Lexmark MS517 Embedded Web Server--Security: Administrator s Guide - Page 59
CA Certificate Monitoring, Authentication, Privacy, Smart Card Authentication, Administrator's Guide
View all Lexmark MS517 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 59 highlights
Security scenarios 59 In this scenario, the network uses an Active Directory environment. A SIPR access card and a password are used for device authentication and authorization. Device access is audited and the device is remotely managed using SNMPv3. All ports except the HTTPS (443) port and the SNMPv3 port are blocked. 1 Configure the Active Directory domain. For more information, see "Connecting your printer to an Active Directory domain" on page 13. Make sure to specify the following: • Domain name • User ID • Password Note: Make sure to enable CA Certificate Monitoring. 2 Specify an LDAP building block and security template, and then configure CA certificate monitoring. For more information, see "Setting up a Certificate Authority certificate monitor" on page 27. 3 Configure the Smart Card Authentication bundle. For more information, see Smart Card Authentication Administrator's Guide. Note: To secure access to all applications and printer functions on the home screen, configure Background and Idle Screen. For more information, see Background and Idle Screen Administrator's Guide. 4 To secure a network, restrict all network connections that are not used. For more information, see "Configuring the TCP/IP port access setting" on page 42. 5 To allow remote management of SNMPv3, enable SNMPv3, and then disable SNMPv1,2. For more information, see "Setting up SNMP" on page 30. Note: Specify the user credentials for Read/Write and optionally Read/Only users. It is recommended that authentication level is set to Authentication, Privacy. 6 Configure the audit logging. For more information, see "Configuring security audit log settings" on page 31. You can specify a remote system log for events by identifying the syslog server and selecting the appropriate settings. We recommend specifying an e‑mail address for the administrator and selecting the events to be e‑mailed. 7 Create one or more security templates using the LDAP building block, and then assign them to the appropriate access controls. For more information, see "Using a security template to control function access" on page 20.