HP JetAdvantage Security Manager 10 Device E-LTU Manual de usuario descargar pdf (Pagina 5)

INTRODUCTION

HP JetAdvantage Security Manager offers a wide variety of security related settings and remediates

them on devices to keep the devices in compliance with company security policies. This document

describes the various security settings that can be added to policies in Security Manager and why

they are important for securing a fleet.

As technology improves, malicious users may target MFPs and other network peripherals to misuse

resources or to gain access to networks or the internet. The Microsoft STRIDE model provides an

explanation of typical threats many of the Security Manager policy settings can prevent:

 Spoofing identity

 Tampering with data

 Repudiation

 Information disclosure

 Denial of service

 Elevation of privilege

Spoofing Identity

Spoofing identity is masquerading as someone else to fool others or to obtain unauthorized access.

Examples include:

 Placing another person's email address in the From address field of an email message.

 Using another person's email credentials to log in to the email server to gain access to

 address books

 Using another person's email credentials to have free use of an email service

 Using another person's email credentials to view that person’s email messages

 Using another person's log on credentials for access to use devices or networks

 Using another person's log on credentials for administrative access to devices

You can minimize the risks from identity spoofing in the following ways:

 Protect the From Address field in the Digital Sending and Fax configurations

 Protect disk access

 Configure authentication

 Configure the administrator password

 Configure SNMPv3

Tampering with Data

Tampering with data can include any method of changing, destroying, or adding to information that

is flowing to or from a device or stored on it. Examples include:

 Canceling another person's job

 Intercepting a print job before it reaches the device, altering it, and sending it on to the

device

 Intercepting remote configuration data to get passwords and other information

You can minimize the risks from data tampering in the following ways:

 Disable Cancel Job button

 Disable Go (Pause) button

 Configure SNMPv3

 Prevent unnecessary remote access: close down all unused ports and protocols

 Configure HTTPS for EWS access

1 2 3 4 5 6 7 8 9 10 ... 115 116

Comentarios a estos manuales

Sin comentarios

HP JetAdvantage Security Manager 10 Device E-LTU Manual de usuario Pagina 5

Comentarios a estos manuales

Relacionado con productos y manuales para No HP JetAdvantage Security Manager 10 Device E-LTU