Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Overview
Network options
Security options
Wireless options
Overview
This document provides information on the minimum security settings for the following printers on
the open internet:
HP is dedicated to providing the best and latest security information available for HP printers. This
checklist is intended to help you improve printer security, particularly for printers on networks open
to the public internet.
HP printers are shipped in an un-configured state, which allows the customer to more easily
configure the printer for their network environment. However, if the printer is not properly
configured, it might be vulnerable to intruder attacks. HP strongly recommends configuring minimum
security settings for all HP printers to eliminate the majority of security exposures.
For more information about configuring HP printers in network environments or for more maximum
security recommendations, go to one of the following documents:
Recommended settings
Settings can be configured via the printer's Embedded Web Server (EWS). To access the EWS, type
the printers IP address exactly as it appears on the Configuration Page in the browser url field (e.g.
12.34.567.89) and press Enter.
note:
Security settings can also be configured with HP Web JetAdmin software and/or HP JetAdvantage
Security Manager.
The following settings are recommendations based on printer usage in TCP/IP network environments
using IPPs for printing. Adjust the settings as needed depending on the requirements of your print
environment.
note:
Not all settings are available on all printers and the setting options will vary depending on the printer
model and firmware version installed, and therefore might be found on different tabs in the EWS.
Please refer to the User Guide for printer-specific configuration options.
Network options
Enable TCP/IP
Enable IPPs Printing
Disable 9100 Printing
Disable SLP Config
Disable LPD Printing
Disable Telnet Config
Disable FTP Printing
Disable WS-Discovery
Disable Web Services Print (unless currently in use)
Disable TFTP Configuration File
Add allowed IPv4 addresses for EWS and print to the Access Control List.
note:
If the printer is on the open internet and not configured to limit access to known IP
addresses, it is open for public access and potential abuse.
note:
Configure an SNMP community name and disable the default community name of Public.
Disable unused Protocol Stacks. HP recommends the following (unless currently in use):
o Disable IPX/SPX
o Disable DLC/LLC
o Disable AppleTalk/Bonjour
Security options
note:
This setting will need to be re-enabled anytime the printer firmware needs to be updated
remotely.
Wireless options