Lexmark C4342 Security White Paper - Page 54

CAC/PIV and SIPRNet Card (Authentication), Overview, Details

Get Lexmark C4342 PDF manuals and user guides View all Lexmark C4342 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 54 highlights

Solutions 54 CAC/PIV and SIPRNet Card (Authentication) Overview The Common Access Card (CAC) and Personal Identity Verification (PIV) authentication solution provides safe workflow processes for more control over the security of networked Lexmark MFPs in federal government operations. The solution also supports SIPR tokens to provide access over the Secret Internet Protocol Router Network. Lexmark is partnering with 90Meter to use the benefits of smart card security. By embedding the solution directly into the Lexmark device firmware, users experience as much security at the printer or MFP, as at their own workstation. The 90Meter solution delivers advanced document encryption, cryptographic signature functionality and authoritative use of identity credentials. The solution also meets the federal governments requirement for two-factor authentication and facilitates the use of public key infrastructure (PKI) authentication tools. Lexmark is partnering with 90Meter to leverage the benefits of smart card security • Solution is embedded in firmware • Users experience the same level of security at the printer or MFP as at their own workstation • Ensures ongoing compatibility with SIPR tokens • Fulfills the latest government security mandates including FIPS 140-2 and FIPS‑201. • The 90Meter solution delivers advanced document encryption, cryptographic signature functionality and authoritative use of identity credentials • Simultaneously supports multiple cardtypes Benefits Some of the benefits of CAC/PIV/SIPRNet authentication include • Delivers flexible and easy configuration function for administrators • Holds confidential print jobs until released by an authorized recipient • Validates a card through Active Directory or Online Certificate Status Protocol (OCSP) for Tumbleweed or CoreStreet Details The Lexmark solution ensures that only authorized employees can access the network through its devices, giving government agencies another option for enhanced network security protection. Users cannot initiate workflow processes at locked devices without first inserting a CAC or SIPRNet card and obtaining authentication. Because the user's identification is associated with all functions initiated while the CAC or SIPRNet card is in the reader, an audit trail can also be created to track user activity. Using the user's credentials from a CAC or SIPRNet card enhances the Scan to E-mail workflow by providing a more secure, personalized experience. E-mail addresses can be found without the need for a service account. Outgoing e-mail is addressed with the user's account information, eliminating anonymous e-mail. S or MIME support is available for enhanced security and privacy. CAC or SIPRNet credentials can be used to log in to an exchange server through SMTP to validate user authorization before sending e-mail. The Lexmark CAC or SIPRNet solution has a rich set of customization capabilities so that only authorized users have access to specific workflows. Global restrictions can be set up so that all users can print jobs and copy and fax normally without CAC or SIPRNet authentication, requiring only authentication for scanning and other network functions. Users can also be organized by Active Directory groups so that function access is available only to those who are authorized.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
CAC/PIV and SIPRNet Card (Authentication)
Overview
The Common Access Card (CAC) and Personal Identity Verification (PIV) authentication solution provides safe
workflow processes for more control over the security of networked Lexmark MFPs in federal government
operations. The solution also supports SIPR tokens to provide access over the Secret Internet Protocol Router
Network. Lexmark is partnering with 90Meter to use the benefits of smart card security. By embedding the
solution directly into the Lexmark device firmware, users experience as much security at the printer or MFP, as
at their own workstation. The 90Meter solution delivers advanced document encryption, cryptographic
signature functionality and authoritative use of identity credentials. The solution also meets the federal
governments requirement for two-factor authentication and facilitates the use of public key infrastructure (PKI)
authentication tools.
Lexmark is partnering with 90Meter to leverage the benefits of smart card security
Solution is embedded in firmware
Users experience the same level of security at the printer or MFP as at their own workstation
Ensures ongoing compatibility with SIPR tokens
Fulfills the latest government security mandates including FIPS 140-2 and FIPS
201.
The 90Meter solution delivers advanced document encryption, cryptographic signature functionality and
authoritative use of identity credentials
Simultaneously supports multiple cardtypes
Benefits
Some of the benefits of CAC/PIV/SIPRNet authentication include
Delivers flexible and easy configuration function for administrators
Holds confidential print jobs until released by an authorized recipient
Validates a card through Active Directory or Online Certificate Status Protocol (OCSP) for Tumbleweed or
CoreStreet
Details
The Lexmark solution ensures that only authorized employees can access the network through its devices,
giving government agencies another option for enhanced network security protection. Users cannot initiate
workflow processes at locked devices without first inserting a CAC or SIPRNet card and obtaining
authentication. Because the user’s identification is associated with all functions initiated while the CAC or
SIPRNet card is in the reader, an audit trail can also be created to track user activity.
Using the user’s credentials from a CAC or SIPRNet card enhances the Scan to E-mail workflow by providing a
more secure, personalized experience. E-mail addresses can be found without the need for a service account.
Outgoing e-mail is addressed with the user’s account information, eliminating anonymous e-mail. S or MIME
support is available for enhanced security and privacy. CAC or SIPRNet credentials can be used to log in to an
exchange server through SMTP to validate user authorization before sending e-mail. The Lexmark CAC or
SIPRNet solution has a rich set of customization capabilities so that only authorized users have access to specific
workflows.
Global restrictions can be set up so that all users can print jobs and copy and fax normally without CAC or
SIPRNet authentication, requiring only authentication for scanning and other network functions. Users can also
be organized by Active Directory groups so that function access is available only to those who are authorized.
Solutions
54