Xerox 701P46740 manual Secure Print, Micr mode, Ssl, Nfs

Page 33

Network

Required

Protocol

 

 

 

FTP

Access the server via FTP and/or submit jobs from a DigiPath/

 

FreeFlow client via the Digipath/FreeFlow Print Manager. This

 

service (ftpd) is shutdown when Xerox FreeFlow Print Server

 

security is set to high. In FreeFlow v2.0, the client has the ability

 

to use secure FTP (sFTP) when Xerox FreeFlow Print Server

 

security is set to high and FTP is not available. Connections

 

can also be filtered using the IP Filter feature under Setup ->

 

Security Profiles -> <Any Profile> -> RPC tab.

 

 

SSL

Required when using the TLS/SSL security feature and/or a

 

FreeFlow 2.0+ client with Xerox FreeFlow Print Server security

 

is set to high. Connections can also be filtered using the IP

 

Filter feature under Setup -> IP Filter.

 

 

NFS

Necessary when using NFS mounted directories. This service

 

is disabled when Xerox FreeFlow Print Server security is set to

 

high. Connections can also be filtered using the IP Filter feature

 

under Setup -> Security Profiles -> <Any Profile> -> RPC tab.

 

 

 

NOTE: The IP Filtering (Setup->IP Filter) feature can also help in

 

limiting access to the server. This is the Xerox FreeFlow Print

 

Server's GUI interface to the SunScreen Lite firewall that is part of

 

the Solaris 8 Operating System. This feature allows the user to

 

limit the number of clients who are allowed to access the server

 

via services such as LPR, IPP, HTTP, HTTPS, SMB Printing, and

 

FTP. By default, the firewall is disabled (all ports open), but can be

 

enabled to either only allow specified connections (by IP address,

 

IP address range, or subnet mask) or to close all ports. For DRW

 

clients, this mechanism exists under System Preferences ->

 

Remote Workflow -> "Enable Specified Connections".

 

NOTE: FreeFlow® v2.0 and newer allows users to select whether

 

or not the Xerox FreeFlow Print Server server they connecting to

 

will have high security enabled. If so, the client will use other

 

communication paths such as sIPP (via SSL) for job submissions

 

and sFTP for decomposition services (NetAgent).

Secure Print

MICR mode

The MICR mode disables all Xerox FreeFlow Print Server features that allow additional prints to be produced (such as Sample Print, Reposition Output, etc.).

Security Guide

29

Image 33
Contents Security Guide USA Table of contents Table of contents Contents About this guideConventions Customer support System supplied security profiles SecurityFTP CD-ROMBSM Enable and disable servicesS40LLC2 S72AUTOINSTALLS47ASPPP S70UUCPS17HCLNFS.DAEMON S15NFS.SERVERS76SNMPDX S77DMISecurity Guide Security Guide User level changes Multicast routing disabled Disabling secure name service databasesSolaris file permissions OS and host information hiddenRemote CDE login disabled Executable stacks disabledXerox FreeFlow Print Server router capabilities disabled Sendmail daemon securedEnable-ftp and disable-ftp Remote shell internet serviceSecurity warning banners Disabling LP anonymous printingAccount management Setting the current and default profilesCreating user-defined profiles Local users and groupsDefault user groups and user accounts Creating user accounts Group authorizationCDS MED CD-ROMAuto-Logon Password security Default Screen/Auto-LogoffHow to Enable/Disable Strong Password Strong PasswordsGUI Logging Audit LogsDate/Time User Login/Logout Accessing the Xerox FreeFlow Print Server through ADSChanging individual passwords User Activity on the SystemIP Filtering Limiting accessUsing the Print Server SSL/TLS Security Feature Secure Socket LayerRemote Workflow Isgw Creating and Using a Self-Signed CertificateSecurity Guide Digital Certificates Network ProtocolIPP HttpSnmp WinsSecure Print Micr modeSSL NFSRoles and responsibilities Prevent Unauthorized Queue ChangesQueue Lock Xerox responsibilitiesCustomer Responsibilities Security tipsOnline Help for security Virus Scan