Manualshelf

HP Commercial LaserJet Printers and MFPs - Imaging and Printing Security Best Practices

ManualsBrandsHP ManualsPrinterHP LaserJet Pro 400 color Printer M451dn
81828384858687888990
Chapter 7 HP LaserJet and Color LaserJet MFP Security Checklist 82
Disable Incoming Mail. Some network solutions can send commands to the MFP via
email. If your network uses any of these solutions, you should enable Incoming mail.
Otherwise, disable it as a best practice. This setting does not affect any other use of the
MFP. With this setting configured, the MFPs will ignore all incoming emails.
Disable Cancel Job Button. The EWS provides a Cancel Job button that allows users to
cancel jobs that are pending in the queue. This includes canceling jobs sent by other users.
Thus, disabling the Cancel Job button removes the ability to cancel jobs remotely (and
anonymously); however, users will be able to cancel their own jobs from the printer driver
or from the control panel.
Disable Go Button. The Go button is the EWS Pause/Resume button, which enables
users to pause operations, such as print jobs, indefinitely. Disabling the Go button removes
it from the EWS preventing users from delaying jobs or even denying service to other
users; however, users will be able to pause or resume their own jobs from the print driver
or from the control panel.
Disable Command Invoke. Command Invoke is a legacy feature that does not apply to
the MFPs. Disabling it is good security practice to ensure that all possible access to it is
closed.
Disable Command Download. Command Download is a legacy feature that does not
apply to the MFPs. Disabling it is good security practice to ensure that all possible access
to it is closed
Disable Command Load and Execute. Command Load and Execute accommodates
add-on applications (Chailets), such as workflow programs and job accounting programs.
Disabling it stops the MFPs from running Chailets when it starts up. This function is called
Service Loading in the EWS. If your network uses Chailets, you should enable Command
Load and Execute. If not, you should disable it to prevent users from installing this type of
application.
You may wish to (turn off the MFPs and turn them on again (power cycle) after disabling
Command Load and execute. This will stop applications that may be already loaded and
running.
With this setting configured, the MFPs will ignore all add-on applications.
Disable Print Service. Print service allows users to send print-ready files such as PDF files
directly to MFPs for immediate printing. This feature is available to anyone who has access
to the EWS. Disabling it ensures that only users with the MFP Print driver installed can send
print jobs to the MFPs.
With Print Service disabled, the print options do not appear on the EWS.
File System Page Options
Configure File System External Access. The File System External Access settings shuts
down access to the MFP file system (storage devices and configuration settings) through
protocols and ports. They eliminate access from various types of management tools. HP
recommends shutting down all unused access to the file system. See the ramifications for each
protocol below.