HP DesignJet T700 Security Features - Page 22

IPSec, Please note, Firewall, IPsec/Firewall, Add Rule, Encrypt web communications, Access control

Get HP DesignJet T700 PDF manuals and user guides View all HP DesignJet T700 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 22 highlights

HP DesignJet Printers Security Settings 2.3 Data security: encrypted communications IPSec A Firewall or IP Security (IPsec) policy enables you to control traffic to or from the device by using network-layer protocols. Either a firewall or IPsec/firewall pages will appear, depending on whether IPsec is supported by the print server and device. If IPsec is not supported, firewall pages will be displayed and a firewall policy can be configured. Please note: Before you enable a firewall or IPsec policy, you should make sure that access to your configuration management settings is secured (for example, through an administrator password). This will ensure that your policy is not easily disabled through Telnet, control panel menus, or other management tools. Firewall. Use this page to view or configure a firewall policy. A firewall policy consists of up to 10 rules, where each rule specifies the IP addresses and services that are allowed by the print server and device. To add a rule, click Add Rule. This setting runs a wizard that will help you to configure each rule. IPsec/Firewall. Use this page to view or configure an IPsec/firewall policy. An IPsec/firewall policy consists of up to 10 rules. As with a firewall policy, each rule specifies the IP addresses and services that are allowed by the print server and device. With IPsec support, you can apply IPsec authentication and encryption protocols for those addresses and services. To add a rule, click Add Rule. This runs a wizard that will help you to configure each rule. For a detailed description of wizard settings and additional help, visit Jetdirect IPsec/Firewall Help. Encrypt web communications You can securely manage your network-connected printers using a web browser and the HTTPS protocol. To authenticate the HP Jetdirect web server when HTTPS is used, you may configure a certificate, or you may use the pre-installed, self-signed X.509 Certificate. The encryption strength specifies what ciphers the web server will use for secure communications. SSL/TLS Protocols used in the communications can be configured in the printer's EWS. Supported cipher suites can also be checked at EWS. When you enable encryption, the web server encrypts all web communication, forcing all connections to use HTTPS. You can also configure encryption options to allow both HTTP (unencrypted) and HTTPS connections. In secure environments, you should choose to encrypt all web communications. Otherwise, sensitive management data (administrator password, SNMP community names, and secret keys) may be compromised. Access control list This feature lets you determine the access control list (ACL), which is used to specify the IP addresses on your network that are allowed access to the device. The ACL is normally used for security purposes and supports up to 10 entries. The device blocks communications from all other addresses. If the list is empty, any system is allowed access. By default, host systems with HTTP connections (such as web browser or IPP connections) are allowed access 22

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
HP DesignJet Printers
Security Settings
22
2.3
Data security: encrypted communications
IPSec
A Firewall or IP Security (IPsec) policy enables you to control traffic to or from the device by using network-layer
protocols. Either a firewall or IPsec/firewall pages will appear, depending on whether IPsec is supported by the print
server and device. If IPsec is not supported, firewall pages will be displayed and a firewall policy can be configured.
Please note
: Before you enable a firewall or IPsec policy, you should make sure that access to your configuration
management settings is secured (for example, through an administrator password). This will ensure that your policy
is
not easily disabled through Telnet, control panel menus, or other management tools.
Firewall
. Use this page to view or configure a firewall policy. A firewall policy consists of up to 10 rules, where each
rule specifies the IP addresses and services that are allowed by the print server and device. To add a rule, click
Add
Rule
. This setting runs a wizard that will help you to configure each rule.
IPsec/Firewall
. Use this page to view or configure an IPsec/firewall policy. An IPsec/firewall policy consists of up to
10 rules. As with a firewall policy, each rule specifies the IP addresses and services that are allowed by the print
server
and device. With IPsec support, you can apply IPsec authentication and encryption protocols for those
addresses and
services. To add a rule, click
Add Rule
. This runs a wizard that will help you to configure each rule.
For a detailed description of wizard settings and additional help, visit
Jetdirect IPsec/Firewall Help
.
Encrypt web communications
You can securely manage your network-connected printers using a web browser and the HTTPS protocol. To
authenticate the HP Jetdirect web server when HTTPS is used, you may configure a certificate, or you may use the
pre-installed, self-signed X.509 Certificate. The encryption strength specifies what ciphers the web server will use
for secure communications.
SSL/TLS Protocols used in the communications can be configured in the printer’s EWS.
Supported cipher suites can also be checked at EWS.
When you enable encryption, the web server encrypts all web communication, forcing all connections to use HTTPS.
You can also configure encryption options to allow both HTTP (unencrypted) and HTTPS connections. In secure
environments, you should choose to encrypt all web communications. Otherwise, sensitive management data
(administrator password, SNMP community names, and secret keys) may be compromised.
Access control list
This feature lets you determine the access control list (ACL), which is used to specify the IP addresses on your
network
that are allowed access to the device. The ACL is normally used for security purposes and supports up to 10
entries.
The device blocks communications from all other addresses. If the list is empty, any system is allowed
access. By
default, host systems with HTTP connections (such as web browser or IPP connections) are allowed access