HP Designjets and HP Security Features

HP Designjets and HP Security Features
HP Designjets and HP Security Features
Overview and solutions for managing Security features in HP Designjets using the
printers Embedded Web Server technology, Front Panel and Web Jetadmin
Table of contents
Introduction & Overview ....................................................................................................................... 2 Designjet Security features vs LaserJet ..................................................................................................... 4 Appendix: Security Concepts explanation ............................................................................................... 4 Secure file and disk erase ................................................................................................................. 4 Embedded Web Server (EWS) multilevel access ...................................................................................... 7 Control panel Access ......................................................................................................................... 10 Deadlock: Front Panel locked + EWS password forgotten ....................................................................... 12 Disable connectivity interfaces ............................................................................................................. 13 Exclude personal information from accounting e-mail ............................................................................. 14 Glossary ........................................................................................................................................... 15 For more information .......................................................................................................................... 17 Introduction & Overview
This document is aimed at providing an overview of the security features supported by HP
Designjet printers as of November 2009.
HP Designjets are well suited to being deployed into environments where network, data, access
control and security are everyday issues thanks to the security features explained below.
Below is an executive table summarizing the new and already existing security features of HP
Designjet printers and how they can be implemented using the Embedded Web Server and/or
HP Web Jetadmin.
Security Feature by
November 09
DJ Z6100/
Z6100PS
DJ T1100/
DJ T1120/
T1100PS
T1120PS
Secure File erase
Yes
Yes
Yes
Secure disk erase
Yes
Yes
Control panel Access
Yes
DJ 4000/
DJ 4020/
4500
4520
How To Apply
this setting
Yes
Yes
Yes
WJA
Yes
Yes
Yes
Yes
Yes
No
No
Yes
Yes
Yes
Admin pwd
only
Embedded Web Server
multilevel access passwords
Admin and Guest
Yes
Exclude personal
information from
accounting e-mail
Yes
Yes
Disable interfaces
Yes
IPSec
SNMPv3
Hide IP address from Front
Panel
DJ Z2100
Z3100/Z3100PS
Z3200/Z3200PS
Service Menu
Or WJA
WJA
WJA (Admin
only) or EWS
(Admin &
Guest)
Admin pwd
only
Yes
Yes
Yes
No
Yes
Yes
EWS
Yes
No
No
Yes
Yes
EWS
With JetDirect
635n
With JetDirect
635n
With JetDirect
635n
With JetDirect
635n
With JetDirect
635n
With JetDirect
635n
Yes
Yes
No
No
Yes
Yes
(Guest Future)
Service Menu
Security Feature by
November 09
T610
T620
T770
T770 HDV
T1200
T1200
PostScript
How To Apply
this setting
Secure File erase
Yes
Yes
Yes
Yes
Yes
Yes
WJA
Secure disk erase
No
No
No
Yes
Yes
Yes
Control panel Access
No
No
No
No
Yes
Yes
WJA or EWS
Service Menu
Or WJA
Embedded Web Server
multilevel access passwords
Admin and Guest
No
No
No
No
Yes
Yes
WJA (Admin
only) or EWS
(Admin &
Guest)
Exclude personal
information from
accounting e-mail
No
No
Yes
Yes
Yes
Yes
EWS
Disable interfaces
No
No
No
No
Yes
Yes
EWS
With JetDirect
635n
With JetDirect
635n
With JetDirect
635n
With JetDirect
635n
Yes
Yes
Yes
No
No
No
Yes
Yes
IPSec
SNMPv3
Hide IP address from Front
Panel
Note: If the printer is not listed in the above table then these features are not implemented
Service Menu
Designjet Security features vs LaserJet
HP LaserJet printers have some security features not yet available in HP Designjet printers.
As a brief comparison, please find the comparison between HP LJ 9050 series and HP DJ 4020 series. In
the appendix we explain what each security feature is.
Security Feature
LJ 9050
DJ 4020
Authentication Manager
Yes
No
Control panel Access
Yes
Yes
Device Password
Yes
Yes
Direct Connect Ports (USB/IEEE 1284)
Yes
Yes
File erase mode
Yes
Yes
File system access settings
Yes
No
File system password
Yes
No
Job Held Timeout
Yes
No
Job Retention
Yes
No
PJL Password
Yes
No
Remote FW upgrade
Yes
Yes
When comparing HP Designjets to competitive products in a more secure environment such as an Enterprise customers look for these feature sets to compare Appendix: Security Concepts explanation
Secure file and disk erase
Secure File Erase can be divided in 3 parts:
1. File erase allowing printer working mode of continuous removal of files in a non-secure and
secure manner
2. Disk erase allowing a complete removal of all user data in HDD content
3. The user Interface providing access to the secure erase functionality
Let’s look at how each of these features can be used in a secure manner within our printing environment.
1. File Erase
There are three modes of operation regarding File Erase; this means that each file that the printer creates
and removes follows a specification, so minimal data is left at any time without being sanitized:
I.
Non-Secure Fast Erase: In this mode, all file pointers to the data (table indexes) are erased.
Temporary data remains on the Hard Disk Drive until the disk space it occupies is needed for
other purposes, and it is then overwritten. This is the default mode (out of the box) of
operation and how the product works today. This is the fastest mode of operation.
II.
Secure Fast Erase: In this mode of operation, file pointers are erased and the disk space
where the temporary job was stored is also overwritten with a fixed character pattern. This
mode of operation is slower than Non-Secure Fast Erase, but more secure and all data is
overwritten!
III.
Secure Sanitizing Erase: In this mode of operation, file pointers are erased and the disk
space where the temporary job was stored is repetitively overwritten using an algorithm that
prevents any residual data. This mode of operation may affect product performance. The
Secure Sanitizing Erase mode of operation meets the US Department of Defense 5220-22.m
requirements for clearing and sanitization of disk media. When SDE feature is enable, all
temporary files that might contain sensitive data are erased with this method and no
temporary files are left around after a job has completed (scan, copy, or print).
2. Secure Disk Erase
There’s also the option to delete the complete disk in either of the two secure methods commented
above, (Secure Fast Erase and Secure Sanitizing Erase) this will sanitize the whole disk in one shot by
removing any user data in a secure manner so the device can be moved out from a safe to a non
safe environment.
This setting can be done via Web Jetadmin or the Front Panel “Service Menu” by an HP authorized
engineer or by contacting HP Support directly with a request to access.
All disk erasing will be done via the same level of security erase. The Secure Disk Erase feature is
already implemented for these printers:
o HP Designjet Z3100/Z3200
o HP Designjet Z6100
o HP Designjet T1100
o HP Designjet T1120
o HP Designjet T770 HDV
o HP Designjet T1200/T1200 PostScript
o HP Designjet 4000/4500
o HP Designjet 4020/4520
3. User Interface
We will discuss how to set these options using two user interfaces: HP Web Jetadmin and the printers
Front Panel “Service Menu”.

HP Web Jetadmin access: When the user interface used to manage Secure File Erase and
Secure Disk Erase functionality is HP Web Jetadmin, we use the same SFE/SDE functionality
that is used in the WJA device plug-ins for LaserJet printers, this means that you can set the
same global options for SFE/SDE across your fleet of HP LaserJet’s and HP Designjets. The
example below shows the T1100ps being configured using WJA
Secure File Erase:
Secure Disk Erase:
Note: the file system password needs to be set for a device before the file erase/disk erase mode can be
configured.

Printer Front Panel: Once selected in the “Service Menu” you can perform Secure Disk Erase,
The printer will warn you that it is a process which destroys all data and takes a long time,
when you accept the printer starts the process and shows a progress bar until complete, all
data will be wiped in one of the two selectable methods and the printer firmware will be
restored.
Note: the T1200 series now has an optional accessory for added disk security, an external HDD to
replace the printer's internal hard disk as a repository of personal data storage (job queue, including
temporal processing data, accounting,..). In that way, the EHD could be removed from the printer to store
it in a secure place.
Embedded Web Server (EWS) multilevel access
The Embedded Web Server is a tool which enables one to one management of a device such as an HP
LaserJet printer or an HP Designjet printer, however without any security being implemented this tool can
also be damaging as many features can be configured using just a web browser and an IP connection to
the printer. To alleviate this problem we have implemented two levels of access to our compatible HP
Designjets as follows.
The Security page allows users to:
‐
‐
‐
Restrict access to the printer by setting an administrator user account
We can now define two levels of access: Administrator and Guest
If the two levels of access have been set, and the user has neither of the passwords they will
not be able to gain access to EWS information at all. See below
Administrator password
Access control is enabled by setting the Admin account password: that is, by specifying a password for
the user account Admin. Users will then have to provide the Admin password in order to perform any of
the following restricted operations:
‐
‐
‐
‐
‐
‐
‐
‐
See below
Cancel, delete or preview a job in the job queue
Delete a stored job
Clear accounting information
Change the printer settings on the Device Setup page
Update the printer's firmware
Change the printer's date and time
Change security settings
View protected printer information pages
Guest password
Once the administrator user account has been set, the administrator can also set the guest account
password: that is, by specifying a password for the user account Guest.
If the guest user account is set, a username and password are required for all Web server operations:
users identified as guests have access to restricted operations, whilst users identified as administrators
have access to all operations.
Control panel Access
The control panel access is a feature intended for IT administrators that allow them to lock the device front
panel using HP Web Jetadmin or the printers Embedded Web Server (T1200 series only), preventing
unauthorized users from accessing it and changing the printer’s settings. Administrators can specify the
level of access as follows:
‐
Unlock
‐
Minimum Lock
‐
Moderate Lock
‐
Intermediate Lock
‐
Maximum Lock
This option can be enabled from HP Web Jet Admin as shown below:
Picture below: Control Panel Access feature settings.
This option can be enabled from the T1200 series Embedded Web Server as shown below:
Options Below:
Maximum
Intermediate
Moderate
Minimum
Retrieve job
Information
Paper handling
OK
OK
OK
OK
----OK
OK
OK
--------OK
OK
Configure
Designjet
------------OK
Diagnostics
------------OK
Maximum Lock - This option denies access to all options.
Intermediate Lock - This option denies access to the paper and ink supplies handling options,
maintenance options and demo prints, on top of the Moderate Lock. Only viewing printer and supplies
information is allowed.
Moderate Lock - This option denies access to all printer settings, the job queue, information and service
prints and the printer log, on top of the Minimum Lock.
Minimum Lock - This option denies access to the Resets options, Enable/Disable connectivity options
and the Service menu.
Note: with Moderate or Maximum lock set you will not be able to load/unload paper or replace
printheads/ink cartridges without first unlocking the front panel, and so these options should only be set
in specific circumstances where the implications are known and understood.
Some printers like T1100 Series will also allow controlling the Front Panel Access from the Embedded
Web Server.
When the Control Panel is locked, locked menus show a ‘lock’ symbol in the FP. If a user makes an
attempt to enter in a ‘lock’ menu entry, the following message is shown:
Deadlock: Front Panel locked + EWS password forgotten
The main implication from a Customer Support point of view is related to the management of situations
where a printer is blocked because of the loss of the Administrator’s Password that is needed to unblock
its Front Panel. This could happen if the Front Panel is locked through the printer’s Embedded Web Server
and the Administrative password in the EWS is lost. In this situation, it would not be possible to unblock
the FP from the EWS and it would not be possible to reset the EWS from the FP.
With HP Designjet Printers the solution will be to implement a menu option in the Diagnostic Boot Mode
accessible to users at start up.
Customer Support agents would be able to guide customers that have found themselves in a deadlock
situation to this menu in order to unlock the printer and recover from this situation.
Disable connectivity interfaces
Depending on the printer series, there are some ports that can be disabled to prevent unauthorized
printing and possible data theft:
Customers concerned about the data stream sent to the printer should use an HP JetDirect card which
implements the IPSec security standard (JetDirect 635n) install this card and then disable all other ports
using the printers EWS as shown below.
Here is a table showing the connectivity options that can be disabled.
HP DJ 4020 Series
HP DJ 4520 Series
HP DJ T1200 Series
HP DJ T1200 Series
‐
‐
‐
‐
On‐board Gigabit Ethernet 1394 FireWire On‐board Gigabit Ethernet USB If you enable or disable a connectivity option, the printer will automatically restart. Bear in mind that
disabling a connectivity option could cut off network access to the printer. As a security measure, you
cannot disable the connection you are using to access the Web server.
There is an option in the Service menu to enable all connectivity interfaces in case a user ends up without
connectivity due to an improper use of this feature.
Exclude personal information from accounting e-mail
You can enable or disable the printer to send an e-mail containing accounting information. If you enable
this setting, you have also to fill in the destination of the report using the Send accounting files to setting.
Please note that you also have to configure the e-mail server on the Setup page.
In some cases customers prefer not to send personal user data from the printers via email and so the
option Exclude personal information from accounting e-mail is now available in the Embedded
Webserver, accounting e-mails will not contain personal information (user name, job name, account ID
will be left blank in the accounting file sent by email from the printer).
Typically this option is used for managed print or pay-per-use contracts to ensure that only the data
(counters) relevant for billing are being sent by the printer. Personal information about who printed which
file is not required for billing purposes, and can be excluded from the accounting email. This personal
information is typically used for cost allocation within a company.
Supported printers:
T1100, T1120, Z6100, 4020/4520, 4000/4500, T770, T1200 Series
Glossary
Active Directory (AD): An advanced, hierarchical directory service that comes with Microsoft
Windows servers (version 2000 or later). It is LDAP-compliant and built on the domain naming
system (DNS) used on the Internet. Workgroups are given domain names, exactly like Web
sites, and any LDAP-compliant client – such as Windows, Mac, or Unix – can gain access.
Adobe PostScript: Developed by Adobe, this is the standard page description language (PDL)
for the graphics arts industry and commercial printing. Many printing devices support PostScript
with a built-in PostScript interpreter.
Color Access Control: Settings to determine which users and/or applications are allowed to
print in color.
Domain Naming System (DNS): Converts host names and domain names into IP addresses on
the Internet or on local networks that use the TCP/IP protocol.
Embedded Web Server (EWS): The EWS resides on a hardware device (such as an HP
Designjet) or in the printer firmware. The EWS allows you to review, configure, and change
settings on an HP Designjet after inputting an IP address into a Web browser from your
computer.
HP Web Jetadmin: Web-based fleet management software tool for remote installation,
configuration, problem resolution, proactive management, and reporting.
IP multicast: A one-to-many transmission of data over an IP network.
Multicast DNS (mDNS): Also known as Bonjour or Rendezvous, mDNS uses IP multicast with
DNS to provide the capabilities of a DNS server for service discovery in a small network that
does not have a DNS server.
Simple Network Management Protocol (SNMP): This is a network monitoring and control
protocol.
Subnet: A logical division of a local area network, which is created to improve performance
and provide security. A subnet limits the number of nodes that compete for bandwidth.
IPSec
Internet Protocol Security (IPsec) is a suite of protocols for securing Internet Protocol (IP)
communications by authenticating and encrypting each IP packet of a data stream. IPsec also
includes protocols for establishing mutual authentication between agents at the beginning of the
session and negotiation of cryptographic keys to be used during the session.
In our case, IPsec is used to protect data flows between the host and the printer.
SNMPv3
SNMP (Simple Network Management protocol) allows users to manage the printer using SNMP
management tools, such as HP Web JetAdmin. SNMP is also the protocol for communicating
the printer with the Windows driver. SNMPv3 provides security through user authentication and
data encryption.
Hide IP address from front Panel
Option in the Service Utilities menu of the front panel to show/not show the Internet Protocol (IP)
address of your printer. In that way, only registered users or network administrations will know
the right address to submit jobs to the printer
Device Password (LJ feature)
This is equivalent to designjet’s web server password. It helps protect the printer from
unauthorized access through remote applications.
PJL Password (LJ feature)
The PJL password feature helps protect the printer from unauthorized configurations through
Print Job Language (PJL) commands. It does not affect ordinary print jobs. Once the PJL
password is configured, the MFP requires it before it will process any of these commands.
File System Password (LJ feature)
The File System Password feature helps protect the printer data storage system options from
unauthorized access. With the File System password configured, the printer requires the
password before it will allow configurations to features that affect the data storage system.
Some of these features are the Secure disk erase mode, the Secure Storage Erase feature, and
the File System Access options.
File System Access settings (LJ feature)
File system access settings: The File System Access options allow users to completely disable
many of the access points to the printer data storage system. These access points are for
various types of usage for the printer. The options are:
PJL disk access
SNMP disk access
NFS disk access
PS disk access
HP recommends enabling PS Disk Access to allows users to print PS-type files, and disable the
rest
Remote Firmware Upgrade (LJ feature)
This service allows an administrator to use a custom application to upgrade the printer’s
firmware remotely. Since HP recommends using HP Web Jetadmin to upgrade MFP firmware,
you should disable Remote Firmware Upgrade.
Job Retention (LJ feature)
This feature provides job retention options such as private job and hold job. Users will be able
to ensure that they are present during printing to provide privacy for documents in the printer
output bins.
Job Held Timeout (LJ feature)
This feature is part of the Job Retention feature. It limits a held job to the selected time, and
then the printer deletes it. You should select a reasonable timeout value for this setting to allow
enough time for a user to walk to the printer to print a job or to allow time for jobs to print in
line at the queue.
Authentication Manager (LJ feature)
The Authentication Manager allows administrators to secure Device Functions by requiring
users to log in with a specific Log In Method for each Function. For example, users may be
required to log in with an Access Code or PIN to make copies yet be required to log in with a
username and password to send e-mails.
Log In Methods
The following Log In Methods are available with the latest device firmware upgrade:
Group 1 PIN: Requires users to input a numeric code for access when at the control panel of
the device. The numeric code entered by the walk up user is compared to the first of two PINs
stored on the device by the Administrator. When the PIN is entered correctly, the user can
proceed.
Group 2 PIN: Requires users to input a numeric code for access when at the control panel of
the device. The numeric code is compared to the second of two PINs stored on the device by
the Administrator.
LDAP: Lightweight Directory Access Protocol, Requires users to input a username and password
that are verified by an LDAP server.
HP Digital Send Service (if available): Also known as DSS. Requires users to enter credentials
that are verified by the HP Digital Send Service software. (HP Digital Send Service software
must be available to use this Log In Method. If no DSS server is associated with this device,
walk-up users will not be required to authenticate before using the device.)
Kerberos: Requires users to enter a username and password to be verified by a Windows
Server.
For more information
About HP: www.hp.com/go/designjet
© 2009 Hewlett-Packard Development Company, L.P. The information
contained herein is subject to change without notice. The only
warranties for HP products and services are set forth in the express
warranty statements accompanying such products and services.
Nothing herein should be construed as constituting an additional
warranty. HP shall not be liable for technical or editorial errors or
omissions contained herein.
Adobe™ and PostScript™ are trademarks of Adobe Systems Incorporated, which may be
registered in certain jurisdictions.
Windows® is a U.S. registered trademark of Microsoft Corporation.
Microsoft® is a U.S. registered trademark of Microsoft Corporation.
April 2009
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising