HP JetAdvantage Security Manager 10 Device E-LTU Manual de usuario descargar pdf (Pagina 2)

OVERVIEW

Digital certificates are a primary foundation of security providing authentication and encryption

between two nodes. HP printers use certificates for authentication in a variety of use cases such as

IPPS, IPSEC, 802.1x, etc. Installing and managing certificates through a device’s embedded web

server (EWS) can be a tedious and time consuming venture for a fleet of devices. This document

explains the importance of certificates as they pertain to HP Jetdirect devices and how HP

JetAdvantage Security Manager (HPSM) provides an excellent avenue for managing certificates on a

fleet of devices.

WHAT IS A CERTIFICATE?

Certificates are used on HP printers to provide the following:

 Authentication/trust - verifies the identity of a recipient which ensures that information is only

available to the intended audience.

 Encryption - disguises information so that unauthorized readers are unable to decipher it.

The most common use of a digital certificate is to verify that a client sending a message is who it

claims to be, and to provide the receiver with the means to encode a reply. In cryptography, a public

key certificate (also known as a digital certificate or identity certificate) is an electronic document used

to prove ownership of a public key. The certificate includes information about the key, information

about its owner's identity, and the digital signature of an entity that has verified the certificate's

contents are correct. If the signature is valid, and the person examining the certificate trusts the signer,

then they know they can use that key to communicate with its owner.

CERTIFICATE USE CASES

Common use cases for certificates include:

 Self-signed certificates are a security audit failure.

 The deployment of a secure printing protocol / encrypted data with trusted destination (ex.

IPPS)

 The deployment of certificates as an 802.1x best practice. (ex. EAP-TLS)

 Using both the CA certificate and Jetdirect certificate for IPSec.

Some of these use cases involve one-way trust between client and server where the client must prove

its identity to a server in order to pass data. Others involve mutual authentication where a client

process must prove its identity to a server, and the server must prove its identity to the client, before

any application traffic is sent over the client-to-server connection.

SELF-SIGNED CERTIFICATES

By default, HP Jetdirect creates a “self-signed” certificate the first time it is powered on. This

certificate is not secure for identity purposes because it has not been signed by a trusted Certificate

Authority (CA). An important step in the security of a Jetdirect product is to replace the default self-

signed Identity certificate with one that has been signed by a trusted CA.

1 2 3 4 5 6 7 ... 30 31

Sin comentarios

HP JetAdvantage Security Manager 10 Device E-LTU Manual de usuario Pagina 2