Hp Jetdirect Overview - HP J3111A - JetDirect 600N Network Card Manuallines

one of the first print servers to widely implement security protocols such as SSL/TLS, SNMPv3,
802.1X, and IPsec.
If you are new to security and secure configurations, it is important to remember that 'security' is a
process. Today's security configurations and protocols that are thought to be unbreakable for the
next few years may in fact be broken later today. At one extreme, the best security available for
imaging and printing devices is to never unpack them once you buy them. At the other extreme, the
worst security available is unboxing them, powering them up, getting a configuration page to find the
IP address, adding them to your desktop computer system or printer spooler, and then forgetting
about them. Does that last part sound like your printing and imaging security strategy?
One of the challenges HP Jetdirect has in terms of security is actually the result of being "plug-n-play"
and reliable. As we will find out, "plug-n-play" and "security" often do not belong in the same
sentence. Hundreds of thousands, and perhaps a few million HP Jetdirect products have been in use
for years and have never had their firmware updated or their configuration changed. In today's
increasingly security focused environment, we know that this is not a sound practice for maintaining
the proper operation of an infrastructure, regardless of the type of device in question.

HP Jetdirect Overview

Years ago, the world networked printers by connecting them via parallel ports or serial ports to
computers called spoolers. These spoolers then shared the printers via networking protocols such as
LPD to clients on the network. The length limits of serial and parallel based cables prohibited printers
from moving too far from the spoolers.
The incredible print quality of the HP LaserJet printers compared to other technologies at the time
fueled an unprecedented growth in the printing industry. The complexity and capability of printers
increased and the need to connect to a spooler in order to share printers became a burden. HP
Jetdirect was designed to allow users to share printers on the network without the need of direct
attachment to a spooler. While migrating to networking printers, the goal was to have the same ease
of use as a directly connected printer. HP Jetdirect would automatically initialize all protocols to the
best of its ability in order to allow users to print to Jetdirect immediately. Popular HP tools, such as
Jetadmin, simplified configuration of HP Jetdirect devices by taking advantage of proprietary
protocols as well as well-known default security settings.
At the time HP Jetdirect was introduced, there was a variety of competition in the market place
regarding protocol suites and networking infrastructure. Protocol suites such as AppleTalk, DLC/LLC,
and IPX/SPX were deployed widely and had as much market share as TCP/IP. In addition, Token-
Ring, FDDI, LocalTalk, ATM, and other ways of transporting frames had been adopted (or hyped)
almost as much as Ethernet. During this growth period in network printing, functionality within HP
Jetdirect was designed to promote 'Ease-of-Use', to reduce support calls, and to provide a rich
customer experience regardless of the protocol or networking infrastructure they were using. In short,
HP Jetdirect was designed to be "plug-n-play" on the network and behave as if the printer was
directly connected to your PC.
Fast forwarding to the present, we have clear winners in intranet networking connectivity: TCP/IP
and Ethernet. An 'Ease of Use' design criterion now has an arch nemesis: 'Security'. Customers are
starting to ask how to deploy printing and imaging devices securely rather than how to deploy them
as fast and painlessly as possible.
2