HP Jetdirect C2059E Practical considerations for imaging and printing security - Page 7

HP Digital Sending Software (DSS) HP Digital Sending Software 4.0 can encrypt scanned documents between the MFP and the DSS Server. The DSS Server may then use the "Secondary email" function to store the encrypted document in a location accessible to third-party applications, such as Omtool, that then securely retransmit the document to its final destination via email. In addition to the secondary email function, secure sending to email, fax, and network folders may be achieved by securing the network communications between the DSS Server and the remote server using IPsec. To control email distribution, the SMTP server used by the DSS Server may be configured to enforce internal security policies. Such policies may prevent digital sending to email addresses outside of the internal network or analyzing the content of digitally sent documents to prevent breaches of confidentiality. Fax/LAN bridging The analog fax port of an HP imaging and printing device is isolated from the digital network connectivity of the device. Communications to the analog fax are routed directly to the device formatter and cannot be bridged to the digital network, preventing the threat of an attacker connecting to the analog fax through a telephone line and then gaining access to an internal network. HP is currently in the process of receiving Common Criteria Certification to validate this behavior in the HP LaserJet 4345mfp and 4730mfp. Effectively Monitor and Manage Effectively Monitor and Manage allows for imaging and printing infrastructure maintenance and enables auditing to facilitate compliance with policy and regulatory requirements. Effectively managing network resources is critical to maintaining a secure network. HP Web Jetadmin for fleet management HP Web Jetadmin (WJA) is the backbone for the administration and maintenance of imaging and printing products, for both HP and its competitors, deployed on enterprise networks. Fleet or batch management enables consistent management and security policy enforcement across a large number of imaging and printing devices. WJA can manage any device that supports the SNMP Printer MIB and allow manufacturers to develop device-specific extensions using plug-ins. WJA uses SNMPv3 to ensure authenticated and confidential management of networked devices. WJA allows devices to be manually administered and can automatically discover and configure newly installed devices. Device and service control Imaging and printing devices support many network protocols and services. Protocols and services that are unused often go ignored, resulting in unintended vulnerabilities, such as unsecured management interfaces or printing protocols that circumvent job accounting controls. HP imaging and printing devices allow individual control over these protocols and services and let administrators enable only the functionality required. Firmware updates Firmware updates can correct product defects and enhance product functionality, and they are an important means for preventing the exploitation of security vulnerabilities. It is important for IT and security administrators to monitor the availability of firmware updates and apply as necessary. HP releases firmware updates based on the severity of the defect and provides administrators the ability to receive automatic email notifications of releases. HP Web Jetadmin allows an administrator to discover devices using out-of-date firmware and update those devices automatically over the network. 7