HP Web Jetadmin Software Enabled, Enabled, Disabled, Kerberos, CAUTION:, Kerberos, Disabled, Information, Information, Information, FIPS-140Mode, Mgmt Protocol, Mgmt Protocol

To configure this option, select the encryption strength from the list.

EWS Information Protection

Use this option to enable or disable protection for the Information tab on the device Embedded Web Server (EWS) page.

If the Enabled option is selected and an EWS password is configured on the device, users cannot access the Information tab on the EWS without logging in with the EWS device password.

If the Disabled option is selected and an EWS password is configured on the device, users can access the Information tab without logging in with the EWS device password. To access all the other tabs on the EWS page, users must log in with the EWS password.

FIPS-140 Mode

Use this option to enable or disable the Federal Information Processing Standard (FIPS) mode on the device. FIPS mode enforces the use of cryptographic suites and protocols that comply with the FIPS-140 standards for computer security. FIPS supports the following protocols for the configuration options on the device:

●SNMP Version Access Control configuration option: SHA-1 authentication protocol and AES-128 privacy protocol

●Kerberos setting on the IPsec/Firewall Policy configuration option: AES128-SHA1 and AES256-SHA1 protocols

●Upload Jetdirect Certificate configuration option: Certificates that are signed by using SHA-1 or later

●Upload CA Certificate configuration option: Certificates that are signed by using SHA-1 or later

●Mgmt Protocol configuration option: TLS 1.2, TLS 1.1, or TLS 1.0

Enable FIPS mode

▲Select the Enabled option.

CAUTION: The enable configuration fails if the following non-FIPS protocols are configured on the device:

●SNMP Version Access Control configuration option: MD5 authentication protocol and DES privacy protocol

●Kerberos setting on the IPsec/Firewall Policy configuration option: DES-CBC-MD5 algorithm

●Upload Jetdirect Certificate configuration option: Certificates that are signed by using MD5 or earlier (MD2 or MD4)

●Upload CA Certificate configuration option: Certificate that are signed by using MD5 or earlier (MD2 or MD4)

●Mgmt Protocol configuration option: SSL 3.0 or earlier

Disable FIPS mode

▲Select the Disabled option.

Get Community Name

The Get Community Name password can be set to prevent unauthorized people from using SNMP utilities to access a device and get the device settings.

ENWW	Device Configuration Options for Security 361