Manualshelf

HP Web Jetadmin - Security and HP Web Jetadmin

ManualsBrandsHP ManualsSoftwareHP Web Jetadmin Software
9101112131415161718
The Credentials Store uses a portion of the HP Web Jetadmin SQL database that securely encrypts
and stores device credentials whenever a correct credential value is authenticated. These values are
stored on a per-credential and per-device basis. Here is a list of HP device credentials used by
HP Web Jetadmin:
EWS Password—Blocks unauthorized access to the device-embedded HTTP interface and is
synchronized with the HP Jetdirect telnet password.
PJL PasswordBlocks unauthorized PJL command strings.
File System Password—Protects the printer disk and other storage facilities from unauthorized
access.
SNMPv3 CredentialsConsists of user name, passphrase1 and passphrase2, which are used
when SNMPv3 is enabled. This version of the Simple Network Management Protocol secures and
authenticates communication between management applications like HP Web Jetadmin and the
device. This protocol is used when strong security is a requirement.
SNMP Set Community NameGrouping mechanism for SNMPv1/v2 that has been adopted as a
security mechanism by many users. Device configuration is not possible without knowledge of the
Set name value. However, the Set name value traverses the network in clear text and can be
“sniffed,” or viewed, by eavesdroppers.
SNMP Get Community NameSometimes used to prevent device discovery from other HP Web
Jetadmin installations. Devices do not respond to Get packets that do not contain the correct
value. However, the Get name value traverses the network in clear text and can be “sniffed” by
eavesdroppers.
Two actions cause the value of any credential to be stored:
Configuration: The credential becomes stored once it has been configured onto the device.
Use: The credential value becomes stored when used during a configuration and when the
credential was not previously stored by the software.
Stored credentials are reused by the application any time the requirement for them is encountered. A
user configuring a device that has had a credential stored is not required to re-enter the credential
into the application. The application uses the credential as a background operation in the HP Web
Jetadmin server’s steps to configure the device.
After a backup and restore, the contents of the Credential Store are retained if the restore occurs on
the same machine with the same OS. If the restore occurs on a different machine or the OS is rebuilt
between the backup and the restore, all credentials are lost.
NOTE Instructions and sample script files for backup and restore procedures can be found in the
HP Web Jetadmin install directory, which is typically at: [Drive]:\Program Files\Hewlett-
Packard\Web Jetadmin 10\WJABackupRestore.
Configuration of a device credential
Figure 10 shows the configuration item used to set the Embedded Web Server password.
Figure 10EWS password configuration item