Home » HP Manuals » Print Servers » HP 630n » Manual Viewer

HP 630n HP Jetdirect Print Servers - Administrator's Guide - Page 124

Security features V.38.xx, Summary of HP Jetdirect security features continued

UPC - 808736806244

Add to My Manuals
Save this manual to your list of manuals

Page 124 highlights

Table 6-1 Summary of HP Jetdirect security features (continued) IPv4 Access Control List NOTE: The Firewall feature provides improved security and can be used in place of the IPv4 ACL. ● Specify up to 10 IPv4 host systems, or IPv4 networks of host systems, that are allowed access to the HP Jetdirect print server and the attached network device. (If the list is empty, then all hosts are allowed access.) ● Access is generally limited to host systems specified in the list. ● Host systems that use HTTP, such as the embedded Web server or IPP, are not checked against entries in the access list and are allowed access. However, you can disable HTTP host access using the embedded Web server. ● Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), embedded Web server, or SNMP (IPv4) management software. Telnet Control ● Telnet (IPv4) access is not secure. You can disable Telnet using the embedded Web server (see Embedded Web server (V.38.xx) on page 61). Authentication and Encryption Certificate management for X.509v3 digital certificates is provided through the embedded Web server, for both client-based and server-based authentication. A self-signed HP Jetdirect certificate is pre-installed, which can be replaced. On full-featured print servers, a CA certificate can also be installed. IPv4/IPv6 SNMP v1/v2c Set Community Name (IP/IPX) (SNMP v1/v2c only) ● A password on the HP Jetdirect print server that allows incoming SNMP Set commands to write (or set) HP Jetdirect configuration parameters. ● SNMP Set commands must contain the user-assigned community name, which is authenticated by the print server before the command is performed. ● On IP networks, you can restrict authentication of SNMP Set commands to systems on the ACL. ● Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), embedded Web server, or Management application services. ● SNMP v1/v2c uses plain text, which you can disable. IPv4/IPv6 SNMP v3 (For full-featured print servers only) ● SNMP v3 agent on the HP Jetdirect print server provides secure, encrypted communications with an SNMP v3 management application, such as HP Web Jetadmin. ● Supports creation of an SNMP v3 account when it is enabled through the embedded Web server. The account information can be integrated on SNMP v3 management applications. ● Supports seamless SNMP v3 account creation and management from HP Web Jetadmin. HP Web Jetadmin (IPv4) Password and Profiles ● Access control to HP Jetdirect configuration parameters through the HP Jetdirect IP administrator password, which you can configure from HP Web Jetadmin (IPv4), Telnet (IPv4), or the embedded Web server. ● HP Web Jetadmin provides access control through user profiles, which allow password protection for individual profiles and controlled access to HP Jetdirect and printer features. ● (For full-featured print servers only) You can use HP Web Jetadmin to enable the IPv4/IPv6 SNMP v3 agent on the print server, and create an SNMP v3 account for secure, encrypted management. Printer Control Panel Lock 114 Chapter 6 Security features (V.38.xx) ENWW

Section	Page
Introducing the HP Jetdirect print server	11
Supported print servers	11
Supported network protocols	12
Security protocols	13
SNMP (IP and IPX)	13
HTTPS	13
Authentication	14
EAP/802.1X server-based authentication	14
IPsec/Firewall	14
Supplied manuals	15
HP support	15
HP online support	15
Firmware upgrades	15
Firmware installation tools	15
HP support by phone	16
Product registration	16
Product accessibility	16
HP software solutions summary	17
HP Install Network Printer Wizard (Windows)	18
Requirements	18
HP Jetdirect printer installer for UNIX	19
HP Web Jetadmin	19
System requirements	19
Install HP Web Jetadmin software	19
Verify HP Web Jetadmin installation and provide access	20
Configure and modify a device	20
Remove HP Web Jetadmin software	20
Internet Printer Connection software	20
HP-supplied software	21
HP software system requirements	21
HP software supported proxies	21
Microsoft-supplied software	21
Windows 2000/XP/Server 2003 integrated software	21
Novell-supplied software	22
Mac OS network installation	22
TCP/IP configuration	25
IPv6 configuration	25
IPv6 address introduction	25
IPv6 address configuration	26
Link-local address	26
Stateless addresses	27
Stateful addresses	27
Use DNS	27
Tools and utilities	28
IPv4 configuration	28
Server-based and manual TCP/IP configuration (IPv4)	28
Default IP address (IPv4)	29
Default IP address is not assigned	29
Default IP address is assigned	29
Default IPv4 address configuration options	30
Default IPv4 behavior	30
TCP/IP configuration tools	31
Use BOOTP/TFTP (IPv4)	32
Advantages of using BOOTP/TFTP	32
Configure the print server using BOOTP/TFTP on UNIX	32
Use DHCP (IPv4)	44
UNIX systems	44
Windows systems	44
Discontinue DHCP configuration	46
Use RARP (IPv4)	46
Use the arp and ping commands (IPv4)	47
Use Telnet (IPv4)	48
Create a Telnet connection	49
A typical Telnet session	49
Telnet user interface options	50
Use Telnet to remove an IP address	67
Move to another network (IPv4)	68
Use the embedded Web server	68
Use the printer control panel	68
Embedded Web server (V.38.xx)	71
Requirements	72
Compatible Web browsers	72
Supported HP Web Jetadmin version	72
View the embedded Web server	73
Operating notes	74
HP Jetdirect Home tab	75
Device tabs	76
Networking tab	76
TCP/IP Settings	79
Summary tab	80
Network Identification tab	80
TCP/IP(v4) tab	81
TCP/IP(v6) tab	82
Config Precedence tab	83
Advanced tab	84
Network Settings	86
IPX/SPX	86
AppleTalk	87
DLC/LLC	87
SNMP	88
Other Settings	89
Misc. Settings	89
Firmware Upgrade	91
LPD Queues	91
USB Settings	93
Support Info	94
Refresh Rate	94
Select Language	94
Security: Settings	94
Status	94
Wizard	95
Restore Defaults	96
Authorization	97
Admin. Account	97
Certificates	97
Configure certificates	98
Access Control	100
Mgmt. Protocols	101
Web Mgmt.	101
SNMP	102
SNMP v3	102
Other	102
802.1X Authentication	103
IPsec/Firewall	104
Network Statistics	105
Protocol Info	105
Configuration Page	105
Other Links	105
? (Help)	105
Support	105
IPsec/Firewall configuration (V.38.xx)	107
Default Rule example	110
IPsec security associations (SA)	110
HP Jetdirect IPsec/Firewall wizard	110
Limitations to rules, templates and services	111
Step 1: Specify Address Template	112
Create Address Template	112
Step 2: Specify Service Template	113
Create Service Template	113
Manage Services	113
Manage Custom Services	114
Step 3: Specify Action	115
Specify IPsec/Firewall Template	115
Create IPsec Template	115
Identity Authentication	116
Kerberos	117
Kerberos Settings	117
IKEv1 Phase 1 (Authentication)	118
IKEv1 Phase 2 / Quick Mode (IPsec Protocols)	118
Advanced IKE Settings	119
IPsec Protocols (Manual Keys)	120
Manual Keys	120
Rule Summary	121
Configure Windows systems	121
Security features (V.38.xx)	123
Limit access to security features	126
Troubleshoot the HP Jetdirect print server	127
Reset to factory defaults	128
Example: Cold reset using the service menu	128
Disable an HP Jetdirect embedded print server (V.38.xx)	130
General troubleshooting	131
Troubleshooting chart - assess the problem	131
Procedure 1: Verify the printer is on and online	132
Procedure 2: Print an HP Jetdirect configuration page	132
Procedure 3: Resolve printer display error messages	133
Procedure 4: Resolve printer network communication problems	134
Troubleshooting wireless print servers	136
HP Jetdirect configuration pages	139
HP Jetdirect configuration page	140
Status field error messages	140
Configuration page format	140
Configuration page messages	141
HP Jetdirect Configuration/General Information	141
Security Settings	145
Network Statistics	147
TCP/IP protocol information	147
IPv4 section	148
IPv6 section	150
IPX/SPX protocol information	150
Novell/NetWare parameters	151
AppleTalk protocol information	152
DLC/LLC protocol information	153
Error messages	153
HP Jetdirect Security page	159
Security settings	160
IPsec Error Log	162
Local IP addresses	162
IPsec Statistics	162
IKE Stats	163
IPsec Rules	163
IPsec Security Associations (SA) table	163
Available Network Services	164
LPD printing	165
About LPD	166
Requirements for configuring LPD	166
LPD setup overview	167
Step 1. Set up IP parameters	167
Step 2. Set up print queues	167
Step 3. Print a test file	167
LPD on UNIX systems	167
Configure print queues for BSD-based systems	167
Use SAM to configure print queues (HP-UX systems)	169
Print a test file	170
LPD on Windows 2000/Server 2003 systems	170
Install TCP/IP software	170
Configure a network printer for Windows 2000/Server 2003 systems	171
Verify the configuration	172
Print from Windows clients	173
LPD on Windows XP systems	173
Add Windows optional networking components	173
Configure a network LPD printer	173
Add a new LPD printer	173
Create an LPR port for an installed printer	174
FTP printing	175
Requirements	175
Print files	175
Use FTP printing	175
FTP connections	175
Control connection	175
Data connection	176
FTP login	176
End the FTP session	177
Commands	177
Example FTP Session	178
HP Jetdirect control panel menus (V.38.xx)	179
Graphical control panel menus	180
Classic control panel EIO menus	187
Open source licensing statements	191
gSOAP	191
OpenSSL	192
OpenSSL license	192
Original SSLeay license	192

Match case Limit results 1 per page

IPv4 Access Control List

NOTE:

The

Firewall

feature provides improved security and can be used in place of the IPv4 ACL.

●

Specify up to 10 IPv4 host systems, or IPv4 networks of host systems, that are allowed access to the HP Jetdirect print

server and the attached network device. (If the list is empty, then all hosts are allowed access.)

●

Access is generally limited to host systems specified in the list.

●

Host systems that use HTTP, such as the embedded Web server or IPP, are not checked against entries in the access

list and are allowed access. However, you can disable HTTP host access using the embedded Web server.

●

Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), embedded Web server, or SNMP (IPv4)

management software.

Telnet Control

●

Telnet (IPv4) access is not secure. You can disable Telnet using the embedded Web server (see

Embedded Web server

(V.38.xx)

on page

Authentication and Encryption

Certificate management for X.509v3 digital certificates is provided through the embedded Web server, for both client-based

and server-based authentication. A self-signed HP Jetdirect certificate is pre-installed, which can be replaced. On full-featured

print servers, a CA certificate can also be installed.

IPv4/IPv6 SNMP v1/v2c Set Community Name (IP/IPX)

(SNMP v1/v2c only)

●

A password on the HP Jetdirect print server that allows incoming SNMP Set commands to write (or set) HP Jetdirect

configuration parameters.

●

SNMP Set commands must contain the user-assigned community name, which is authenticated by the print server before

the command is performed.

●

On IP networks, you can restrict authentication of SNMP Set commands to systems on the ACL.

●

Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), embedded Web server, or Management

application services.

●

SNMP v1/v2c uses plain text, which you can disable.

IPv4/IPv6 SNMP v3

(For full-featured print servers only)

●

SNMP v3 agent on the HP Jetdirect print server provides secure, encrypted communications with an SNMP v3

management application, such as HP Web Jetadmin.

●

Supports creation of an SNMP v3 account when it is enabled through the embedded Web server. The account information

can be integrated on SNMP v3 management applications.

●

Supports seamless SNMP v3 account creation and management from HP Web Jetadmin.

HP Web Jetadmin (IPv4) Password and Profiles

●

Access control to HP Jetdirect configuration parameters through the HP Jetdirect IP administrator password, which you

can configure from HP Web Jetadmin (IPv4), Telnet (IPv4), or the embedded Web server.

●

HP Web Jetadmin provides access control through user profiles, which allow password protection for individual profiles

and controlled access to HP Jetdirect and printer features.

●

(For full-featured print servers only) You can use HP Web Jetadmin to enable the IPv4/IPv6 SNMP v3 agent on the print

server, and create an SNMP v3 account for secure, encrypted management.

Printer Control Panel Lock

Table 6-1

Summary of HP Jetdirect security features (continued)

114

Chapter 6

Security features (V.38.xx)

ENWW