Table 6-1Summary of HP Jetdirect security features (continued)

Restrict access to HP Jetdirect configuration parameters by setting the administrator password. The password is required by Telnet (IPv4), HP Web Jetadmin (IPv4), and the HP Embedded Web Server.

Use up to 16 alphanumeric characters.

Set the password using TFTP (IPv4), Telnet (IPv4), the HP Embedded Web Server services, or HP Web Jetadmin (IPv4).

Synchronize as the SNMP Set Community Name used in HP Web Jetadmin (IPv4) SNMP v1/v2c Set commands, if configured through the HP Embedded Web Server.

Cleared by cold reset of the print server to factory default settings.

IPv4 Access Control List

NOTE: The Firewall feature provides improved security and can be used in place of the IPv4 ACL.

Specify up to 10 IPv4 host systems, or IPv4 networks of host systems, that are allowed access to the HP Jetdirect print server and the attached network device. (If the list is empty, then all hosts are allowed access.)

Access is generally limited to host systems specified in the list.

Host systems that use HTTP, such as the HP Embedded Web Server or IPP, are not checked against entries in the access list and are allowed access. However, you can disable HTTP host access using the HP Embedded Web Server.

Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), the HP Embedded Web Server, or SNMP (IPv4) management software.

Telnet Control

Telnet (IPv4) access is not secure. You can disable Telnet using the HP Embedded Web Server (see HP Embedded Web Server (V.45.xx.nn.xx) on page 63).

Authentication and Encryption

Certificate management for X.509v3 digital certificates is provided through the HP Embedded Web Server, for both client- based and server-based authentication. A self-signed HP Jetdirect certificate is pre-installed, which can be replaced. On full- featured print servers, a CA certificate can also be installed.

IPv4/IPv6 SNMP v1/v2c Set Community Name (IP/IPX)

(SNMP v1/v2c only)

A password on the HP Jetdirect print server that allows incoming SNMP Set commands to write (or set) HP Jetdirect configuration parameters.

SNMP Set commands must contain the user-assigned community name, which is authenticated by the print server before the command is performed.

On IP networks, you can restrict authentication of SNMP Set commands to systems on the ACL.

Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), the HP Embedded Web Server, or Management application services.

SNMP v1/v2c uses plain text, which you can disable.

IPv4/IPv6 SNMP v3

122 Chapter 6 Security features (V.45.xx.nn.xx)

ENWW