To practically manage a fleet of networked print and imaging devices, remote management is a must. The device must allow authorized people to configure it, while rejecting those that are unauthorized. The process of managing the device must also be secured so that the network traffic associated with the remote management can’t be sniffed, stolen or abused.
Lexmark devices include a variety of features to make remote device management easier, and more secure. These features can be configured through the device's embedded Web page.
By enabling Audit Logging, Lexmark devices have the ability to track security related events. The information/features of this function include: tracking event types, export capabilities, log full behavior, and more. The benefits of enabling Audit Logging include mitigating exposures through event tracking, proactively tracking and identifying potential risks, and integration with your intrusion detection system for proactive real-time tracking. There are over 100 variables and events tracked within the device.
Printers and MFPs automatically inspect downloaded firmware updates for the appropriate Lexmark digital signatures. Firmware that’s not correctly packaged and signed by Lexmark is rejected. This ensures that non-approved firmware is never run on the devices, which avoids exposing them to malicious software, such as viruses and worms.
Printers and MFPs use certificates for HTTPS, SSL, IPSec, and 802.1x authentications. The Certificate Management feature allows the devices to integrate with a PKI environment by allowing the certificates to be signed, and also allows the devices to trust certificate authorities in the PKI environment.
HTTPS provides a means to securely manage networked printers and MFPs. It allows Web traffic to be encrypted so that remote management via the device web page can be performed securely.
SNMP is a standard network management protocol. Version 3 of the protocol includes extensive security capabilities. Lexmark printers and MFPs support SNMPv3, including the authentication and data encryption components, allowing for secure remote management of the devices. SNMPv1 and SNMPv2 are also supported and can be independently configured and/or disabled.
IPv6 is supported on printers and MFPs to allow connectivity to IPv6 networks.
The Secure Password Reset feature can reset the access control setting on the device’s Security menu to allow access in the event that an administrative password is lost or forgotten, or when the device has lost network connectivity. This is accomplished using a firmware setting on the device web page and adjusting a jumper on the device system board.
Backup Password provides access to the Security Menu of the device regardless of the assigned protection method or the availability of that method. For example, if an LDAP server or network is unavailable, an administrator would still have access to the Security Menu of the device to make the necessary adjustments for accessing the device.