Manualshelf

Multifunction Peripheral (MFP) Security for Enterprise Environments

ManualsBrandsHP ManualsDesktopsHP LaserJet 4101 Multifunction Printer
12345678910
MFP Security White Paper
4
Encryption of network transmitted data stored on the disk is available using the JetCAP SecureDIMM II
accessory module. The SecureDIMM II module secures the print job from the printing client to the MFP’s
internal printing engine. While the print job is retained on the hard disk, it remains encrypted.
Unless otherwise specified, print job data is deleted from the disk at the completion of the print job. Multiple
mechanisms are supported for the erasure of disk drive data:
Sanitized Erase: Conforms to the DoD 5220-22m specification for deletion of magnetically stored
data. Using multiple data writes to eliminate trace magnetic data, Sanitized Erase
prevents subsequent analysis of the HDD’s physical platters for the retrieval of data.
Secure Erase: Provides greater performance, overwriting the existing data once, and preventing
software-based “undelete” operations to the data.
Fast Erase: Provides the greatest performance, flagging the print job as deleted, and allowing
the MFP’s operating system to reclaim and subsequently overwrite the data when
needed.
MFP Management Security
Management Interfaces and Protocols
HP MFP’s support a variety of management interfaces, including Web Jetadmin, SNMP, the Embedded Web
Server (EWS) Management Interface (HTTP), Telnet, FTP, DHCP, and BOOTP.
The choice of which management interface used is normally based on the complexity of the deployed
environment. For environments with many devices, Web Jetadmin allows the centralized management of all of
the devices. In environments where few devices are deployed, an administrator may choose to manage each
device individually through the device’s Embedded Web Server Management Interface.
The management interfaces may be separated into three categories, based on the security capabilities of their
underlying protocols. Web Jetadmin using SNMPv3 and the Embedded Web Server using HTTPS (TLS/SSL)
provide the highest level of security, supporting encryption and access controls, and are the recommended
interfaces. Interfaces using SNMPv2, HTTP, Telnet, and FTP, provide access control, however do not provide
encryption. DHCP and BOOTP provide neither access control nor encryption.
Interface Protocol
High Security [access control and encryption]
Web Jetadmin SNMPv3
Embedded Web Server HTTPS - TLS/SSL
Medium Security [access control only]
Web Jetadmin SNMPv2
Embedded Web Server HTTP
Telnet
No Security
BOOTP, DHCP
Out-of-Box Security
Enabling security out of the box, and as an integral part of the MFP installation and configuration, ensures
subsequent secure operation. Providing privacy of communications for the initial configuration also ensures
that security credentials are not “leaked” and captured by network sniffers.