Lexmark C4342 Security White Paper - Page 28
Access controls
View all Lexmark C4342 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 28 highlights
Secure Access 28 Details The process of authenticating users is flexible. Lexmark devices can use various internal authentication mechanisms and network directory authentication mechanisms and protocols to validate user credentials. Lexmark devices can be set up to use device internal accounts, device passwords, device PINs, LDAP (with or without TLS), Kerberos, and LDAP+GSSAP for authenticating users. Support for a wide array of authentication protocols means that the device user authentication function is compatible with an array of network environments, including Microsoft Active Directory, Novell eDirectory, and other directory environments that support LDAP. Secure user authentication protocols, such as LDAP with TLS configured, Kerberos, and LDAP+GSSAPI to protect users' credentials during the authentication process. The device manages authentication and authorization with one, or more, of the following methods: • PIN or Panel PIN Protect • Password or Web Page Password Protect • Internal accounts • LDAP • LDAP+GSSAPI • Kerberos 5 (used only with LDAP+GSSAPI) • Active Directory To provide low-level security, you can use either PIN and Password or Panel PIN Protect and Web Page Password Protect for some printer models, by limiting access to a printer-or specific functions of a printer-to anyone who knows the correct code. This type of security might be appropriate if a printer is located in the lobby or other public areas of a business so that only the employees who know the password or PIN can use the printer. Because anyone who enters the correct password or PIN receives the same privileges and users cannot be individually identified, passwords and PINs are considered less secure than other building blocks that require you to be identified, or both be identified and authorized. Note: The default settings do not contain any authentication or authorization building blocks, which means that everyone has unrestricted access to the Embedded Web Server. Access controls Access controls limit users access to functions, applications, and printer management. Note: Some access controls are available only in some printer models. When the device is first powered on, only a "Guest" account exists, which is a user who is not logged into the device. This user is granted access to all access controls that are selected in the Security - Public (Manage Permissions) section. When a user "opts-in" to Secure by Default during the initial setup wizard, certain Administrative Menus and Device Management access controls are deselected from the Public (Manage Permissions) section. For more details, see "Lexmark Secure by Default" on page 11. Access to device functions and menus can be set by the selection of a permission for that respective access control. For more information regarding access controls, please see, Embedded Web Server - Security Guide for your particular device, at https://support.lexmark.com. Examples of Function Access that can be controlled are: • Copy Function • E-mail Function