HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 38 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
To preserve operational accountability and security, records that provide an audit trail of TOE use
and security-relevant events will be created, maintained, and protected from unauthorized
disclosure or alteration, and will be reviewed by authorized personnel.
P.INTERFACE.MANAGEMENT
To prevent unauthorized use of the external interfaces of the TOE, operation of those interfaces will
be controlled by the TOE and its IT environment.
3.4.2 In addition to the PP2600.2 protection profile
P.ADMIN.PASSWORD
To restrict access to administrative tasks, the Device Administrator Password will be set in the
evaluated configuration so that it is required to perform security-relevant actions through EWS
(HTTP), WS* Web Services, OXPd Web Services, and at the Control Panel.
P.USERNAME.CHARACTER_SET
To prevent ambiguous user names in the TOE's audit trail, the Display Names of the Local Device
Sign In method users and the user names of the LDAP and Windows Sign In method users must
only contain ASCII printable characters except for the double quote (22 hex) and single quote (27
hex) characters (i.e., allowed ASCII characters in hexadecimal: 20, 21, 23 - 26, 28 - 7E).
P.REMOTE_PANEL.DISALLOWED
To preserve operational accountability and security, administrators must not use the Remote
Control-Panel feature.
To Next Page
Loading...