HP Jetdirect en1700 HP Jetdirect Print Server Administrator's Guide (Firmware - Page 109
IPsec/Firewall Policy Enable IPsec/Firewall, IPsec/Firewall Rules, Enable, Address Template
View all HP Jetdirect en1700 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 109 highlights
The items on the IPsec/Firewall policy pages are described below. Table 5-1 IPsec/Firewall Policy page Item Description Enable IPsec/Firewall or Enter a check mark in the checkbox to enable your IPsec/Firewall policy. Clear this checkbox to disable IPsec/Firewall operation. Enable Firewall IPsec/Firewall Rules An IPsec/Firewall policy consists of rules for processing IP packets. Up to ten rules may be configured. Rules are in descending order of precedence (for example, Rule 1 is higher in precedence than Rule 2). Each rule is defined by the following fields: ● An Enable checkbox indicates whether a configured rule is enabled or disabled for the policy. ● Address Template: Identifies the IP addresses for which the rule applies. You may select among several predefined templates, or specify a custom template. Click on a template entry to view or modify the template configuration. ● Services Template: Identifies the services for which the rule applies. You may select among several predefined templates, or specify a custom template. Click on a template entry to view or modify the template configuration. CAUTION: If the All Services template for a rule is not specified, a security risk may exist. Future networking applications that are deployed after the IPsec Policy is in place may not be IPsec-protected unless the All Services template is used. For example, installing a third-party Chai service plug-in, or upgrading firmware for the printer or print server, may result in a new service that is not covered by the IPsec policy, Policies should be revisited whenever firmware is updated or a new Chai applet is installed. Default Rule ● Action on Match: Identifies how to process the IP traffic that contains the addresses and services specified. For Firewall operation, the traffic will be allowed or dropped, depending on the action specified by the rule. For IPsec operation, the traffic may be allowed without IPsec protection, dropped, or IPsec-protected using an IPsec template specified for the rule. Click on a template entry to view or modify the template configuration. When a Firewall or IPsec policy is enabled and rules are configured, a default rule specifies whether to process IP packets that do not match the configured rules. Select Drop (default) to discard traffic that is not covered by the configured rules. Select Allow to allow traffic that is not covered by the configured rules. However, allowing IP packets that do not match the configured rules is not secure. For an example, see Default Rule Example on page 100. ENWW 99