HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 19 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
Table 2: IPsec user mappings to allowed network protocols
Because IPsec mutual authentication is performed at the computer level, not the user level, the computer
allowed by the firewall to access the TOE via EWS, OXPd, WS*, and SNMP must itself be the
Administrative Computer. This means that non-TOE administrative users should not be allowed to logon
to the Administrative Computer because every user of the Administrative Computer is potentially a TOE
administrator.
IPsec is configured to use X.509v3 certificates via the Internet Key Exchange (IKE) protocols IKEv1 and
IKEv2 in the evaluated configuration.
In addition, the TOE can contact many types of trusted IT products using IPsec and mutual authentication
over the interfaces specified in section 1.5.4.1. The TOE contacts these computers either to send data to
them (e.g., send email notification to the SMTP Gateway) or to request information from them (e.g.,
authenticate a user using LDAP). The TOE mutually authenticates these servers via IPsec prior to
sending data or requesting information from them.
Data protection and access control 1.5.2.4
1.5.2.4.1 Permission Sets
Each Control Panel application requires one or more permissions in order to execute it. These
permissions are defined in Permission Sets (a.k.a. User Roles). The applied Permission Set can be a
combination of various Permission Sets associated with a user. The default Permission Sets in the
evaluated configuration are:
Device Administrator (assigned to U.ADMINISTRATOR)
Device User (assigned to U.NORMAL)
The TOE includes a Device Guest Permission Set, but it has zero permissions in the evaluated
configuration.
Additional (custom) Permission Sets can be created and applied by the administrator in the evaluated
configuration.
In the evaluated configuration, the Device Administrator Permission Set has more permissions than the
Device User Permission Set. This translates into U.ADMINISTRATORS users being able to access more
functionality, specifically administrative functionality, than U.NORMAL users.
Permission Set data is stored in the TOE and managed via the EWS and WS* Web Services.
1.5.2.4.2 Job PINs
Users control access to print and copy jobs that they place in Job Storage by assigning Job PINs to these
jobs (required in the evaluated configuration). Job PINs must be 4 digits in length. Job PINs limit access
to these jobs while they reside on the TOE and allow users to control when the jobs are printed so that
physical access to the hard copies can be controlled.
1.5.2.4.3 Job Encryption Password
The TOE can store and decrypt encrypted stored print jobs received from a client computer which has the
HP Universal Print Driver installed. A stored print job is first encrypted by the client computer using a
user-specified Job Encryption Password. The job is then sent encrypted to the TOE and stored encrypted
by the TOE. To decrypt the job, a Control Panel user must enter the correct Job Encryption Password
used to encrypt the job.
1.5.2.4.4 Common access control
The TOE protects each non-fax job in Job Storage from non-administrative users through the use of a
user identifier and a Job PIN or through the use of just a Job Encryption Password. The user identifier for
To Next Page
Loading...