Lexmark C4342 Security White Paper - Page 11

Lexmark Secure by Default

Get Lexmark C4342 PDF manuals and user guides View all Lexmark C4342 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 11 highlights

Lexmark Secure by Default 11 Lexmark Secure by Default Lexmark Secure by Default When a device is first powered on, a "Guest" account exists which indicates a user has logged in. This user is granted access to all access controls that are selected in the "Access controls" on page 28 section. During the initial setup wizard (ISW), the user is given the ability to "opt in" to the Lexmark Secure by Default configuration. During the ISW, there is an option to create an account called "Admin" which is a member of the Admin group. This account is an internal account (password or PIN) that will have access to all access controls. Printer firmware (FW7 or later) defines a default configuration that is reasonably secure and in compliance with regulations. This section highlights some of the key security-related changes by firmware level. Admin Account in ISW FW7 Admin Account in ISW Available by default (opt in) with option to skip setup (opt out) FW8 Available by default (opt in) with option to skip setup (opt out) Disk Encryption Disk Encryption FW7 On FW8 On Default Cipher List FW7 OWASP Cipher String 'B' x DHE-RSA-AES256-GCM-SHA384 x DHE-RSA-AES128-GCM-SHA256 x ECDHE-RSA-AES256-GCM-SHA384 x ECDHE-RSA-AES128-GCM-SHA256 x DHE-RSA-AES256-SHA256 x DHE-RSA-AES128-SHA256 x ECDHE-RSA-AES256-SHA384 x ECDHE-RSA-AES128-SHA256 x ECDHE-RSA-AES256-SHA x ECDHE-RSA-AES128-SHA x DHE-RSA-AES256-SHA x DHE-RSA-AES128-SHA x TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 FW8 x x x x x x x x x x x x x x x

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
Lexmark Secure by Default
Lexmark Secure by Default
When a device is first powered on, a “Guest” account exists which indicates a user has logged in. This user is
granted access to all access controls that are selected in the
“Access controls” on page
28
section.
During the initial setup wizard (ISW), the user is given the ability to “opt in” to the Lexmark Secure by Default
configuration.
During the ISW, there is an option to create an account called “Admin” which is a member of the Admin group.
This account is an internal account (password or PIN) that will have access to all access controls. Printer firmware
(FW7 or later) defines a default configuration that is reasonably secure and in compliance with regulations. This
section highlights some of the key security-related changes by firmware level.
Admin Account in ISW
FW7
FW8
Admin Account in ISW
Available by default (opt in) with option to
skip setup (opt out)
Available by default (opt in) with option to
skip setup (opt out)
Disk Encryption
FW7
FW8
Disk Encryption
On
On
Default Cipher List
FW7
FW8
OWASP Cipher String ‘B’
x
x
DHE-RSA-AES256-GCM-SHA384
x
x
DHE-RSA-AES128-GCM-SHA256
x
x
ECDHE-RSA-AES256-GCM-SHA384
x
x
ECDHE-RSA-AES128-GCM-SHA256
x
x
DHE-RSA-AES256-SHA256
x
x
DHE-RSA-AES128-SHA256
x
x
ECDHE-RSA-AES256-SHA384
x
x
ECDHE-RSA-AES128-SHA256
x
x
ECDHE-RSA-AES256-SHA
x
x
ECDHE-RSA-AES128-SHA
x
x
DHE-RSA-AES256-SHA
x
x
DHE-RSA-AES128-SHA
x
x
TLS_AES_128_GCM_SHA256
x
TLS_AES_256_GCM_SHA384
x
Lexmark Secure by Default
11