Supporting IPSec

Internet Protocol Security (IPSec) provides authentication and encryption at the network layer allowing all application and network connections over the IP protocol to be secure. IPSec can be set up between the printer and up to five hosts, using both IPv4 and IPv6.

To configure IPSec using the Embedded Web Server:

1Open a Web browser. In the address bar, type the IP address of the printer or print server to be protected using the format: http://ip_address.

2Click Configuration.

3Under Other Settings, click Network/Ports.

4Click IPSec.

IPSec supports two types of authentication:

Shared Key Authentication—Authenticates any ASCII phrase shared among all participating host computers. This is the easiest way to configure when only a few host computers on the network use IPSec.

Certificate Authentication—Authenticates any host computer or subnet of hosts for IPSec. Each host computer must have a public/private key pair. Validate Peer Certificate is enabled by default, requiring each host to have a signed authority certificate that is installed. Each host must have its identifier in the Subject Alternate Name field of the signed certificate.

Note: After a printer is configured for IPSec with a host, IPSec is required for any IP communications to take place.

Supporting SNMPv3

Simple Network Management Protocol version 3 (SNMPv3) allows for encrypted and authenticated network connections. It also lets a system support person select the desired level of security. Prior to use, at least one user name and password must be assigned from the settings page.

To configure SNMPv3 through the Embedded Web Server:

1Open a Web browser. In the address bar, type the IP address of the printer or print server to be protected using the format: http://ip_address/.

2Click Configuration.

3Under Other Settings, click Network/Ports.

4Click SNMP.

SNMPv3 authentication and encryption has three levels of support:

No authentication and no encryption

Authentication with no encryption

Authentication and encryption

Using 802.1x authentication

802.1x authentication allows the printer to join networks that require authentication before allowing access. 802.1x port authentication can be used with the WPA (Wi-Fi Protected Access) feature of wireless printers or print servers to provide WPA-Enterprise security support.

Support for 802.1x requires the establishment of credentials for the printer, such as certificates. Certificates provide a way for the printer to be known to the Authentication Server (AS). The AS allows network access to wireless printers or print servers presenting a valid set of credentials. You can manage the credentials by using the Embedded Web Server.

145

Page 145
Image 145
Lexmark C935 manual Supporting IPSec, Supporting SNMPv3, Using 802.1x authentication, 145