Lexmark XC4342 Security White Paper - Page 31

Secure LDAP, Auto-insertion of Sender’s E-mail Address

Get Lexmark XC4342 PDF manuals and user guides View all Lexmark XC4342 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 31 highlights

Secure Access 31 Secure LDAP Overview When scanning to e-mail or scanning to fax, you can select the recipient's e-mail address or fax number rather than manually typing it. This important convenience is made possible through LDAP. With LDAP, an MFP can query the corporate directory for information. The use of TLS protocol adds security to the process. By establishing an TLS connection before generating LDAP queries, an MFP and the directory server can protect the information they exchange. Benefits The benefits of using LDAP over TLS include: • The information queried by an MFP is secured (encrypted) on the network. • MFPs can leverage your existing PKI infrastructure to perform TLS, conforming to your standard security practices. Details All LDAP traffic to and from Lexmark devices can be secured with TLS to preserve its confidentiality and privacy. LDAP information that is exchanged over a TLS connection, such as credentials, names, and e-mail addresses and fax numbers, is encrypted. MFPs can be configured to trust a customer's CA by installing the CA's X.509 certificate on the MFP. Multiple CA certificates can be installed to establish trust to more than one CA. MFP configurations dictate that the MFP precedes all LDAP traffic with the negotiation of an TLS connection. The directory server provides its certificate, the MFP validates it and a secure encrypted communication channel is established. All subsequent LDAP traffic moves over this channel, so all LDAP information is encrypted on its network. This applies to LDAP queries for e-mail and fax information, as well as LDAP-based user authentication. Auto-insertion of Sender's E-mail Address Overview When you select a function on an MFP, such as Scan to E-mail, the MFP can require you to authenticate yourself (that is, log in) before proceeding. At the same time that the device is authenticating you, the device is also querying your information and automatically inserting your e-mail address in the From field of the e-mail. By automatically populating the From field of the outgoing e-mail, you are identifying yourself to the e-mail recipient. Benefits Anonymous e-mail is eliminated by inserting the identity of the authenticated user in the e-mail generated with the "Scan to E-mail" function.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
Secure LDAP
Overview
When scanning to e-mail or scanning to fax, you can select the recipient’s e-mail address or fax number rather
than manually typing it. This important convenience is made possible through LDAP. With LDAP, an MFP can
query the corporate directory for information. The use of TLS protocol adds security to the process. By
establishing an TLS connection before generating LDAP queries, an MFP and the directory server can protect
the information they exchange.
Benefits
The benefits of using LDAP over TLS include:
The information queried by an MFP is secured (encrypted) on the network.
MFPs can leverage your existing PKI infrastructure to perform TLS, conforming to your standard security
practices.
Details
All LDAP traffic to and from Lexmark devices can be secured with TLS to preserve its confidentiality and privacy.
LDAP information that is exchanged over a TLS connection, such as credentials, names, and e-mail addresses
and fax numbers, is encrypted.
MFPs can be configured to trust a customer’s CA by installing the CA’s X.509 certificate on the MFP. Multiple
CA certificates can be installed to establish trust to more than one CA. MFP configurations dictate that the MFP
precedes all LDAP traffic with the negotiation of an TLS connection. The directory server provides its certificate,
the MFP validates it and a secure encrypted communication channel is established. All subsequent LDAP traffic
moves over this channel, so all LDAP information is encrypted on its network. This applies to LDAP queries for
e-mail and fax information, as well as LDAP-based user authentication.
Auto-insertion of Sender’s E-mail Address
Overview
When you select a function on an MFP, such as Scan to E-mail, the MFP can require you to authenticate yourself
(that is, log in) before proceeding. At the same time that the device is authenticating you, the device is also
querying your information and automatically inserting your e-mail address in the From field of the e-mail. By
automatically populating the From field of the outgoing e-mail, you are identifying yourself to the e-mail
recipient.
Benefits
Anonymous e-mail is eliminated by inserting the identity of the authenticated user in the e-mail generated with
the “Scan to E-mail” function.
Secure Access
31