Manualshelf

HP Commercial LaserJet Printers and MFPs - Imaging and Printing Security Best Practices

ManualsBrandsHP ManualsPrinterHP LaserJet Pro 400 color Printer M451dn
71727374757677787980
Chapter 7 HP LaserJet and Color LaserJet MFP Security Checklist 76
Disabling SNMPv1 disables SNMPv1 GET and SNMPv2 SET commands. Any solution or
software that requires SNMPv1 or SNMPv2 will not function. If you require these to be
enabled be sure to set the community name to something that would be difficult to guess.
Device Page Settings
Set I/O Timeout to End Print Job. The I/O Timeout to End Print Job allows you to specify
the amount of time a device should wait between packets before canceling a job. Setting this
timeout will help prevent jobs formed or sent incorrectly from tying up a print resource. If you
are on a busy network or spool large jobs real time that may cause packet gap set this setting
high enough to accommodate your environment.
Enable Job Hold Timeout. Job Hold Timeout is related to the Job Retention setting below.
It permanently deletes stored jobs (except fax) that are held past the allowed time. This ensures
that the stored jobs are not accessible after a time, and it ensures that the hard drive is cleared
periodically.
Job Hold Timeout requires that users are mindful of their print jobs. They will not be able to
recover jobs that are deleted after the timeout period. Jobs are deleted securely according to
the Secure File Erase setting (appears later in this checklist).
Enable Job Retention. Job Retention is a feature of the MFP that saves fax or print jobs on
the hard drive for printing when the user is present. The security implication is that a user can
be sure others will not be able to see the printed documents. For printing, a user sets the PIN at
the time of sending the print job to the MFP. For fax printing, the PIN is configured for all
incoming jobs using Web Jetadmin. The MFP will require the PIN number at the control panel
before it will print the job.
Configuring Job Retention enables more efficient use of the MFP hard drive. Thus, you should
configure Job Hold Timeout and other related settings.
NOTE:
Stored faxes are not affected by the Job Hold Timeout.
Network Page Options
Configure Enable Features options (do not disable EWS Config at this point). These
options enable or disable various supported features for the MFP. These features are designed
for access and convenience on the network, but they should be disabled when not in use
(sometimes only for best-practice control of the networking capabilities). The following list
explains the ramifications of each feature:
Disable Telnet Config. Telnet Config is an access point used by some older (legacy)
printer management tools. Jetdirect also supports some Telnet commands. Telnet Config
transmits data in clear text, and it should not be used. With it disabled, MFPs will deny
access to Telnet sessions.
Web Jetadmin does not use Telnet Config; thus disabling it has no affect on it. It disables
other tools, but Web Jetadmin is the only solution recommended for managing HP MFPs.