Lexmark C4342 Security White Paper - Page 38

Benefits, Details, USB support is limited, The supported image file formats are BMP, DCX, GIF, JPG

Get Lexmark C4342 PDF manuals and user guides View all Lexmark C4342 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 38 highlights

Secure Access 38 The USB host ports on Lexmark devices do not permit the following operations: • Connecting and using any form of USB device except a mass storage device, card reader, or human interface device (HID), such as a keyboard • Submitting or processing of PCL® emulation, PostScript emulation, or other printer data stream files • Submitting of any other sort of data (executable code, configuration files, and so on) • Recording any sort of data from the printer to a USB-attached device other than jobs that are a direct scan to a USB flash drive • Executing code from the USB-attached device • Booting the printer from the USB-attached device • Transferring data between the USB-attached device and the network to which the printer is attached (except in cases where the device is configured to use the USB port for authentication using a smart card) Disabling the front USB port is an option at manufacturing or by the device administrator during setup for recent devices using access control restrictions. Some Lexmark devices also have a rear USB host port. The use of this port is restricted to card readers and HIDs, such as a keyboard. Benefits The benefits of restricting the functions of portable USB memory devices include: • Carefully controlling environments where sensitive documents exist by not permitting users to perform scan- to-USB operations. • Restricting users from performing print-from-USB operations in environments where printing is tracked or allowed only on a fee basis. • Limiting the ability to perform scan-to or print-from USB devices to only authenticated users. • Restricting just any USB memory device from using highly restricted environments. • Eliminating virus and malware attack options. • Restricting when the USB ports are available for usage. Details In general, USB support on Lexmark devices is not unlike USB support on personal computers. Personal computers typically support a wide array of devices through USB ports, such as keyboards, mice, monitors, hard drives, speakers, network cards, digital cameras, and so on. The flexibility offered by USB host support on personal computers is not needed-or desirable-on printers. The purpose of the USB host port on Lexmark devices is to allow convenient printing and scanning of image files, to permit attachment of card readers for authentication and authorization purposes and HIDs, such as keyboards, and to access fast, easy maintenance activities through firmware updates for technicians. The supported image file formats are BMP, DCX, GIF, JPG, PCX, PDF, PNG, TIF, and TIFF. The device's firmware and the USB host port implementation are carefully designed to restrict the use of the port for any other purpose. A number of factors in the design provide for that protection, including the following: USB support is limited When a USB device is connected to a USB host port (such as on the front of a Lexmark laser printer or MFP), a process known as enumeration occurs. The device indicates its device class to the host so the host knows how to communicate with it.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
The USB host ports on Lexmark devices do not permit the following operations:
Connecting and using any form of USB device except a mass storage device, card reader, or human interface
device (HID), such as a keyboard
Submitting or processing of PCL
®
emulation, PostScript emulation, or other printer data stream files
Submitting of any other sort of data (executable code, configuration files, and so on)
Recording any sort of data from the printer to a USB-attached device other than jobs that are a direct scan
to a USB flash drive
Executing code from the USB-attached device
Booting the printer from the USB-attached device
Transferring data between the USB-attached device and the network to which the printer is attached (except
in cases where the device is configured to use the USB port for authentication using a smart card)
Disabling the front USB port is an option at manufacturing or by the device administrator during setup for recent
devices using access control restrictions. Some Lexmark devices also have a rear USB host port. The use of
this port is restricted to card readers and HIDs, such as a keyboard.
Benefits
The benefits of restricting the functions of portable USB memory devices include:
Carefully controlling environments where sensitive documents exist by not permitting users to perform scan-
to-USB operations.
Restricting users from performing print-from-USB operations in environments where printing is tracked or
allowed only on a fee basis.
Limiting the ability to perform scan-to or print-from USB devices to only authenticated users.
Restricting just any USB memory device from using highly restricted environments.
Eliminating virus and malware attack options.
Restricting when the USB ports are available for usage.
Details
In general, USB support on Lexmark devices is not unlike USB support on personal computers. Personal
computers typically support a wide array of devices through USB ports, such as keyboards, mice, monitors,
hard drives, speakers, network cards, digital cameras, and so on. The flexibility offered by USB host support
on personal computers is not needed—or desirable—on printers.
The purpose of the USB host port on Lexmark devices is to allow convenient printing and scanning of image
files, to permit attachment of card readers for authentication and authorization purposes and HIDs, such as
keyboards, and to access fast, easy maintenance activities through firmware updates for technicians.
The supported image file formats are BMP, DCX, GIF, JPG, PCX, PDF, PNG, TIF, and TIFF. The device’s firmware
and the USB host port implementation are carefully designed to restrict the use of the port for any other purpose.
A number of factors in the design provide for that protection, including the following:
USB support is limited
When a USB device is connected to a USB host port (such as on the front of a Lexmark laser printer or MFP), a
process known as enumeration occurs. The device indicates its device class to the host so the host knows how
to communicate with it.
Secure Access
38