User's Manual

ManualsBrandsHP ManualsSoftwareHP Web Jetadmin Software

381

382

383

384

385

386

387

388

389

390

To configure this option, select the encryption strength from the list.

EWS Information Protection

Use this option to enable or disable protection for the Information tab on the device Embedded Web Server

(EWS) page.

If the Enabled option is selected and an EWS password is configured on the device, users cannot access the

Information tab on the EWS without logging in with the EWS device password.

If the Disabled option is selected and an EWS password is configured on the device, users can access the

Information tab without logging in with the EWS device password. To access all the other tabs on the EWS

page, users must log in with the EWS password.

FIPS-140 Mode

Use this option to enable or disable the Federal Information Processing Standard (FIPS) mode on the device.

FIPS mode enforces the use of cryptographic suites and protocols that comply with the FIPS-140 standards

for computer security. FIPS supports the following protocols for the configuration options on the device:

●

SNMP Version Access Control configuration option: SHA-1 authentication protocol and AES-128 privacy

protocol

●

Kerberos setting on the IPsec/Firewall Policy configuration option: AES128-SHA1 and AES256-SHA1

protocols

●

Upload Jetdirect Certificate configuration option: Certificates that are signed by using SHA-1 or later

●

Upload CA Certificate configuration option: Certificates that are signed by using SHA-1 or later

●

Mgmt Protocol configuration option: TLS 1.2, TLS 1.1, or TLS 1.0

Enable FIPS mode

▲

Select the Enabled option.

CAUTION: The enable configuration fails if the following non-FIPS protocols are configured on the

device:

●

SNMP Version Access Control configuration option: MD5 authentication protocol and DES privacy

protocol

●

Kerberos setting on the IPsec/Firewall Policy configuration option: DES-CBC-MD5 algorithm

●

Upload Jetdirect Certificate configuration option: Certificates that are signed by using MD5 or

earlier (MD2 or MD4)

●

Upload CA Certificate configuration option: Certificate that are signed by using MD5 or earlier

(MD2 or MD4)

●

Mgmt Protocol configuration option: SSL 3.0 or earlier

Disable FIPS mode

▲

Select the Disabled option.

Get Community Name

The Get Community Name password can be set to prevent unauthorized people from using SNMP utilities to

access a device and get the device settings.

ENWW Device Configuration Options for Security 361