Authentication; Eap/802.1X Server-Based Authentication; Ipsec/Firewall - HP 630n - JetDirect Gigabit EN Print Server Administrator's Manual

Authentication

EAP/802.1X server-based authentication

As a network client, HP Jetdirect full-featured print servers support network use with the extensible
authentication protocol (EAP) on an IEEE 802.1X network. The IEEE 802.1X standard provides a port-
based authentication protocol where a network port allows or blocks use, depending on client
authentication results.
When using an 802.1X connection, the print server supports EAP with an authentication server, such
as a remote authentication dial-in user service (RADIUS, RFC 2138) server.
Full-featured HP Jetdirect print servers support the following EAP/802.1X methods:
● LEAP (lightweight EAP) is a proprietary Cisco Systems protocol that uses passwords for mutual
authentication (the client and the server authenticate each other).
●
PEAP (protected EAP) is a mutual authentication protocol that uses digital certificates for network
server authentication and passwords for client authentication. For additional security, the
authentication exchanges are encapsulated within transport layer security (TLS). Dynamic
encryption keys are used for secure communications.
●
EAP-TLS (RFC 2716) is a mutual authentication protocol based on X.509v3–compliant digital
certificates for authentication of both the client and the network authentication server. Dynamic
encryption keys are used for secure communications.
The network infrastructure device that connects the print server to the network (such as a network
switch) must also support the EAP/802.1X method used. In cooperation with the authentication server,
the infrastructure device can control the degree of network access and services available to the print
server client.
To configure the print server for EAP/802.1X authentication, use the embedded Web server through
your Web browser. For more information, see
Wireless print server authentication
HP Jetdirect wired/wireless print servers support several wireless authentication methods, which include
the following:
●
WEP Authentication is based on a secret, common wired equivalent privacy (WEP) key that must
be configured on each wireless device. A device that does not have the proper WEP key cannot
use the network. Static WEP encryption protocols are used for network communications.
●
WPA/WPA2–Personal Uses wi-fi protected access (WPA) standards through a pre-shared key.
A user-specified passphrase must be entered to generate the pre-shared key. Dynamic WPA
encryption protocols are used for network communications to provide enhanced security.
●
WPA/WPA2–Enterprise Requires 802.1X credentials to use the wireless network. A dedicated
server verifies the identity of the user or device that is requesting network use. There are several
available protocols.

IPsec/Firewall

IPsec/Firewall features provide network-layer security on both IPv4 and IPv6 networks. A firewall
provides simple control of IP traffic, which is either permitted access or discarded. IPsec, RFC 2401
provides additional protection through authentication and encryption protocols.
4 Chapter 1 Introducing the HP Jetdirect print server
Embedded Web server (V.38.xx) on page 61.
ENWW