HP Imaging and Printing Security Center 2.0 - Instant-On Security
9
Detailed Discussion
This section presents the Device Announcement Agent in greater detail, including network
configuration for default functionality, network activity, primary use cases, communication
specifics, and authentication.
Network Configuration
DAA communication occurs via the HP device announcement protocol (HDAP). When a
DAA enabled printer comes online in a networked environment, it contacts the default HP
IPSC Server to request discovery and compliance with a configured corporate security
policy. All use cases follow the same basic workflow, but differ in the way that the device is
authenticated to the IPSC Server and whether manual intervention in the workflow is
required.
In order to leverage the default functionality provided by a DAA enabled printer, the
network administrator must make a minimal DNS configuration change to the networked
environment. Once the configuration change is complete, any Instant-On supported device
coming online is automatically discovered and configured to a secure setting. The required
steps are as follows:
1. Configure a DNS entry for the default HP IPSC Server hostname hp-print-mgmt on the
network where a new HP print device is to be placed. The hp-print-mgmt reference
can be the actual HP IPSC server hostname or a DNS alias (CNAME) of that specific
server. If the administrator is unable or unwilling to configure this DNS entry, the DAA
must be manually configured to include the IP address of the IPSC server. See Figure 8.
HP Web Jetadmin can assist with the DAA configuration from a fleet management
perspective. See Figure 9. Pre-configuring the HP IPSC server IP address in the DAA
eliminates the need for DNS, but adds a manual step to the default Instant-On process.
FIGURE 8