HP Color LaserJet CM4730 HP LaserJet MPF Products - Configuring Security for M - Page 9

Repudiation, Information Disclosure, Denial of Service, Con HTTPS for EWS access. - mfp software download

Get HP Color LaserJet CM4730 - Multifunction Printer PDF manuals and user guides View all HP Color LaserJet CM4730 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 9 highlights

• Disable Cancel Job button. • Disable Go (Pause) button. • Configure SNMPv3. • Prevent unnecessary remote access: close down all unused ports and protocols. • Configure HTTPS for EWS access. Repudiation Repudiation is using an MFP without leaving usage information. This includes preventing the MFP from logging data or bypassing security checks such as user authentication. Examples: • Accessing usage logs to delete entries • Removing origination information from file metadata • Bypassing user authentication • Using remote management software to access the MFP You can address the risks of repudiation in the following ways: • Install Jetdirect 635n Print Servers and set up IPsec to encrypt the data stream to include log data and file metadata (look for this product at hp.com or contact your hp product supplier). Edgeline MFPs already IPsec functionality. Look for information on configuring it at hp.com. • Close unused ports and protocols. • Save copies of log data at a separate location • Add security solutions such as swipe-card readers and thumbprint readers • Configure MFP settings that restrict remote management Information Disclosure Information disclosure is gathering information from an MFP and providing it to unauthorized users. This can include authentication information, usage log information, or information from the contents of a job. Examples: • Reading stored print jobs on the MFP hard drive • Downloading log information • Downloading address books • Intercepting print jobs, copy jobs, fax jobs, or digital send jobs (such as email) You can address the risks of information disclosure in the following ways: • Install Jetdirect 635n Print Servers to encrypt the data stream to include log data and file metadata (look for this product at hp.com or contact your hp product supplier). Edgeline MFPs already IPsec functionality. Look for information on configuring it at hp.com. • Close unused ports and protocols. • Configure all possible password settings. • Configure authentication. • Configure SNMPv3. Denial of Service Denial of service is any type of interference with normal use of an MFP. Examples: • Canceling or pausing the print jobs of others • Turning off the MFP remotely • Disconnecting power to the MFP 9

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
Disable Cancel Job button.
Disable Go (Pause) button.
Configure SNMPv3.
Prevent unnecessary remote access: close down all unused ports and protocols.
Configure HTTPS for EWS access.
Repudiation
Repudiation is using an MFP without leaving usage information. This includes preventing the MFP from
logging data or bypassing security checks such as user authentication. Examples:
Accessing usage logs to delete entries
Removing origination information from file metadata
Bypassing user authentication
Using remote management software to access the MFP
You can address the risks of repudiation in the following ways:
Install Jetdirect 635n Print Servers and set up IPsec to encrypt the data stream to include log data
and file metadata (look for this product at hp.com or contact your hp product supplier). Edgeline
MFPs already IPsec functionality. Look for information on configuring it at hp.com.
Close unused ports and protocols.
Save copies of log data at a separate location
Add security solutions such as swipe-card readers and thumbprint readers
Configure MFP settings that restrict remote management
Information Disclosure
Information disclosure is gathering information from an MFP and providing it to unauthorized users.
This can include authentication information, usage log information, or information from the contents of
a job. Examples:
Reading stored print jobs on the MFP hard drive
Downloading log information
Downloading address books
Intercepting print jobs, copy jobs, fax jobs, or digital send jobs (such as email)
You can address the risks of information disclosure in the following ways:
Install Jetdirect 635n Print Servers to encrypt the data stream to include log data and file metadata
(look for this product at hp.com or contact your hp product supplier). Edgeline MFPs already IPsec
functionality. Look for information on configuring it at hp.com.
Close unused ports and protocols.
Configure all possible password settings.
Configure authentication.
Configure SNMPv3.
Denial of Service
Denial of service is any type of interference with normal use of an MFP. Examples:
Canceling or pausing the print jobs of others
Turning off the MFP remotely
Disconnecting power to the MFP
9