Summary of HP Jetdirect Security Features 2 | HP J7949E instruction

Table 7.1 Summary of HP Jetdirect Security Features (2 of 3)

IP Access Control List

●Specifies up to 10 host systems, or networks of host systems, that are allowed access to the HP Jetdirect print server and the attached network device.

●Access is generally limited to host systems specified in the list.

●By factory default, host systems that use HTTP (for example, using the embedded Web server or IPP) are not checked against entries in the Access List and are allowed access. However, HTTP host access can be disabled through the embedded Web server.

●If the list is empty, then all hosts are allowed access.

●Configured on the HP Jetdirect print server using TFTP (Chapter 3), Telnet (Chapter 3), embedded Web server (Chapter 4), or management software.

Telnet Control

●Telnet may be disabled through the embedded Web server (see Chapter 4). Telnet access is not secure.

EAP/802.1X Authentication

●Certificate management for X.509 digital certificates is provided through the embedded Web server, for both client-based and server-based authentication. (Installed certificates are limited to 3KB. A single Certificate Authority (CA) certificate may be installed.)

ENWW	Security Features 161

Image 161

HP J7949E Summary of HP Jetdirect Security Features 2, IP Access Control List, Telnet Control, EAP/802.1X Authentication

Contents

HP Jetdirect Administrator’s Guide HP Jetdirect Embedded Print Server Copyright Hewlett-Packard Development Company, L.P Table of Contents Troubleshooting the HP Jetdirect Print Server Security FeaturesHP Jetdirect Configuration FTP Printing Network Connection Product Number and Firmware Version Identification Supported Network Protocols Supported Network ProtocolsNetwork Printing Environments Protocols Snmp IP and IPX Security Protocols EAP/802.1X Server-Based Authentication AuthenticationHP Support HP Online Support Firmware Installation Tools Firmware Upgrades HP Support By Phone Product Registration Operating Environment Function Remarks HP Software Solutions Summary IntroductionSoftware Solutions 1 HP-UX Software Solutions 2TCP/IP, IPX/SPX 2003 Ndps Software Solutions 3Installation HP Jetdirect-connected Printers into Ndps Requirements HP Install Network Printer Wizard WindowsHP Jetdirect Printer Installer for System Requirements HP Web Jetadmin Verifying Installation and Providing Access Installing HP Web JetadminConfiguring and Modifying a Device Removing HP Web Jetadmin Software HP-Supplied Software Internet Printer Connection Software HP Software System Requirements Microsoft Supplied SoftwareHP Software Supported Proxies Windows 2000/XP/Server 2003 Integrated Software Embedded print server with IP address Novell Supplied SoftwareWindows Me IPP Client HP IP/IPX Printer Gateway for Ndps Features To Get the Software HP LaserJet Utilities for Mac OS Installing the Printer Software Running the HP LaserJet Utility Configuring the PrinterVerifying Network Configuration Renaming the Printer Selecting Your Printer Selecting a Zone Set Background Printing to on or OFF If your printer is the only name listedDialog box, you must still select it. Your printer Testing the Configuration Server-Based and Manual TCP/IP Configuration TCP/IP Configuration Introduction Default IP Address Will Be Assigned Default IP AddressDefault IP Address Will Not Be Assigned Default IP Parameter Options Default IP Address Configuration Options Dhcp Requests Enable/Disable TCP/IP Configuration Tools Linux and Unix systems For more information Using BOOTP/TFTP Systems That Use Network Information Service NIS Why Use BOOTP/TFTP?BOOTP/TFTP on Unix HP recommends that the Bootp server be located Configuring the Bootp ServerBootp broadcast packets may not be Properly configured Tags Supported in a BOOTP/DHCP Boot file 1 Bootptab File Entries Description Tags Supported in a BOOTP/DHCP Boot file 22132 Option Lease-time Tags Supported in a BOOTP/DHCP Boot file 3 Tags Supported in a BOOTP/DHCP Boot file 4 Tftp Configuration File Entries2132 Option T149 T150 TCP/IP Configuration List of Supported Tftp Commands 1 Other Settings List of Supported Tftp Commands 2AppleTalk Support Tftp Configuration File Parameters 1 Tftp Configuration File Parameters 2 Tftp Configuration File Parameters 3 Allow netnum mask Tftp Configuration File Parameters 4 Tftp Configuration File Parameters 5 Tftp Configuration File Parameters 6 Tftp Configuration File Parameters 7 Tftp Configuration File Parameters 8 Tftp Configuration File Parameters 9 Tftp Configuration File Parameters 10 Using Dhcp Windows Systems Unix Systems Windows NT 4.0 Server TCP/IP Configuration TCP/IP Configuration TCP/IP Configuration NetWare Systems To Discontinue Dhcp Configuration If you choose to re-enable a Dhcp configuration Using Rarp If your system uses Network Information Service Using the arp and ping Commands Once the IP address has been set on the print server Creating a Telnet Connection Using Telnet Route add 192.0.0.192 Route add Jetdirect IP Address system IP Address Typical Telnet Session User Interface Options Command Line Interface Default User Control Commands Telnet Commands and Parameters 1 TCP/IP Main Command Description Telnet Commands and Parameters 2 Telnet Commands and Parameters 3 TCP/IP LPD Queues Command Description Telnet Commands and Parameters 4TCP/IP Print Options Command Description TTCP/IP Other Command Description Telnet Commands and Parameters 5Command Description Telnet Commands and Parameters 6 Telnet Commands and Parameters 7 Telnet Commands and Parameters 8 TCP/IP Diagnostics Command Description Telnet Commands and Parameters 9 Snmp Traps Command Description Telnet Commands and Parameters 10 Telnet Commands and Parameters 11 AppleTalk Command Description Telnet Commands and Parameters 12 Other Command Description Telnet Commands and Parameters 13Support Command Description 10FULL, 10HALF Menu Interface Example Using the Menu Interface Using Telnet to Erase the Existing IP Settings Using the Embedded Web Server Using the Printer Control Panel Moving to Another Network Embedded Web Server Networking Tab Using the Embedded Web Server Introduction Requirements Supported HP Web Jetadmin VersionCompatible Web Browsers Browser Exceptions Entering the IP Address Viewing the Embedded Web Server Operating Notes Networking Tab Network Settings Manual, or Auto IP TCP/IP Settings 1 TTL/SLP TCP/IP Settings 2 BOOTP/DHCP TCP/IP Settings 3 IPX/SPX Settings 1 To disable NDS support, leave this field blank IPX/SPX Settings 2Also accept marketing.mytown.lj Toner Low Notification if received from the printer, AppleTalk AppleTalk SettingsBe followed by a number to indicate that it is a duplicate Available zones Snmp Snmp Settings 1 Snmp Settings 2 Other SettingsSnmp v1/v2c is disabled, some port monitors or discovery Utilities may not operate properly Miscellaneous Settings 1 Misc. Settings Miscellaneous Settings 2 Miscellaneous Settings 3 Miscellaneous Settings 4 Then click Upgrade Firmware LPD Queues Firmware Upgrade LPD Queue Parameters 1 LPD Queue Parameters 2 Value LPD Queue Parameters 3 Refresh Rate Support Info Settings Privacy SettingsSelect Language Status Wizard Restore Defaults Security Level Description Wizard Security Levels 1 Wizard Security Levels 2 Admin. Account Authorization Certificates Using the Embedded Web Server Certificate Configuration Screens 1 Configuring CertificatesCertificate Options Choose from the options listed Install Certificate Certificate Configuration Screens 2Export the Jetdirect certificate and private key Certificate Validity Common Name. Required Certificate Configuration Screens 3 Import Certificate and Private Key Certificate Configuration Screens 4Install Certificate, or Install CA Certificate Access Control IP Address Mask Description Examples. See the table of sample entries below Web Mgmt Mgmt. Protocols Cipher suites support different levels of encryption Other Protocols 1 Other If enabled checked, the print server will send Enable DeviceOther Protocols 2 Multicast IPv4 10 802.1X Configuration Settings 802.1x Authentication CA certificate must be issued by the Certificate Authority Match checkbox is enabledWho signed the authentication server’s certificate To configure or install a CA certificate, click Configure Protocol Info ConfigurationNetwork Statistics Other Links HP Web JetadminHelp Support LPD on Unix Systems Configuring for LPD Printing Introduction Program Name Purpose of Program About LPDLPD Programs and Protocols Setting Up IP Parameters LPD Setup OverviewRequirements for Configuring LPD Supported Queue Names Setting Up Print QueuesPrinting a Test File Example Printcap Entries for Ascii or Text Printers Configuring Print Queues for BSD-based SystemsLPD on Unix Systems Configuring for LPD Printing Configuring Print Queues Using SAM HP-UX systems For HP-UX systems, substitute lp -dfor lpr -P LPD on Windows NT/2000/Server 2003 Systems Installing TCP/IP Software Configuring for LPD Printing Add LPR compatible printer window Select and enable Other Network File and Print Services Configuring for LPD Printing Click Add Port Configuring a Network Printer for Windows NT 4.0 Systems LPD on Windows XP Systems Verifying the ConfigurationPrinting from Windows Clients Adding Windows Optional Networking Components Adding a New LPD Printer Configuring a Network LPD Printer Select OK Select Close and OK to close the Properties box Assigning an IP Address LPD on Mac OS Systems Chapter Setting Up Mac OS FTP Printing Introduction FTP Connections Using FTP PrintingPrint Files Data Connection Control Connection FTP Login Example FTP Login Ending the FTP Session CommandsUser Commands for HP Jetdirect FTP Server 1 User Commands for HP Jetdirect FTP Server 2 This is an example of a typical FTP printing session Example of an FTP Session Security Features Introduction IP Administrator Password Summary of HP Jetdirect Security Features 1Secure Embedded Web Server Management Network Protocol Control IP Access Control List Summary of HP Jetdirect Security Features 2EAP/802.1X Authentication Telnet Control HP Web Jetadmin Password and Profiles Summary of HP Jetdirect Security Features 3Snmp v1/v2c Set Community Name IP/IPX Snmp Settings for Access Control Using Security FeaturesSettings Level of Access Control Low High Troubleshooting the HP Jetdirect Print Server Introduction HP LaserJet Printer with Embedded Print Server Resetting to Factory Defaults Troubleshooting Chart Assessing the Problem General Troubleshooting Procedure 1 Verifying that the Printer is On and Online Procedure 2 Printing an HP Jetdirect Configuration Procedure 3 Resolving Printer Display Error Messages Troubleshooting the HP Jetdirect Print Server Connector has indicator lights to Troubleshooting the HP Jetdirect Print Server Telnet IP address port Troubleshooting an LPD Unix Configuration HP-UXenable qname Status Field Error Messages HP Jetdirect Configuration Introduction Typical Jetdirect Configuration Configuration Page Format IPX/SPX Section Name Description HP Jetdirect Configuration/General Information Configuration Page MessagesHP Jetdirect Configuration 1 Message Description HP Jetdirect Configuration 2 Security Settings 1 Security Settings Security Settings 2 Network Statistics TCP/IP Protocol Information TCP/IP Configuration Information 1Host Name IP Address TCP/IP Configuration Information 2 TCP/IP Configuration Information 3 WEB Jetadmin URL TCP/IP Configuration Information 4 IPX/SPX Protocol Information IPX/SPX Configuration Information 1Primary Frame Type IPX/SPX Configuration Information 2 Novell NetWare Parameters Novell NetWare Configuration Information 1 Attached Server Novell NetWare Configuration Information 2Queue Poll Interval AppleTalk Protocol Information AppleTalk Configuration Information Disabled Indicates that DLC/LLC was manually disabled DLC/LLC Configuration InformationDLC/LLC Protocol Information Indicates the current DLC/LLC protocol status Error Code Description Message Error MessagesError Messages 1 Error Messages 2 Error Messages 3 Error Messages 4 Error Messages 5 Error Messages 6 Error Messages 7 Error Messages 8 Error Messages 9 Error Messages 10 Internet Protocol IP TCP/IP Overview Introduction User Datagram Protocol UDP IP AddressTransmission Control Protocol TCP IP Address Host Portion IP Address Network Portion IP Address Structure and Class Table A.2 Network Class CharacteristicsTable A.1 IP Address Class Format Class First Address Second Third Address Fourth Byte Dynamic Host Configuration Protocol Dhcp Configuring IP Parameters Subnet Mask Subnets Syslog Server Default GatewayGateways Table A.4 HP Jetdirect Syslog Parameters Messages are disabledSyslog Server Is not restricted TCP/IP Overview Parameter Descriptions HP Jetdirect Control Panel Menu Introduction Table B.1 HP Jetdirect Control Panel Menu 1 Menu Item Options Description of settings Table B.1 HP Jetdirect Control Panel Menu 2 SettingsManual Primary DNS Table B.1 HP Jetdirect Control Panel Menu 3 Table B.1 HP Jetdirect Control Panel Menu 4 Configuration Ping Test Table B.1 HP Jetdirect Control Panel Menu 5 Ping Results Table B.1 HP Jetdirect Control Panel Menu 6 Table B.1 HP Jetdirect Control Panel Menu 7 ResetSecurity Link Speed OpenSSL License OpenSSL Statements Original SSLeay License ARP Duplicate IP Address Index Index ERR Negotiating Buffer Size Https NDS Authentication Error Connection State Error Network Frame Type Rcvd Unix LPD Unable to Attach to Queue 199 Connect Dhcp Server 2004 Hewlett-Packard Development Company, L.P English