Dell B3465dnf Mono Embedded Web Server -- Security Administrators Guide - Page 7

Using security features in the Embedded Web Server 7 Groups Administrators can designate up to 32 groups to be used in association with either the Internal accounts or LDAP/LDAP +GSSAPI building blocks. For the purposes of Embedded Web Server security, groups are used to identify sets of users needing access to similar functions. For example, in Company A, employees in the warehouse do not need to print in color, but those in sales and marketing use color every day. In this scenario, it makes sense to create a "Warehouse" group and a "Sales and Marketing" group. Access Controls By default, all device menus, settings, and functions come with no security enabled. Access controls (also referred to in some devices as "Function Access Controls") are used to manage access to specific menus and functions or to disable them entirely. Access controls can be set using a password, PIN, or security template. The number of functions that can be controlled varies depending on the type of device, but in some multifunction printers, over 40 individual menus and functions can be protected. Note: For a list of individual access controls and what they do, see "Appendix D: Access controls" on page 43. Security Templates Some scenarios call for only limited security, such as PIN‑protected access to common device functions, while others require tighter security and role‑based restrictions. Individually, building blocks, groups, and access controls may not meet the needs of a complex security environment. In order to accommodate users in different groups needing access to a common set of functions such as printing, copying, and faxing, administrators must be able to combine these components in ways that give all users the functions they need, while restricting other functions to only authorized users. A security template is a profile constructed using a building block, or certain building blocks paired with one or more groups. How they are combined determines the type of security created: Building block Type of security Internal Accounts Authentication only Internal Accounts with Groups Authentication and authorization Kerberos 5 Authentication only LDAP Authentication only LDAP with Groups Authentication and authorization LDAP+GSSAPI Authentication only LDAP+GSSAPI with Groups Authentication and authorization Password Authorization only PIN Authorization only Each device can support up to 140 security templates, allowing administrators to create very specific profiles for each access control.