HP LaserJet Enterprise MFP M725 HP Commercial LaserJet Printers and MFPs - Ima - Page 81

 Disable SLP Config. SLP Config accommodates software using SLP as a discovery mechanism. For example disabling SLP Config on some Novell networks (depending on how Novell is configured) would cause Novell to not recognize the MFPs on the network. Thus, if your network uses these features of Novell, you should enable SLP Config. If you use software other than HP Web Jetadmin with your HP MFPs please test this feature before disabling it. HP Web Jetadmin is not affected by this setting,  Disable FTP Printing. FTP Printing enables files to be sent to the printer via FTP for printing on the MFP, enabling FTP Printing also allows you to upgrade your printer firmware by sending the firmware via FTP. HP recommends disabling it and using Web Jetadmin to upgrade firmware. MFPs will deny access to FTP sessions.  Disable LPD Printing. LPD Printing is the protocol necessary for printing in UNIX, HPUX, or Linux environments. You should disable LPD Printing unless your network includes UNIX workstations that might print using the MFPs. With this option disabled, MFPs will deny access to UNIX machines.  Enable 9100 Printing. 9100 Printing should always be enabled. It is the standard printing protocol used by MFP print drivers. Disabling 9100 Printing would disable all printing for most users.  Disable IPP Printing. IPP Printing is a protocol for printing over the internet or locally. Unless you have a requirement for IPP printing it should be disabled. With it disabled, the MFPs will deny access to direct printing from the Internet. Print jobs generated from web browsers using the installed print driver are not affected.  Disable MDNS Config. MDNS Config resolves host names with IP addresses in small networks without DNS servers. Most enterprise networks include DNS servers and do not require this service. With this option disabled, a non-DNS network will not recognize the MFPs. If your network does not include a DNS server, you should enable MDNS Config.  Disable IPv4 Multicast Config. IPv4 Multicast Config configures multiple devices simultaneously over the network. You should always disable IPv4 Multicast Config, and use Web Jetadmin for managing MFPs.  Disable WS-Discovery. WS-Discovery enables network hosts that support WSDiscovery to discover printers and devices on the network. Unless you are in an IPv6 or Windows Vista/Windows 7 only environment there are other protocols you can use to discover your printers.  Configure Encryption Strength to High. The encryption strength setting covers communication between a PC and the Embedded Web Server. When HTTPS is configured (as recommended in this checklist), communication is encrypted according to this Encryption Strength setting. With Encryption Strength set to High, users will find that the EWS are accessible only from web browsers that support that level of HTTPS communications. This checklist recommends disabling EWS Config during normal use of MFPs. This removes all access to the EWS; however, you should configure this setting for times when you temporarily enable EWS Config to make changes to configurations. Chapter 7 HP LaserJet and Color LaserJet MFP Security Checklist 77