Lexmark B2442 Embedded Web Server Administrator s Guide - Page 34
Configuring security audit log settings
View all Lexmark B2442 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 34 highlights
Lexmark Confidential until announced Securing printers 34 4 In the Authentication Hash menu, select the hash function of your SNMP server. 5 In the Minimum Authentication Level, select Authentication, Privacy. 6 In the Privacy Algorithm menu, select the strongest setting supported by your network environment. 7 Click Save. Configuring SNMP traps After configuring SNMP settings, you can customize which alerts are sent to the network management system by designating events (SNMP traps) that trigger an alert message. 1 From the Embedded Web Server, click Settings > Network/Ports > SNMP > Set SNMP Traps. 2 In one of the IP Address fields, type the IP address of the network management server or monitoring station. 3 Select the conditions that you want to generate an alert. 4 Click Save. Configuring security audit log settings The security audit log lets administrators monitor security‑related events on a device, including failed user authorization, successful administrator authentication, and Kerberos file uploads to a device. By default, security logs are stored on the device, but may also be transmitted to a network system log (syslog) server for processing or storage. We recommend enabling audit in secure environments. 1 From the Embedded Web Server, click Settings > Security > Security Audit Log. 2 Do one or more of the following: Activate security audit logging Select Enable Audit. Configure transmission to a network syslog server This option lets you use both the remote syslog server and the internal logging. a Select Enable Remote Syslog. b Configure the Remote Syslog settings. • Remote Syslog Server-Type the IP address or host name of the server. • Remote Syslog Port-Type the port number used for the destination server. The default number is 514. • Remote Syslog Method-Select Normal UDP to send log messages and events using a lower‑priority transmission protocol. Otherwise, select Stunnel. • Remote Syslog Facility-Select a facility code for events logged to the destination server. All events sent from the device are tagged with the same code to aid in sorting and filtering by network monitor or intrusion detection software.