Using Security Features In The Embedded Web Server; Understanding The Basics; Authentication And Authorization - Lexmark MS610dn Administrator's Manual

Using security features in the Embedded Web Server

Using security features in the Embedded Web
Server
Lexmark Embedded Web Server represents an evolution in keeping document outputs safe and confidential in today's
busy environments. With traditional components such as authentication and group permissions, administrators can
use Embedded Web Server Security Templates to control access to the devices that produce, store, and transmit
sensitive documents. Security templates are an innovative tool developed by Lexmark that administrators can use to
build secure and flexible profiles, restricting sensitive printer functions or outputs to only those users holding
appropriate credentials. Utilizing soft configuration features alone or in conjunction with physical security such as
Common Access Cards, the printer is no longer a weak link in the document security chain.

Understanding the basics

Securing a printer through the Embedded Web Server involves combining one or more components to define who is
allowed to use the printer, and which functions those users are allowed to access. Available components include
Authentication, Authorization, and Groups.
Create a plan that identifies who the users will be and what they will need to do before configuring printer security.
Items to consider might include:
•
The location of the printer and whether authorized persons have access to that area
•
Sensitive documents that will be sent to or stored on the printer
•
Information security policies of your organization.

Authentication and Authorization

Authentication is the method by which a system securely identifies a user.
Authorization specifies which functions are available to a user who has been authenticated by the system. This set of
authorized functions is also referred to as "permissions."
There are two levels of security that are supported based on the product definition. The simplest level security only
supports internal device authentication and authorization methods. The more advanced level security permits internal
as well as external authentication and authorization as well as additional restriction capability for management,
function, and solution access. Advanced security is supported for those devices that permit the installation of additional
solutions to the device.
Simple security utilizes the "Panel PIN Protect" to restrict user access to the printer control panel and the "Web Page
Password Protect" to restrict admin access to the device. For more information, see
Protect" on page 10 and
Advanced level security devices support PIN and password restrictions in addition to the other authentication and
authorization specified. Most of this document will describe advanced security devices.
"Creating a password through Web Page Password Protect" on page
"Creating a PIN through Panel PIN
9.
5