Overview

HP Web Jetadmin has the ability to discover non-HP printers connected to the network via non-HP print server devices. By supporting third party printers, HP offers a network printer management solution that drives an additional step further toward the “one-stop-shopping” concept that LAN administrators desire. LAN administrators will now be able to discover and manage printers offered by all major printer vendors from a single software interface.

Discovery

During discovery of devices, HP Web Jetadmin uses SNMP queries to gather information from the printer and print server device. If HP Web Jetadmin concludes that the device is a peripheral such as a printer, plotter, multi-function device, etc., it will display it in the list of discovered devices. In order for HP Web Jetadmin to conclude that a device is a peripheral, the device must be able to answer a set of basic questions.

A MIB (Management Information Base) is a set of objects that defines the types of SNMP queries that can be asked of a device. For example, the Standard Printer MIB (RFC 1759) is a generic set of objects to which most peripherals should be able to provide answers when queried. The Standard Printer MIB consists of objects that describe functionality and capabilities of the printer such as page counts, media types, etc. Other common MIBs include MIB-II (RFC 1213) and the Host Resources MIB (RFC 1514).

Collateral production takes on a new look

As a commercial printer, you know well what your customers are demanding for their collateral production. Today, they want shorter, more frequent print runs, the ability to change and update, as well as more customized and versioned pieces. Increasingly, they also demand that collateral be part of an integrated cross-media campaign that involves email, the web and direct mail.

Some market demands, though, will never change. More often than not, customers require the highest possible print quality, accurate color, crisp text, vivid images, and the best finishing options. They also want collateral produced yesterday... and at a competitive price, of course.

Every piece of marketing collateral plays an important communications role, whether it’s a brochure, flyer, business card, stationary proposal or white paper. As with any customer interaction, a company’s collateral informs customer perception.

In order to maintain that all-important brand identity which governs customer loyalty, companies invest heavily in their print collateral—in resources, time and money. In fact, for every dollar spent on printing, an additional five to eight dollars are typically spent on administrative costs, document preparation, creative development, reviews, warehousing and distribution.

Executive Summary
This white paper describes how Sharp MFPs (1) comply, meet and exceed the IEEE-2600-2008 Security Standard' Requirements

The Industry Leader in MFP Security
As the office equipment industry transitioned from analog to digital imaging, Sharp recognized the urgent need to address vulnerabilities inherent in network-connected multifunctional devices (MFPs). In doing so, Sharp led the industry with the first Common Criteria-validated security solution, and to this day remains the only manufacturer with an encryption and data overwrite product validated at the highest commercial level.

The Sharp Approach
Sharp takes a comprehensive approach to security by protecting every step in the document lifecycle, from the initial scan or print to final output and distribution. Fully scalable, Sharp’s Security Suite enables Information Technology (IT) personnel to confidently safeguard their infrastructure and MFP installed base, without affecting network traffic or workgroup productivity. Specifically, Sharp MFPs (Segment 2 and up, including color) can be customized to meet unique requirements, help optimizing data confidentiality and integrity. For example, Sharp MFPs support:

• User and device authentication
• Data encryption
• Memory clearing and sanitization
• Access control, user authorization and restrictions
• Architecture that virtually eliminates virus vulnerabilities and provides resistance to denial of
  service (DoS) attacks
• Activity monitoring (compliance auditing)
• Port management and filtering

IEEE-2600-2008 Background
The IEEE-2600-2800 defines security requirements (all aspects of security including, but not limited to, authentication, authorization, privacy, integrity, device management, physical security, and information security) for manufacturers, users, and others on the selection, installation, configuration, and usage of hardcopy devices (HCDs) and systems, including printers, copiers, and multifunction devices (MFDs), and the computer systems that support these devices.

Executive Summary
This white paper describes how Sharp MFPs (1) comply, meet and exceed the IEEE-2600-2008 Security Standard' Requirements

The Industry Leader in MFP Security
As the office equipment industry transitioned from analog to digital imaging, Sharp recognized the urgent need to address vulnerabilities inherent in network-connected multifunctional devices (MFPs). In doing so, Sharp led the industry with the first Common Criteria-validated security solution, and to this day remains the only manufacturer with an encryption and data overwrite product validated at the highest commercial level.

The Sharp Approach
Sharp takes a comprehensive approach to security by protecting every step in the document lifecycle, from the initial scan or print to final output and distribution. Fully scalable, Sharp’s Security Suite enables Information Technology (IT) personnel to confidently safeguard their infrastructure and MFP installed base, without affecting network traffic or workgroup productivity. Specifically, Sharp MFPs (Segment 2 and up, including color) can be customized to meet unique requirements, help optimizing data confidentiality and integrity. For example, Sharp MFPs support:

• User and device authentication
• Data encryption
• Memory clearing and sanitization
• Access control, user authorization and restrictions
• Architecture that virtually eliminates virus vulnerabilities and provides resistance to denial of
  service (DoS) attacks
• Activity monitoring (compliance auditing)
• Port management and filtering

IEEE-2600-2008 Background
The IEEE-2600-2800 defines security requirements (all aspects of security including, but not limited to, authentication, authorization, privacy, integrity, device management, physical security, and information security) for manufacturers, users, and others on the selection, installation, configuration, and usage of hardcopy devices (HCDs) and systems, including printers, copiers, and multifunction devices (MFDs), and the computer systems that support these devices.

Introduction
The Payment Card Industry (PCI) Security Standards Council™ guides the efforts of Chief Information Security Officers, Compliance Officers, and others who protect cardholder information for payment card issuers, merchants, banks, processors, and service providers. The Council's PCI Data Security Standard (DSS) is a comprehensive set of requirements for security infrastructure, policies, and practices, intended to improve the security of cardholder and account data throughout the industry.

As the PCI Council completes its fifth year of operation, this paper reviews:

• successes and setbacks of the PCI Data Security Standard

• implications of the Council's new Prioritized Approach to DSS

• practical steps professionals can take to improve data security and maintain PCI DSS compliance

• effects of emerging technologies and legislation

This paper is an update and guide, not a tutorial on PCI DSS. Readers new to the standard should consult the excellent materials1 available from the PCI Security Standards Council itself, or one of the many introductory guides available from solution providers.

Compliance and Security
Few doubt that PCI DSS has helped standardize industry security practices and improve data protection. Often cited as a model for industry self-regulation, DSS helps card brands, issuing banks, merchants, and others reduce direct losses from fraud, and risks of reputation loss and litigation from data security breaches. Industry members comply with the standard out of direct financial self-interest, or indirectly to support the interests of powerful partners. DSS has been especially effective at improving security practices on the industry's front lines. In the words of Ellen Richey, Chief Risk Officer for VISA, "More than 90% of the largest card accepting merchants and about 97% of processors in the United States have validated compliance with PCI. The companies that fully embrace it are protecting themselves every day by maintaining their defenses, scanning systems, detecting anomalies and addressing threats."3

Introduction
The Payment Card Industry (PCI) Security Standards Council™ guides the efforts of Chief Information Security Officers, Compliance Officers, and others who protect cardholder information for payment card issuers, merchants, banks, processors, and service providers. The Council's PCI Data Security Standard (DSS) is a comprehensive set of requirements for security infrastructure, policies, and practices, intended to improve the security of cardholder and account data throughout the industry.

As the PCI Council completes its fifth year of operation, this paper reviews:

• successes and setbacks of the PCI Data Security Standard

• implications of the Council's new Prioritized Approach to DSS

• practical steps professionals can take to improve data security and maintain PCI DSS compliance

• effects of emerging technologies and legislation

This paper is an update and guide, not a tutorial on PCI DSS. Readers new to the standard should consult the excellent materials1 available from the PCI Security Standards Council itself, or one of the many introductory guides available from solution providers.

Compliance and Security
Few doubt that PCI DSS has helped standardize industry security practices and improve data protection. Often cited as a model for industry self-regulation, DSS helps card brands, issuing banks, merchants, and others reduce direct losses from fraud, and risks of reputation loss and litigation from data security breaches. Industry members comply with the standard out of direct financial self-interest, or indirectly to support the interests of powerful partners. DSS has been especially effective at improving security practices on the industry's front lines. In the words of Ellen Richey, Chief Risk Officer for VISA, "More than 90% of the largest card accepting merchants and about 97% of processors in the United States have validated compliance with PCI. The companies that fully embrace it are protecting themselves every day by maintaining their defenses, scanning systems, detecting anomalies and addressing threats."3

Executive Summary
This white paper describes how Sharp MFPs (1) comply, meet and exceed the IEEE-2600-2008 Security Standard Requirements

The Industry Leader in MFP Security
As the office equipment industry transitioned from analog to digital imaging, Sharp recognized the urgent need to address vulnerabilities inherent in network-connected multifunctional devices (MFPs). In doing so, Sharp led the industry with the first Common Criteria-validated security solution, and to this day remains the only manufacturer with an encryption and data overwrite product validated at the highest commercial level.

The Sharp Approach
Sharp takes a comprehensive approach to security by protecting every step in the document lifecycle, from the initial scan or print to final output and distribution. Fully scalable, Sharp’s Security Suite enables Information Technology (IT) personnel to confidently safeguard their infrastructure and MFP installed base, without affecting network traffic or workgroup productivity. Specifically, Sharp MFPs (Segment 2 and up, including color) can be customized to meet unique requirements, help optimizing data confidentiality and integrity. For example, Sharp MFPs support:

• User and device authentication
• Data encryption
• Memory clearing and sanitization
• Access control, user authorization and restrictions
• Architecture that virtually eliminates virus vulnerabilities and provides resistance to denial of service (DoS) attacks
• Activity monitoring (compliance auditing)
• Port management and filtering

Executive Summary
This white paper describes how Sharp MFPs (1) comply, meet and exceed the IEEE-2600-2008 Security Standard Requirements

The Industry Leader in MFP Security
As the office equipment industry transitioned from analog to digital imaging, Sharp recognized the urgent need to address vulnerabilities inherent in network-connected multifunctional devices (MFPs). In doing so, Sharp led the industry with the first Common Criteria-validated security solution, and to this day remains the only manufacturer with an encryption and data overwrite product validated at the highest commercial level.

The Sharp Approach
Sharp takes a comprehensive approach to security by protecting every step in the document lifecycle, from the initial scan or print to final output and distribution. Fully scalable, Sharp’s Security Suite enables Information Technology (IT) personnel to confidently safeguard their infrastructure and MFP installed base, without affecting network traffic or workgroup productivity. Specifically, Sharp MFPs (Segment 2 and up, including color) can be customized to meet unique requirements, help optimizing data confidentiality and integrity. For example, Sharp MFPs support:

• User and device authentication
• Data encryption
• Memory clearing and sanitization
• Access control, user authorization and restrictions
• Architecture that virtually eliminates virus vulnerabilities and provides resistance to denial of service (DoS) attacks
• Activity monitoring (compliance auditing)
• Port management and filtering

Overview

HP Web Jetadmin has the ability to discover non-HP printers connected to the network via non-HP print server devices. By supporting third party printers, HP offers a network printer management solution that drives an additional step further toward the “one-stop-shopping” concept that LAN administrators desire. LAN administrators will now be able to discover and manage printers offered by all major printer vendors from a single software interface.

Discovery

During discovery of devices, HP Web Jetadmin uses SNMP queries to gather information from the printer and print server device. If HP Web Jetadmin concludes that the device is a peripheral such as a printer, plotter, multi-function device, etc., it will display it in the list of discovered devices. In order for HP Web Jetadmin to conclude that a device is a peripheral, the device must be able to answer a set of basic questions.

A MIB (Management Information Base) is a set of objects that defines the types of SNMP queries that can be asked of a device. For example, the Standard Printer MIB (RFC 1759) is a generic set of objects to which most peripherals should be able to provide answers when queried. The Standard Printer MIB consists of objects that describe functionality and capabilities of the printer uch as page counts, media types, etc. Other common MIBs include MIB-II (RFC 1213) and the Host Resources MIB (RFC 1514).

Devices must be able to answer queries defined in these common MIBs in order for HP Web Jetadmin to discover the devices. Otherwise, there is not enough information pertaining to the device to warrant displaying it in the list of discovered devices. HP Web Jetadmin focuses on printer management, and it would be increasingly difficult to distinguish devices as printers unless they can answer a standard set of questions such as those defined in the Standard Printer MIB.

Overview

HP Web Jetadmin has the ability to discover non-HP printers connected to the network via non-HP print server devices. By supporting third party printers, HP offers a network printer management solution that drives an additional step further toward the “one-stop-shopping” concept that LAN administrators desire. LAN administrators will now be able to discover and manage printers offered by all major printer vendors from a single software interface.

Discovery

During discovery of devices, HP Web Jetadmin uses SNMP queries to gather information from the printer and print server device. If HP Web Jetadmin concludes that the device is a peripheral such as a printer, plotter, multi-function device, etc., it will display it in the list of discovered devices. In order for HP Web Jetadmin to conclude that a device is a peripheral, the device must be able to answer a set of basic questions.

A MIB (Management Information Base) is a set of objects that defines the types of SNMP queries that can be asked of a device. For example, the Standard Printer MIB (RFC 1759) is a generic set of objects to which most peripherals should be able to provide answers when queried. The Standard Printer MIB consists of objects that describe functionality and capabilities of the printer uch as page counts, media types, etc. Other common MIBs include MIB-II (RFC 1213) and the Host Resources MIB (RFC 1514).

Devices must be able to answer queries defined in these common MIBs in order for HP Web Jetadmin to discover the devices. Otherwise, there is not enough information pertaining to the device to warrant displaying it in the list of discovered devices. HP Web Jetadmin focuses on printer management, and it would be increasingly difficult to distinguish devices as printers unless they can answer a standard set of questions such as those defined in the Standard Printer MIB.