HP 635n HP Jetdirect Print Servers - How to Use 802.1X on HP Jetdirect Print S - Page 4

Dynamic VLANs

Get HP 635n - JetDirect IPv6/IPsec Print Server PDF manuals and user guides
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals

Page 4 highlights

ports 1 through 8 are always assigned to a specific VLAN - but as before, security can be circumvented simply by attaching a computer to the desired port. For Port-Based VLANS, what we really need are three separate solutions: (1) A way to authenticate users, (2) A way to grant authenticated users access to the network, and (3) A way to assign authenticated users to specific VLANs with network access restrictions, bandwidth constraints, and other controls. A Port-Based VLAN solution with dynamic authentication is shown in Figure 4 - Dynamic VLANs. Figure 4 - Dynamic VLANs Here, users are dynamically authenticated and assigned to specific VLANs regardless of what switch port they use. A user that cannot be authenticated is assigned a VLAN where they can do no damage. This behavior is fine for users, but what about printers and MFPs? Well, the nice part about 802.1X is that wired HP Jetdirect print servers support it. All we need to do is create users in Active Directory that correspond to Jetdirect-based printers and printer management servers, and we can do what is shown in Figure 5 - Printing and Imaging VLANs. 4

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
4
ports 1 through 8 are always assigned to a specific VLAN – but as before, security can be
circumvented simply by attaching a computer to the desired port.
For Port-Based VLANS, what we really need are three separate solutions: (1) A way to authenticate
users, (2) A way to grant authenticated users access to the network, and (3) A way to assign
authenticated users to specific VLANs with network access restrictions, bandwidth constraints, and
other controls. A Port-Based VLAN solution with dynamic authentication is shown in Figure 4 –
Dynamic VLANs.
Figure 4 - Dynamic VLANs
Here, users are dynamically authenticated and assigned to specific VLANs regardless of what switch
port they use.
A user that cannot be authenticated is assigned a VLAN where they can do no
damage.
This behavior is fine for users, but what about printers and MFPs?
Well, the nice part
about 802.1X is that wired HP Jetdirect print servers support it.
All we need to do is create users in
Active Directory that correspond to Jetdirect-based printers and printer management servers, and we
can do what is shown in Figure 5 – Printing and Imaging VLANs.