Lexmark MX718 Embedded Web Server--Security: Administrator s Guide - Page 58
Scenario: More security-aware environment (802.1X) and SNMPv3
View all Lexmark MX718 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 58 highlights
Security scenarios 58 Assign security templates to access controls 1 From the Embedded Web Server, click Settings > Security > Security Setup > Access Controls. 2 Select the newly created security template for each function you want to protect. 3 Click Submit. Note: Users are required to enter the appropriate credentials in order to gain access to any function controlled by the security template. Scenario: More security‑aware environment (802.1X) and SNMPv3 In this scenario, the network uses 802.1X communication to restrict network access, and secure LDAP to enforce authentication and authorization for access of device functions. Also, device access is logged and the device is remotely managed using SNMPv3. 1 Load a CA certificate for the authority you want into the device. For more information, see "Installing a Certificate Authority certificate on the device" on page 24. 2 Create the CA‑signed device certificate and load it into the device. For more information, see "Configuring the device for certificate information" on page 25. 3 Set up a secure a connection using the 802.1X authentication. Make sure that the usage of 802.1X is specified in the CA‑signed certificate. For more information, see "Configuring 802.1X authentication" on page 39. 4 To allow remote management of SNMPv3, enable SNMPv3, and then disable SNMPv1,2. For more information, see "Setting up SNMP" on page 30. Note: Specify the user credentials for Read/Write and optionally Read/Only users. We recommend setting the authentication level to Authentication, Privacy. 5 Configure audit logging. For more information, see "Configuring security audit log settings" on page 31. Remote system log for events can be specified by identifying the syslog server and selecting the appropriate settings. We recommend specifying an e‑mail address for the administrator and selectingn the events to be e‑mailed. 6 Set up secure LDAP authentication and authorization. For more information, see "Using LDAP" on page 15. Note: Specify the LDAP setup name, server address, port, and other appropriate settings. To enhance security, use a TLS or SSL/TLS connection. 7 Create one or more security templates using the LDAP building block, and then assign them to the appropriate access controls. For more information, see "Using a security template to control function access" on page 20. Scenario: Network‑based usage restrictions using access card Note: Before your begin, make sure that the Smart Card Authentication bundle is installed.