HP Color LaserJet CM4730 HP LaserJet MPF Products - Configuring Security for M - Page 80

Security Options, Protocol, Stacks, IPX/SPX, TCP/IP, DLC/LLC, AppleTalk, Authentication, Manager

Get HP Color LaserJet CM4730 - Multifunction Printer PDF manuals and user guides View all HP Color LaserJet CM4730 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 80 highlights

Note: This checklist recommends disabling EWS Config during normal MFP operations and enabling it temporarily for changes to configurations. This setting ensures that the network traffic is secure during those configurations. • Disable unused Protocol Stacks. These options provide for various types of network communication to the MFPs. Closing down unused protocol stacks is affective toward better network security. See the ramifications of each option below: o Disable IPX/SPX. IPX/SPX is a network protocol for Novell. It may be required in some Novell networks; however, most Novell networks are capable of using TCP/IP. IPX/SPX should be disabled unless it is required by a Novell configuration. o Enable TCP/IP. TCP/IP is the standard network protocol for MFP operations. It provides the necessary network communication for printing and for configuration. It should be enabled during normal use of MFPs. o Enable DLC/LLC. DLC/LLC is used in small networks where routing is not required. The MFPs include it for compatibility with older HP products. It should be enabled to ensure that the MFPs can work with other HP products. o Disable AppleTalk. AppleTalk is a protocol required for older Apple computers. You should disable it unless your network includes older Apple or Macintosh computers. With it disabled MFPs will not appear on the network for these computers. Security Page Options • Configure Authentication Manager. The Authentication Manager provides settings to require log in for use of the various MFP functions. It is important to be sure to select only the authentication methods that are available and that you wish to configure. Digital Send Service is a separate solution available at hp.com. It is a valuable tool that provides security and other features for managing MFPs. Select Digital Send Service only if it is installed and available on your network and if you plan to configure it later on the Security page. Group 1 PIN and Group 2 PIN are features of the MFPs to provide methods of authentication when no other options are available or when you wish to vary authentication methods for each MFP function. Select Group 1 PIN or Group 2 PIN only if you plan to configure them later on the Security page. LDAP is an authentication method that uses a network database to retrieve user credentials. It is secure when SSL is configured and trusted certificates are installed. Select LDAP only if it is available on your network and only if you plan to configure it later on the Security page. Kerberos is a secure authentication protocol that is available with some networks. It provides a high level of security for network communications. Select Kerberos only if it is available on your network and only if you plan to configure it later on the Security page. With authentication enabled, the MFPs will deny access to users who cannot supply the correct credentials. • Configure Authentication methods. The various authentication options are meant enable you to customize access to the MFPs using the authentication methods that are available on your network. It is important to be sure to configure all 80

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
Note:
This checklist recommends disabling EWS Config during normal MFP
operations and enabling it temporarily for changes to configurations. This
setting ensures that the network traffic is secure during those configurations.
Disable unused
Protocol
Stacks
.
These options provide for various types of network communication to the MFPs. Closing down
unused protocol stacks is affective toward better network security. See the ramifications of each
option below:
o
Disable
IPX/SPX
.
IPX/SPX
is a network protocol for Novell. It may be required in some Novell
networks; however, most Novell networks are capable of using TCP/IP.
IPX/SPX
should be disabled unless it is required by a Novell configuration.
o
Enable
TCP/IP
.
TCP/IP
is the standard network protocol for MFP operations. It provides the
necessary network communication for printing and for configuration. It should be
enabled during normal use of MFPs.
o
Enable
DLC/LLC
.
DLC/LLC
is used in small networks where routing is not required. The MFPs include it
for compatibility with older HP products. It should be enabled to ensure that the MFPs
can work with other HP products.
o
Disable
AppleTalk
.
AppleTalk
is a protocol required for older Apple computers. You should disable it
unless your network includes older Apple or Macintosh computers. With it disabled
MFPs will not appear on the network for these computers.
Security Page Options
Configure
Authentication
Manager
.
The
Authentication
Manager
provides settings to require log in for use of the various MFP
functions. It is important to be sure to select only the authentication methods that are available and
that you wish to configure.
Digital
Send
Service
is a separate solution available at hp.com. It is a valuable tool that
provides security and other features for managing MFPs. Select Digital Send Service only if it is
installed and available on your network and if you plan to configure it later on the
Security
page.
Group
1
PIN
and
Group
2
PIN
are features of the MFPs to provide methods of authentication
when no other options are available or when you wish to vary authentication methods for each MFP
function. Select
Group
1
PIN
or
Group
2
PIN
only if you plan to configure them later on the
Security
page.
LDAP
is an authentication method that uses a network database to retrieve user credentials. It is
secure when SSL is configured and trusted certificates are installed. Select
LDAP
only if it is
available on your network and only if you plan to configure it later on the
Security
page.
Kerberos
is a secure authentication protocol that is available with some networks. It provides a
high level of security for network communications. Select
Kerberos
only if it is available on your
network and only if you plan to configure it later on the
Security
page.
With authentication enabled, the MFPs will deny access to users who cannot supply the correct
credentials.
Configure Authentication methods.
The various authentication options are meant enable you to customize access to the MFPs using the
authentication methods that are available on your network. It is important to be sure to configure all
0