Manualshelf

HP Web Jetadmin - Security and HP Web Jetadmin

ManualsBrandsHP ManualsSoftwareHP Web Jetadmin Software
9101112131415161718
Figure 9—Active clients task module
NOTE The I/O column represents the communication direction with respect to the HP Web Jetadmin
server host. HP Web Jetadmin uses random source ports when communicating with ports on
remote IP addresses.
NOTE HP Web Jetadmin uses ports 7627, 3702, and 3910 internally to communicate with devices.
To ensure proper communication, these ports must be kept open for communication directly
with the device and with the internal HPWSProAdapter service.
NOTE HP Web Jetadmin uses the Internet Control Message Protocol (ICMP) in the discovery process.
HP Web Jetadmin sends an ICMP echo request to determine if the IP is active.
HPWJA service
HPWJA Service is core to the HP Web Jetadmin application and runs under the low privilege
Microsoft user account “NT Authority\Network Service.” Many environments require applications like
HP Web Jetadmin not to have administrative access to the operating system.
SQL server (HPWJA)database access and authentication
A SQL Server 2005 Express database instance is created at install time and accessed by HP Web
Jetadmin using Windows credentials. The service for this instance runs under user
NT Authority\Network Service and is named SQL Server (HPWJA). HP Web Jetadmin uses the
Network Service account within the local Windows system to access SQL. Sensitive information such
as device credentials and other settings data identities are encrypted and stored securely within SQL
data tables.
NOTE As of November 2009, version 10.2.62227, HP Web Jetadmin can be configured to use a
remote instance of SQL Server and authenticate by using a SQL user account. Windows
authentication to the SQL Server instance and/or secure, certificates based authentication are
not currently possible, which may be considered a security vulnerability in some
environments. During SQL authentication, the SQL username and password are hidden to
prevent casual observation, but HP Web Jetadmin use on un-trusted networks may be a
concern to some administrators.
Active Clients task module
The Active Clients task module can be activated and viewed within the Task Module Docking area or
from Application Management > Overview. This task module shows clients that are logged into
HP Web Jetadmin, as well as the
number of active client applications
that are being run by each client. This
feature helps the administrator
determine which clients are logged
into the system prior to running
Product Updates or performing tasks
that may burden the system and cause
slow performance. A short custom
message can be sent to clients by
using Tools > Broadcast Message
which is available from Application
Management (see Figure 9).