Supporting ipsec (internet protocol security), Using secure mode – Lexmark C522 User Manual
Page 116
Setting security using the Embedded Web Server (EWS)
116
Administrative support
Supporting SNMPv3 (Simple Network Management Protocol version 3)
SNMPv3 protocol allows for encrypted and authenticated network communications. It also lets the administrator select a
desired level of security. Prior to use, at least one user name and password must be established from the settings page. To
configure for SNMPv3 through the Embedded Web Server of the printer:
1
Open the Web browser. In the address line, enter the IP address of the printer being configured using the format:
http://ip_address/.
2
Click Configuration.
3
Under Other Settings, click Network/Ports.
4
Click SNMP.
SNMPv3 authentication and encryption has three levels of support:
•
No authentication and no encryption
•
Authentication with no encryption
•
Authentication and encryption
Note: Only the selected level and higher may be used to communicate.
Supporting IPSec (Internet Protocol Security)
IP Security protocol provides authentication and encryption of communications at the network layer allowing all application
and network communications over the IP protocol to be secure. IPSec can be set up between the printer and up to five
hosts, using both IPv4 and IPv6. To configure IPSec through the Embedded Web Server:
1
Open the Web browser. In the address line, enter the IP address of the printer being configured using the format:
http://ip_address/.
2
Click Configuration.
3
Under Other Settings, click Network/Ports.
4
Click IPSec.
Two types of authentication are supported for IPSec:
•
Shared Key Authentication — Any ASCII phrase shared among all the participating hosts. This is the easiest
way to configure when only a few hosts on the network use IPSec.
•
Certificate Authentication — Allows any hosts or subnet of hosts to authenticate for IPSec. Each host must have
a public/private key pair. Validate Peer Certificate is enabled by default, requiring each host to have a signed
certificate and the certificate authority certificate must be installed. Each host must have its identifier in the Subject
Alternate Name of the signed certificate.
Note: After a device is configured for IPSec with a host, IPSec is required for any IP communication to take
place.
Using Secure mode
The TCP and UDP ports can be configured to one of three modes:
•
Disabled — Never allows network connections to this port
•
Secure and Unsecure — Allows the port to remain open, even in Secure mode
•
Unsecured Only — Allows the port to only open when the printer is not in Secure mode
Note: A password must be set to enable Secure mode. Once enabled, only the ports set to Secure and
Unsecure will be open.