HP JetAdvantage Security Manager 10 Device E-LTU Manual de usuario descargar pdf (Pagina 7)

 Close unused ports and protocols

 Disable controls such as the Job Cancel button and the Go button

 Enable the resume feature to allow the device to resume operations after an error state

 Configure Job Timeout

 Control physical access to the device

 Lock physical access to removable hardware

Elevation of Privilege

Elevation of privilege is any method of upgrading authorized access to include unauthorized access.

This can be any of the following:

 Non-administrators changing settings to get administrator privileges

 Unauthorized use of management software to provide access for other unauthorized users

 Using management software to bypass job accounting functions

Here are some methods of minimizing opportunities for elevation of privilege:

 Configure the administrator (device) password

 Configure SNMPv3 and HTTPS

 Lock the control panel

SOLUTIONS

Care should be exercised when creating security policies if third party solutions are installed on the

devices. It is possible that certain security settings can disrupt the operation of any solutions that may

be installed on devices. See the solution documentation to determine whether policy changes are

required to accommodate specific functionality.

Testing a small number of devices in a sandbox or test environment when solutions are present on

devices is highly recommended before applying settings to a fleet as undesired behavior may occur

with certain settings on certain solutions. Solutions may fail to install/operate or potentially even

worse behavior can occur on devices when some settings are applied to devices with solutions

present.

For example, solutions that have been tested on HP printers may potentially require the following

settings in order to either install or run the solutions:

- DNS server configured

- SNMP GET Community Name (Read Community Name) required for installation and

configuration

- EWS password required for installation and configuration

- Command Load & Execute enabled

- PJL Access Commands enabled

- Remote Firmware Updates enabled

- Allow PJL Access enabled

- PJL Password not set

- Legacy Firmware Upgrades enabled (Current versions of firmware are signed with the SHA-

256 hashing algorithm. Enabling this option allows installation of legacy firmware signed

with the less secure SHA-1 algorithm)

- Control Panel Timeout set to 60s

Testing of several common solutions against the policy below (a modified Base policy) yielded the

following results:

1 2 3 4 5 6 7 8 9 10 11 12 ... 115 116

Comentarios a estos manuales

Sin comentarios

HP JetAdvantage Security Manager 10 Device E-LTU Manual de usuario Pagina 7

Comentarios a estos manuales

Relacionado con productos y manuales para No HP JetAdvantage Security Manager 10 Device E-LTU