HP 635n Practical IPsec Deployment for Printing and Imaging Devices - Page 68

for the configuration to be changed without constantly bringing down the IP stack and bringing it back up. • Always use the failsafe option when testing various IPsec policies to avoid being locked out remotely. Be sure to disable it once everything has be tested and verified to work properly. Okay, we are done covering IPsec policy configuration on Jetdirect for Pre-Shared Key. Configuring one endpoint for IPsec and not the other endpoint isn't exactly useful. What we need to do next is step through a Microsoft configuration. Before doing that, we need to review what we are trying to accomplish. • (1) We want to protect printing, imaging, and management protocols on Jetdirect using IPsec. • (2) We want to protect printing protocols across all desktops and laptops, with an emphasis on ease of management and deployment • (3) We want to protect our specialty servers, such as WJA with IPsec. Using the HP recommended printing and imaging configuration, we have accomplished (1): The Jetdirect recommended configuration - IPsec exemptions followed by IPsec protection of all services. Now we want to focus on (2) - protecting desktop and laptop printing using IPsec policy in a way that is very manageable and scalable. Microsoft IPsec Configuration Wizard for Pre-Shared Key HP Recommend IPsec Policy to Protect Printing for Desktops/Laptops Here we are going to cover an easy to deploy and manage IPsec policy to protect printing on Desktop/Laptops in the enterprise. 68