Manualshelf

HP MFP Digital Sending Software (DSS) 5.0 - Security Features

ManualsBrandsHP ManualsSoftwareHP MFP Digital Sending Software 5.0
12345678910
4
to access the DSS service. When DSS Account Authorization is enabled any user starting the
Configuration Utility will be prompted for the configured password.
If there are 5 consecutive unsuccessful sign in attempts to the DSS service the service is locked from
future sign in attempts for a period of time and a critical error email message is sent to the DSS
administrator. The length of time the service is locked is set to 30 minutes by default and is configurable
in the configuration file:
<install-folder>\Hewlett-Packard\HP Digital Sending
Software\Filesystems\Product\Dss\Configuration\HP.Dss.App.Service.Config.xml.
Permissions required for a non-admin to run the CU with full functionality
Depending on the authorization settings chosen it is possible for users who are not Windows’
administrators on the DSS server to run the Configuration Utility. But users who are not Windows’
administrators will not have the system permissions needed to perform many of the tasks available via
the Configuration Utility. Please see the System Administrator’s Guide, the section entitled “Permissions
needed to run DSS with full functionality”, for details of granting permissions to non-Windows
administrators to administer DSS with full functionality.
Device Credentials for FutureSmart Devices
FutureSmart devices can have passwords enabled by device administrators. When FutureSmart devices
are password protected DSS must know the password in order to interact with the device. Please see
the System Administrator’s Guide, in the section “Device credentials for FutureSmart devices”, for
details on this functionality.
Data Encryption with Pre-FutureSmart Devices
When DSS interacts with pre-FutureSmart devices the data is encrypted before it is sent over the
network. DSS and pre-FutureSmart devices use the Blowfish encryption algorithm with 128 bit
encryption strength. There are no configuration options available for this encryption. DSS only uses
Blowfish encryption when communicating with pre-FutureSmart devices.
Data Security Using SSL / TLS
Much of the data security in DSS is provided by utilizing the SSL / TLS protocols. This paper will give a
brief overview of some basic SSL /TLS concepts and will then discuss specifics of how the protocols are
used for communication between DSS components and between DSS and external entities including
FutureSmart devices, SMTP servers and LDAP servers.
Brief Overview of SSL / TLS Protocols
There is a vast amount of information about the SSL / TLS protocols available on the web. This paper
gives a brief, very high level, overview of some important SSL /TLS concepts, but the reader is referred
to public information for a deeper understanding.