
Note that Web Jetadmin is the only solution recommended for managing HP MFPs,
and it does not use
Telnet
Config
.
o
Disable
SLP
Config
.
SLP
Config
accommodates discovery features of Novell (depending on how Novell
is configured). Disabling it disables these features.
With
SLP
Config
disabled, Novell will not recognize the MFPs on the network. You
should enable
SLP
Config
only if your network uses these features of Novell.
o
Disable
FTP
Printing
.
FTP
Printing
provides some methods of upgrading MFP firmware, and it allows for
uploading files onto MFP hard drives. You should disable it and use only Web
Jetadmin to upgrade firmware.
With
FTP Printing
disabled, the MFPs will deny access to all FTP sessions.
o
Disable
LPD
Printing
.
LPD
Printing
is a protocol for printing in UNIX, HPUX, or Linux environments. You
should disable it unless your network includes UNIX workstations that might print
using the MFPs.
With
LPD
Printing
disabled, MFPs will deny access to UNIX machines.
o
Enable
9100
Printing
.
9100
Printing
is the standard printing protocol used by MFP print drivers. It should
8