To clear the entire access control list, clear all Save check boxes, and then click Apply.

Mgmt. Protocols

Use this item to access the management communications and other protocols that affect security.

Web Mgmt.

Use this tab to manage communications with the HP Embedded Web Server from Web browsers.

Secure, encrypted Web-based communication is provided through the HTTPS protocol. If configured to require HTTPS, the HP Embedded Web Server routes HTTPS communications through port 443, the well known port for HTTPS traffic. Although ports 80, 280, or 631 continue for IPP use, other non- secure communications, such as HTTP, are redirected to HTTPS. Redirection of your browser to use HTTPS can be transparent depending on your browser's capabilities.

NOTE: IPP is not supported on value-based print servers.

By factory default, HP Jetdirect print servers and printers with IPsec support require HTTPS.

Although not recommended, you can allow non-secure HTTPS and HTTP communications by clearing the Encrypt All Web Communication check box.

To support the use of HTTPS communications, you must install an HP Jetdirect certificate. A factory default, self-signed certificate is installed for initial use. Click the Configure button to update the installed certificate, or to install a new one. For more information, see Configure certificates

on page 94.

The minimum encryption strength allowed must be specified when using an HP Jetdirect certificate. Select Low (default), Medium, or High encryption strength. For example, select Low to allow use of medium or high encryption levels. Select High to use only high encryption levels.

For each encryption strength, specify ciphers to identify the weakest cipher allowed.

NOTE: Cipher suites support different levels of encryption strength. The cipher suites currently supported for encryption and decryption are data encryption standard (DES, 56-bit), RC4 (40-bit or 128-bit), and 3DES (168-bit).

Enter the Web session Timeout in minutes. This is the maximum amount of a time that a user can be idle before automatic logout occurs.

SNMP

Use this tab to enable or disable SNMP v1, v2c and v3 agents on the print server, depending on the print server model. For a description of SNMP selections, see Table 4-12SNMP tab settings

on page 84.

SNMP v3

Full-featured HP Jetdirect print servers include an SNMP v3 agent for enhanced SNMP security. The SNMP v3 agent employs a user-based security model for SNMP v3 (RFC 2574), which features user authentication and data privacy through encryption.

The SNMP v3 agent is enabled when you create an initial SNMP v3 account on the print server. Once created, any properly configured SNMP management application can access or disable the account.

98 Chapter 4 HP Embedded Web Server (V.45.xx.nn.xx)

ENWW