White Papers
Table Of Contents
- Contents
- Change history
- Overview
- Securing network connections
- Managing devices remotely
- Managing login methods
- Restricting public access to functions, applications, printer management, and security options
- Using local accounts
- Using LDAP or LDAP+GSSAPI
- Using Kerberos
- Using Active Directory
- Creating LDAP, LDAP+GSSAPI, or Active Directory groups
- Editing or deleting LDAP, LDAP+GSSAPI, or Active Directory groups
- Understanding access controls
- Managing certificates
- Managing other access functions
- Securing data
- Troubleshooting
- User is locked out
- User is logged out automatically
- User cannot access applications or functions
- KDC and MFP clocks are out of sync
- Domain controller certificate is not installed
- KDC is not responding within the required time
- LDAP lookups fail
- Make sure that the server and firewall settings are configured to allow communication between the pr ...
- If reverse DNS lookup is not used in your network, then disable it in the Kerberos settings
- If the LDAP server requires SSL, then enable SSL for LDAP lookups
- Narrow the LDAP search base to the lowest possible scope that includes all necessary users
- Make sure that all LDAP attributes that are being searched for are correct
- Notices
- Index
Configuring SNMP traps
After configuring SNMP settings, you can customize which alerts are sent to the network management system
by designating events (SNMP traps) that trigger an alert message.
1 From the Embedded Web Server, click Settings > Network/Ports > SNMP > Set SNMP Traps.
2 In one of the IP Address fields, type the IP address of the network management server or monitoring station.
3 Select the conditions for which you want to generate an alert.
4 Click Save.
Configuring security audit log settings
The security audit log lets administrators monitor security‑related events on a device, including failed user
authorization, successful administrator authentication, and Kerberos
file
uploads to a device. By default, security
logs are stored on the device, but may also be transmitted to a network system log (syslog) server for further
processing or storage.
We recommend enabling audit in secure environments.
1 From the Embedded Web Server, click Settings > Security > Security Audit Log.
2 Do one or more of the following:
Activate security audit logging
Select Enable Audit.
Configure
transmission to a network syslog server
This option lets you use both the remote syslog server and the internal logging.
a Select Enable Remote Syslog.
b Configure the Remote Syslog settings.
• Remote Syslog Server—Type the IP address or host name of the server.
• Remote Syslog Port—Type the port number used for the destination server. The default value is 514.
• Remote Syslog Method—Select Normal UDP to send log messages and events using a lower‑priority
transmission protocol. Otherwise, select Stunnel.
• Remote Syslog Facility—Select a facility code for events logged to the destination server. All events
sent from the device are tagged with the same code to aid in sorting and filtering by network monitor
or intrusion detection software.
• Severity of Events to Log—Select the priority level cuto for logging messages and events. The
highest severity is 0, and the lowest is 7. The selected severity level and anything higher are logged.
For example, if you select 4 ‑ Warning, then severity levels 0–4 are logged.
• Remote Syslog Non‑Logged Events—Send all events regardless of severity to the remote server.
Managing devices remotely 10