HP LaserJet M5000 LaserJet MFP - Imaging and Printing Security Best Practices - Page 86

File System Options, Command Load and Execute

Get HP LaserJet M5000 PDF manuals and user guides View all HP LaserJet M5000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 86 highlights

• Disable Incoming Mail. Some network solutions can send commands to the MFP via email. If your network uses any of these solutions, you should enable Incoming mail. Otherwise, disable it as a best practice. This setting does not affect any other use of the MFP. With this setting configured, the MFPs will ignore all incoming emails. • Disable Cancel Job Button. The EWS provides a Cancel Job button that allows users to cancel jobs that are pending in the queue. This includes canceling jobs sent by other users. Thus, disabling the Cancel Job button removes the ability to cancel jobs remotely (and anonymously); however, users will be able to cancel their own jobs from the printer driver or from the control panel. • Disable Go Button. The Go button is the EWS Pause/Resume button, which enables users to pause operations, such as print jobs, indefinitely. Disabling the Go button removes it from the EWS preventing users from delaying jobs or even denying service to other users; however, users will be able to pause or resume their own jobs from the print driver or from the control panel. • Disable Command Invoke. Command Invoke is a legacy feature that does not apply to the MFPs. Disabling it is good security practice to ensure that all possible access to it is closed. • Disable Command Download. Command Download is a legacy feature that does not apply to the MFPs. Disabling it is good security practice to ensure that all possible access to it is closed • Disable Command Load and Execute. Command Load and Execute accommodates add-on applications (Chailets), such as workflow programs and job accounting programs. Disabling it stops the MFPs from running Chailets when it starts up. This function is called Service Loading in the EWS. If your network uses Chailets, you should enable Command Load and Execute. If not, you should disable it to prevent users from installing this type of application. You may wish to (turn off the MFPs and turn them on again (power cycle) after disabling Command Load and execute. This will stop applications that may be already loaded and running. With this setting configured, the MFPs will ignore all add-on applications. • Disable Print Service. Print service allows users to send print-ready files such as PDF files directly to MFPs for immediate printing. This feature is available to anyone who has access to the EWS. Disabling it ensures that only users with the MFP Print driver installed can send print jobs to the MFPs. With Print Service disabled, the print options do not appear on the EWS. File System Page Options • Configure File System External Access. The File System External Access settings shuts down access to the MFP file system (storage devices and configuration settings) through protocols and ports. They eliminate access from various types of management tools. HP recommends shutting down all unused access to the file system. See the ramifications for each protocol below. Chapter 7 HP LaserJet and Color LaserJet MFP Security Checklist 82

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
Disable
Incoming Mail
. Some network solutions can send commands to the MFP via
email. If your network uses any of these solutions, you should enable Incoming mail.
Otherwise, disable it as a best practice. This setting does not affect any other use of the
MFP.
With this setting configured, the MFPs will ignore all incoming emails.
Disable
Cancel Job Button
. The EWS provides a Cancel Job button that allows users to
cancel jobs that are pending in the queue. This includes canceling jobs sent by other users.
Thus, disabling the Cancel Job button removes the ability to cancel jobs remotely (and
anonymously); however, users will be able to cancel their own jobs from the printer driver
or from the control panel.
Disable
Go Button
. The Go button is the EWS
Pause/Resume
button, which enables
users to pause operations, such as print jobs, indefinitely. Disabling the Go button removes
it from the EWS preventing users from delaying jobs or even denying service to other
users; however, users will be able to pause or resume their own jobs from the print driver
or from the control panel.
Disable
Command Invoke
. Command Invoke is a legacy feature that does not apply to
the MFPs. Disabling it is good security practice to ensure that all possible access to it is
closed.
Disable
Command Download
. Command Download is a legacy feature that does not
apply to the MFPs. Disabling it is good security practice to ensure that all possible access
to it is closed
Disable
Command Load and Execute
. Command Load and Execute accommodates
add-on applications (Chailets), such as workflow programs and job accounting programs.
Disabling it stops the MFPs from running Chailets when it starts up. This function is called
Service Loading in the EWS. If your network uses Chailets, you should enable Command
Load and Execute. If not, you should disable it to prevent users from installing this type of
application.
You may wish to (turn off the MFPs and turn them on again (power cycle) after disabling
Command Load and execute. This will stop applications that may be already loaded and
running.
With this setting configured, the MFPs will ignore all add-on applications.
Disable
Print Service
. Print service allows users to send print-ready files such as PDF files
directly to MFPs for immediate printing. This feature is available to anyone who has access
to the EWS. Disabling it ensures that only users with the MFP Print driver installed can send
print jobs to the MFPs.
With
Print Service
disabled, the print options do not appear on the EWS.
File System Page Options
Configure
File System External Access
. The File System External Access settings shuts
down access to the MFP file system (storage devices and configuration settings) through
protocols and ports. They eliminate access from various types of management tools. HP
recommends shutting down all unused access to the file system. See the ramifications for each
protocol below.
Chapter 7
HP LaserJet and Color LaserJet MFP Security Checklist
82