Lexmark MX931 Security White Paper - Page 51

Automated Certificate Management, Enabling or disabling the PrintCryption-Native Solution

Get Lexmark MX931 PDF manuals and user guides View all Lexmark MX931 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 51 highlights

Solutions 51 PrintCryption 2.0 supports: • Two levels of encryption: standard (128-bit AES) and enhanced (256-bit AES) • HMAC-SHA256 job digests appended to payload to verify that payload has not been modified (prevent tampering) • RSA-2048 public key encryption (encrypts AES and HMAC (Hashing for Message Authentication Code) keys) Solution Reference Lexmark UPD (Universal Print Driver) v3.0.0.0 and later Specifically for Microsoft Windows operating system only. Refer toLexmark UPD PrintCryption 2.0 eSF application (82S1217) Refer to, Lexmark Cloud Package Builder Site PrintCryption - Native in firmware FW8.1 or above Enabling or disabling the PrintCryption-Native Solution 1 From the Embedded Web Server, click Network/Ports. 2 Click TCP/IP > TCP Port Access. 3 Select TCP 9198 (PrintCryption). Automated Certificate Management Markvision Enterprise - Automated Certificate Management Certificates are used when you want the printer to establish a TLS, IPsec, or 802.1x connection and to identify other devices on the network securely. Printers can also use these certificates for LDAP over TLS authentication and address book lookups. Certificate Authorities (CA) are trusted locations established on the network that are required in secure environments. Otherwise, the default printer certificate is used to identify devices on the network. With Markvision Enterprise, you can easily manage device configurations on a fleet of network printers, scalable to thousands of devices. Intuitive features such as managing firmware and settings, custom table views or exports, specified-time firmware updates and automatic certificate management make it easier than ever to ensure security compliance across the enterprise. MVE supports the following Certificate Management environments • Enrollment over Secure Transport protocol (EST)-The EST protocol is defined in RFC 7030 and standardizes an authenticated request and response exchange process with the CA, making it more secure, faster, and easier for IT teams to deploy certificates on systems and devices than manually communicating the required information. MVE supports the following EST authentication modes: - Client Certificate Authentication - Username and Password Authentication

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
PrintCryption 2.0 supports:
Two levels of encryption: standard (128-bit AES) and enhanced (256-bit AES)
HMAC-SHA256 job digests appended to payload to verify that payload has not been modified (prevent
tampering)
RSA-2048 public key encryption (encrypts AES and HMAC (Hashing for Message Authentication Code) keys)
Solution
Reference
Lexmark UPD (Universal Print Driver) v3.0.0.0 and later
Specifically for Microsoft Windows operating system only.
Refer to
Lexmark UPD
PrintCryption 2.0 eSF application (82S1217)
Refer to,
Lexmark Cloud Package Builder Site
PrintCryption – Native in firmware
FW8.1 or above
Enabling or disabling the PrintCryption-Native Solution
1
From the Embedded Web Server, click
Network/Ports
.
2
Click
TCP/IP
>
TCP Port Access
.
3
Select
TCP 9198 (PrintCryption)
.
Automated Certificate Management
Markvision Enterprise - Automated Certificate Management
Certificates are used when you want the printer to establish a TLS, IPsec, or 802.1x connection and to identify
other devices on the network securely. Printers can also use these certificates for LDAP over TLS authentication
and address book lookups.
Certificate Authorities (CA) are trusted locations established on the network that are required in secure
environments. Otherwise, the default printer certificate is used to identify devices on the network. With
Markvision Enterprise, you can easily manage device configurations on a fleet of network printers, scalable to
thousands of devices. Intuitive features such as managing firmware and settings, custom table views or exports,
specified-time firmware updates and automatic certificate management make it easier than ever to ensure
security compliance across the enterprise.
MVE supports the following Certificate Management environments
Enrollment over Secure Transport protocol (EST)
—The EST protocol is defined in RFC 7030 and
standardizes an authenticated request and response exchange process with the CA, making it more secure,
faster, and easier for IT teams to deploy certificates on systems and devices than manually communicating
the required information.
MVE supports the following EST authentication modes:
Client Certificate Authentication
Username and Password Authentication
Solutions
51