) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Configuring Security for Multiple LaserJet MFPs and Color LaserJet MFPs Version 4.0 Checklist Details (Checklist Revisions)
NOTE
This is not the current revision of this Checklist, view the current revision.
Supporting Resources:
Target:
| Target | CPE Name |
|---|---|
| HP Color Laserjet 4730 MFP | cpe:/h:hp:color_laserjet_4730_mfp (View CVEs) |
| HP Color Laserjet 9500 MFP | cpe:/h:hp:color_laserjet_9500_mfp (View CVEs) |
| HP LaserJet 4345 MFP | cpe:/h:hp:laserjet_4345_mfp (View CVEs) |
| HP Laserjet 9040 MFP | cpe:/h:hp:laserjet_9040_mfp (View CVEs) |
| HP Laserjet 9050 MFP | cpe:/h:hp:laserjet_9050_mfp (View CVEs) |
| HP Laserjet m3027 MFP | cpe:/h:hp:laserjet_m3027_mfp (View CVEs) |
| HP Laserjet m3035 MFP | cpe:/h:hp:laserjet_m3035_mfp (View CVEs) |
| HP Laserjet m4345 MFP | cpe:/h:hp:laserjet_m4345_mfp (View CVEs) |
| HP Laserjet m5025 MFP | cpe:/h:hp:laserjet_m5025_mfp (View CVEs) |
| HP Laserjet m5035 MFP | cpe:/h:hp:laserjet_m5035_mfp (View CVEs) |
Checklist Highlights
- Checklist Name:
- Configuring Security for Multiple LaserJet MFPs and Color LaserJet MFPs
- Checklist ID:
- 128
- Version:
- Version 4.0
- Type:
- Compliance
- Review Status:
- Candidate
- Authority:
- Software Vendor: HP
- Original Publication Date:
- 06/19/2007
Checklist Summary:
This checklist provides instructions to configure HP LaserJet and Color LaserJet MFPs with all reasonable security related settings. The checklist relies on HP Web Jetadmin Peripheral Management Software for most of the settings. The checklist assumes that readers are trained in standard network administrative practices. This checklist includes an introduction and an explanation of known types of threats that relate to MFPs. It follows with instructions on configuring security-related settings as the main body of the document. Later chapters include a bulleted list of the checklist settings, a table listing the default state of each setting, a chapter explaining the ramifications of the settings, and some notes about physical security. The appendix is a list of terms with explanations. HP requires this configuration to consider HP LaserJet and Color LaserJet MFPs configured for security however, HP does not guarantee or warrant that this checklist provides assurance that MFPs are resistant to network security compromises. Administrators should use the checklist as a reference toward best practices to improve overall security.
Checklist Role:
- Multi-Functional Peripherals
Known Issues:
The settings recommended in this checklist do not apply to all HP MFP models. They also do not apply to all networks. Use this checklist as a reference toward best known security practices, but choose settings that work best in your network environment. These settings should be configured in the order in which they appear in the checklist. Many of the settings depend on other settings for proper configuration. These settings should be configured on one MFP model at a time. This checklist covers a large number of settings that become complicated as they go on. Configuring multiple models at the same time increases the complications and can cause failures in some settings. However, HP Web Jetadmin can configure an unlimited number of individual MFPs of the same model.
Target Audience:
This checklist is for administrators who use Web Jetadmin to configure MFPs on enterprise networks. Administrators should be familiar with general standards and practices for using HP MFPs or printers connected via HP Jetdirect. Administrators should also have access to MFP and Web Jetadmin user guides and MFP product user guides. These guides are available online by searching for them by product at hp.com.
Target Operational Environment:
- Managed
Testing Information:
HP tested these settings on systems that meet the descriptions in the checklist Assumptions section. Testing included the following: 1. Start with a variety of HP MFP reset to factory default settings and connected to a TCP/IP network with LDAP, DHCP, DNS, WINS, and standard network hardware. 2. Install the latest version of HP Web Jetadmin available at hp.com onto a network-connected PC. 3. Update Web Jetadmin with the latest service packs and plug ins found at hp.com. 4. Upgrade MFP firmware and Jetdirect firmware to the latest versions available at hp.com 5. Follow the checklist instructions in the order they appear, and configure all recommended settings. 6. Log into one of each model of MFP on the MFP control panel, and make a copy. 7. Log into one of each model of MFP on the MFP control panel, and send a document to email. 8. Log into one of each model of MFP and send a fax. 9. Send a print job to one of each model of MFP from a network PC.
Regulatory Compliance:
None noted.
Comments/Warnings/Miscellaneous:
This checklist provides instructions to configure HP LaserJet and Color LaserJet MFPs for security in enterprise networks. Although many of the recommended settings are applicable to smaller networks and even to other MFPs or printers, this checklist does not expressly cover them. Administrators should be qualified and trained IT professionals who understand the implications of these settings and configure their networks accordingly. The recommended configurations in this checklist are known to be compatible only on TCP/IP networks with PCs and hardware necessary to have a network. Administrators should test their networks after configuring. Use the test procedure in the Testing Information section. The configurations recommended in this checklist are known to be compatible only when executed in the order in which they appear in the checklist. Many of these settings can cause some network applications, management tools, and services to lose access. Consider each setting as it relates to your network. See the Ramifications section for more information.
Disclaimer:
HP makes no claim that using this checklist prevents or inhibits misuse or attacks on networks or on HP products. Use this checklist at your own risk as a reference toward best security practices.
Product Support:
This checklist is provided only as a complimentary guide to known best practices for increasing MFP security. HP does not claim or warrant that these configurations prevent misuse of MFPs or networks or that they prevent malicious attacks on MFPs or networks. As technology improves, malicious people (hackers) continue to find new ways to exploit networks. Hackers are beginning to target MFPs and other network peripherals to misuse resources or to gain access to networks or to the internet. Predicting the actions of a hacker is difficult, but HP is dedicated to research in this area. You should continue to be aware and always remain vigilant. Use other techniques with this checklist to help ensure that your network is resistant to compromise. Use of this checklist does not void the product warrantee however, HP does not accept responsibility for networking issues. If your MFP malfunctions due to configurations recommended in this checklist, contact HP Customer Care. You can find contact information for HP Customer Care by searching for it at hp.com.
Point of Contact:
Contact Jon Huber with review comments or questions at the following address:jont.huber@hp.com
Sponsor:
Not provided.
Licensing:
This checklist is property of the Hewlett Packard Company. Copyrighted 2007. It is distributed through the NIST checklist program free of charge however, no person is authorized to alter, publish, or change any part of the checklist without express written permission from HP.
Change History:
Dependency/Requirements:
| URL | Description |
|---|
References:
| Reference URL | Description |
|---|
NIST checklist record last modified on 11/09/2010
* This checklist is still undergoing review for inclusion into the NCP.