Lexmark CX735 Security White Paper - Page 54
CAC/PIV and SIPRNet Card (Authentication), Overview, Details
View all Lexmark CX735 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 54 highlights
Solutions 54 CAC/PIV and SIPRNet Card (Authentication) Overview The Common Access Card (CAC) and Personal Identity Verification (PIV) authentication solution provides safe workflow processes for more control over the security of networked Lexmark MFPs in federal government operations. The solution also supports SIPR tokens to provide access over the Secret Internet Protocol Router Network. Lexmark is partnering with 90Meter to use the benefits of smart card security. By embedding the solution directly into the Lexmark device firmware, users experience as much security at the printer or MFP, as at their own workstation. The 90Meter solution delivers advanced document encryption, cryptographic signature functionality and authoritative use of identity credentials. The solution also meets the federal governments requirement for two-factor authentication and facilitates the use of public key infrastructure (PKI) authentication tools. Lexmark is partnering with 90Meter to leverage the benefits of smart card security • Solution is embedded in firmware • Users experience the same level of security at the printer or MFP as at their own workstation • Ensures ongoing compatibility with SIPR tokens • Fulfills the latest government security mandates including FIPS 140-2 and FIPS‑201. • The 90Meter solution delivers advanced document encryption, cryptographic signature functionality and authoritative use of identity credentials • Simultaneously supports multiple cardtypes Benefits Some of the benefits of CAC/PIV/SIPRNet authentication include • Delivers flexible and easy configuration function for administrators • Holds confidential print jobs until released by an authorized recipient • Validates a card through Active Directory or Online Certificate Status Protocol (OCSP) for Tumbleweed or CoreStreet Details The Lexmark solution ensures that only authorized employees can access the network through its devices, giving government agencies another option for enhanced network security protection. Users cannot initiate workflow processes at locked devices without first inserting a CAC or SIPRNet card and obtaining authentication. Because the user's identification is associated with all functions initiated while the CAC or SIPRNet card is in the reader, an audit trail can also be created to track user activity. Using the user's credentials from a CAC or SIPRNet card enhances the Scan to E-mail workflow by providing a more secure, personalized experience. E-mail addresses can be found without the need for a service account. Outgoing e-mail is addressed with the user's account information, eliminating anonymous e-mail. S or MIME support is available for enhanced security and privacy. CAC or SIPRNet credentials can be used to log in to an exchange server through SMTP to validate user authorization before sending e-mail. The Lexmark CAC or SIPRNet solution has a rich set of customization capabilities so that only authorized users have access to specific workflows. Global restrictions can be set up so that all users can print jobs and copy and fax normally without CAC or SIPRNet authentication, requiring only authentication for scanning and other network functions. Users can also be organized by Active Directory groups so that function access is available only to those who are authorized.