manualshive.com logo in svg

SEH primos, User Manual

SEH primos offers a high-quality User Manual for free download on our website. This manual provides comprehensive instructions on how to properly use and maintain our product. Get your manual now from manualshive.com to ensure a seamless experience with your SEH primos product.

Share
Download
background image

primos User Manual

Security

48

6.4

How to Protect primos from Cross-Site Scripting

What is Cross-

Site Scripting?

Cross-site scripting (XSS) is a form of attack which uses a security vulnerability in websites:
By default the user input entered on a website is submitted to the browser. An attacker
may use this to transmit malicious code (e.g. scripts). The objective is e.g. to steal user data
such as user profiles.

To prevent cross-site scripting attacks values can be checked and only trusted values
accepted.

1. Start the primos Control Center.
2. Select 

SECURITY – Device access

.

3. In the

Cross-Site-Scripting (XSS)

 area, enable/disable 

Value check

.

The setting will be saved.

6.5

How to Control the Access to primos (TCP Port Access Control)

TCP Port Access

Control

You can control the access to primos. To do so, all TCP ports on primos can be blocked.
Network  elements  that  are  to  have  permission  to  access  primos,  can  be  defined  as
exceptions and excluded from locking. primos only accepts data packets from network
elements defined as exceptions. Please note: This also applies to iOS devices. If the TCP
port access control is enabled, you can only print from iOS devices which have been
defined as exceptions.

Exceptions

In order to exclude network elements (e.g. iOS devices, clients, DNS server, SNTP server)
from port locking, they must be defined as exceptions. To do so, the IP addresses or MAC
addresses (hardware addresses) of the network elements with access rights must be
entered in the 'Exceptions' area. Please note:

• MAC addresses are not delivered through routers!

• Address ranges can be defined using CIDR notation.

printers for which a queue has been created in primos are automatically excluded from
port locking.

Test Mode

The 'test mode' allows you to check the configured access protection. If the test mode is
activated, access protection remains active until primos is rebooted. After restarting, the
protection is no longer effective.

The 'test mode' option is activated by default. After a successful test, you must deactivate
the test mode so that access protection remains permanently active.

Summary of Contents for primos

Page 1: ...User Manual...

Page 2: ...roduct Keep the documentation for further reference during the life cycle of the product All rights are reserved Copying other reproduction or translation without the prior written consent from SEH Co...

Page 3: ...5 How to Configure Directory Services 17 4 Device Settings 20 4 1 How to Determine a Description 20 4 2 How to Configure the Device Time 20 4 3 How to Configure Local Users 21 4 4 How to Configure Lo...

Page 4: ...ontrol the Access to primos TCP Port Access Control 48 6 6 How to Use Certificates Correctly 50 6 7 How to Use Authentication Methods 55 7 Maintenance 61 7 1 How to Secure the Configuration Settings B...

Page 5: ...s 2 Documentation 3 Support And Service 5 Your Safety 6 First Steps 6 Find IP address of primos 7 This chapter contains information concerning the device and the documentation as well as notes about y...

Page 6: ...iOS devices with primos These are wired or wireless AirPrint network printers In addition primos enhances AirPrint with various features Wide Area AirPrint directory services support and much more pri...

Page 7: ...er offer a bookmark navigation feature that allows you to view the entire document structure This document contains hyperlinks to the associated information units If you want to print this documentati...

Page 8: ...on The arrow confirms the consequence of an action Requirements Hooks mark requirements that must be met before you can begin the action Option A square marks procedures and options that you can choos...

Page 9: ...d on the SEH Computertechnik GmbH homepage http www seh technology com services downloads download mobility solutions primos html For primos you will find current firmware software current tools curre...

Page 10: ...ore Improper Use All uses of the device that do not comply with the primos functionalities described in the documentation are regarded as improper uses It is not allowed to make modifications to the h...

Page 11: ...4 How Do I Find the IP Address The primos IP address can be determined using the SEH primos App System Requirements of the SEH primos App Windows 7 Windows 8 Windows 10 Mac OS X 10 7 x OS X 10 8 x 10...

Page 12: ...via Bonjour primos is advertised under the name primos ICxxxxxx wherein ICxxxxxx is the default name 67 All devices with iOS and Mac OS X OS X macOS support Bonjour natively On devices with other ope...

Page 13: ...ftware Microsoft Edge Safari Mozilla Firefox Security The access to the primos Control Center is protected 46 The default user profile is User name admin Password admin Note Change the default passwor...

Page 14: ...he URL The primos Control Center is displayed in the browser Open primos Control Center via SEH primos App Requirements primos is connected to the network and the mains voltage primos has a valid IP a...

Page 15: ...e manufacturer s contact details and additional information regarding the product are displayed under Product Company The Sitemap provides an overview of and direct access to all pages of the primos C...

Page 16: ...omputer with a Windows or Mac OS X OS X macOS operating system Different installation files are available depending on the operating system System requirements Windows 7 Windows 8 Windows 10 Mac OS X...

Page 17: ...ntrol Center 2 Select NETWORK IPv4 3 Configure the IPv4 parameters table 1 13 4 Click Save to confirm The settings are saved Table 1 IP parameters You can define various settings for an ideal integrat...

Page 18: ...a field can be omitted Example fe80 0 0 0 0 10 1000 1a4 An IPv6 address may be entered or displayed using a shortened version when successive fields contain all zeros 0 In this case two colons are us...

Page 19: ...lick Save to confirm The settings are saved Table 2 IPv6 parameters Parameters Description IPv6 Enables disables the IPv6 functionality of primos Automatic configuration Enables disables the automatic...

Page 20: ...the automatic recognition of computers devices and network services in TCP IP based networks primos uses Bonjour to search for printers in the network 25 check the IP address assigned via ZeroConf 7 a...

Page 21: ...into an Active Directory by making it member of a domain Requirements A DNS server is configured in primos 16 primos was entered with a type A resource record IPv4 address of the host on the DNS serve...

Page 22: ...llow the communication between participants of different network segments The host name can only be used if a DNS server was configured beforehand Administrator account Defines the name of the adminis...

Page 23: ...gs 19 LDAP CA certificate Choose the root CA certificate of the certification authority that has issued the certificate of the domain controller DC The CA certificate must already be installed on the...

Page 24: ...e server SNTP server in the network A time server synchronizes the time of devices within a network Benefits and Purpose primos needs the device time to join directory services 17 and to provide the p...

Page 25: ...ontrol who can print 35 To do this you can either use directory service users 17 or local users You set up local users on primos Each user needs a name and password In addition a user can be assigned...

Page 26: ...lect the user to be deleted by clicking the icon 4 Confirm the security query The user is deleted 4 4 How to Configure Local Groups When using user authentication users are used to to control who can...

Page 27: ...oup is created Change User Memberships 1 Start the primos Control Center 2 Select DEVICE Users 3 Select the group to be edited by clicking the icon 4 In the Users area select the users 5 To confirm cl...

Page 28: ...Need How to Configure Printers on primos Creating Queues 25 How to Manage Queues 29 How to View the Job History 30 How to Define the Printer Name That Is Displayed on the iOS Devices 32 How to Mainta...

Page 29: ...ert Printer Setup Starts a search for network printers You will then get a list of printers found and queue proposals for those printers You can edit those and create up to 10 queues Knowledge of prin...

Page 30: ...inters and automati cally creates queues for up to 10 printers found Then an overview of the queues cre ated is displayed Note Depending on the size of your network running the Smart Printer Setup may...

Page 31: ...Defines how printers are addressed in the network via Bonjour via hostname or IP address routable Choose hostname IP address if you want to move primos or the printers to a different network after se...

Page 32: ...er Defines the printer The list shows printers automatically discovered in the network You may also define a printer connection manually Connection Connection type Defines the printing protocol IPP IP...

Page 33: ...by comma Example 51 982898 8 493206 Connection Defines the connection to a printer in the form of a device URI uniform resource identifier IPP IPPS In IPP Internet Printing Protocol the print data is...

Page 34: ...jobs are displayed From the 101rd print job onwards the FIFO method first in first out is applied The recorded print jobs will be deleted when primos is reset Note A time server 20 must be configured...

Page 35: ...lect PRINTING Job history The job history is displayed 3 Click the filter button The job history entries are displayed according to the filter Delete print jobs 1 Start the primos Control Center 2 Sel...

Page 36: ...via primos on iOS devices The AirPrint identifier is applied to all queues It can be changed at any time The default is air Chose an identifier that begins with a letter that from the beginning of th...

Page 37: ...imos Control Center 2 Select PRINTING Queues 3 Select the desired queue by clicking the icon 4 In the Device area select the desired printer action from the Action list 5 Click Save to confirm The pri...

Page 38: ...ated on primos 25 A certificate has been installed on primos 50 1 Start the primos Control Center 2 Select PRINTING Queues 3 Select the desired queue by clicking the icon 4 Tick clear Secure AirPrint...

Page 39: ...a directory service Active Directory or LDAP 17 To enter a large number of users more easily the users can be grouped in local 22 or directory service groups The group then is entered instead of each...

Page 40: ...y print content such as documents and pictures from iOS devices iPhone iPad and so on To do so print jobs are sent from iOS apps with AirPrint support to primos via your network primos forwards the pr...

Page 41: ...rPrint on primos 38 Warning The primos subdomain must not end with local This domain is reserved for multicast Bonjour mDNS On primos define the printer which are to be used with Wide Area AirPrint Co...

Page 42: ...context menu choose New Conditional Forwarder The dialog New Conditional Forwarder appears 3 In the DNS Domain box enter the primos subdomain 4 In the area IP addresses of the master servers enter in...

Page 43: ...lect MAINTENANCE Service 3 In the DHCP option 119 area enter your IPv4 DHCP range in the DHCP range box 4 In the DHCP option 119 area enter your primos subdomain in the primos subdo main box The Comma...

Page 44: ...6d 79 64 6f 6d 61 69 6e 03 63 6f 6d 00 Configures option 119 After each execution the successful execution of the command is confirmed The primos subdomain is created on the DHCP server as option 119...

Page 45: ...yboard appears 5 Add the primos subdomain Several search domains are to be separated comma 6 Let the key board fade out The primos subdomain has been configured as search domain on the iOS device The...

Page 46: ...45 How to Manage User Profiles Access Control 46 How to Protect primos from Cross Site Scripting 48 How to Control the Access to primos TCP Port Access Control 48 How to Use Certificates Correctly 50...

Page 47: ...n be selected Any The encryption is automatically negotiated by both communicating parties The strongest encryption supported by both parties will always be chosen Regular High Only cipher suites with...

Page 48: ...t support SSL a connection can then not be established 4 From the Encryption level area select the desired level Warning Do not use the encryption level Low if you use up to date browser software and...

Page 49: ...3 Note When logging into the primos Control Center 46 the password is transmitted in plain text We recommend to only use the HTTPS connection SSL TLS requires a certificate to check the identity of pr...

Page 50: ...Active Directory or LDAP 17 Directory users can be used to log into the primos Control Center To do this they must be defined on primos The users defined can then authenticate themselves with their di...

Page 51: ...vice 17 In the directory service users are defined 1 Start the primos Control Center 2 Select SECURITY Device access 3 Into the Users having access to this device box enter the directory service users...

Page 52: ...ded from locking primos only accepts data packets from network elements defined as exceptions Please note This also applies to iOS devices If the TCP port access control is enabled you can only print...

Page 53: ...ck the options 5 Make sure that the test mode is enabled 6 Click Save to confirm The settings are saved The port access control is activated until the device is restarted 7 Check the port access and c...

Page 54: ...d Upon delivery a certificate the so called default certificate is stored in primos It is recommended that you replace the default certificate by a self signed certificate or a requested certificate a...

Page 55: ...es 3 Click Self signed certificate an 4 Enter the relevant parameters table 10 51 5 Click Create Install The certificate will be created and installed This may take a few minutes Table 10 Parameters f...

Page 56: ...es 6 Select Upload and save the requests in a text file 7 Click OK 8 Send the text file as certificate request to a certification authority When the certificate has been received it must be saved in t...

Page 57: ...ate 6 Click Install The requested certificate is installed in primos Installing a PKCS 12 Certificate in primos PKCS 12 certificates are used to save private keys and their respective certificates and...

Page 58: ...ificate of the authentication server RADIUS in primos Requirements The certificate must be in base64 format 1 Start the primos Control Center 2 Select SECURITY Certificates 3 Click CA certificate 4 Cl...

Page 59: ...ntication server RADIUS First you must define the authentication procedure TLS PEAP TTLS etc to be used and configure it on all network devices involved What is RADIUS RADIUS Remote Authentication Dia...

Page 60: ...rtificate signed by a CA The RADIUS server and primos must validate the certificate After the mutual authentication was successful the access to the network will be freed Since each device needs a cer...

Page 61: ...er authentication The advantage of this procedure is that only the RADIUS server needs a certificate Therefore no PKI is needed Moreover TTLS supports most authentication protocols Requirements primos...

Page 62: ...authentication methods including user passwords and one time passwords Requirements primos is defined as user with user name and password on a RADIUS server 1 Start the primos Control Center 2 Select...

Page 63: ...methods to generate PACs The manual delivery mechanism can be every mechanism that the administrator configures and considers to be safe for the network In the case of the automatic delivery an encryp...

Page 64: ...primos User Manual Security 60 the RADIUS server 9 Install a WPA add on Optional 10 Click Save to confirm The settings are saved...

Page 65: ...onfiguration Settings Backup 62 How to Reset primos to Its Default Settings Reset 62 How to Perform an Update 63 How to Restart primos 64 How to Shut Down primos 65 How to Use the Service Function 65...

Page 66: ...same major version of primos software Major software versions are distinguished by the second level of numbering Example A backup created for primos software 17 1 x cannot be installed on primos with...

Page 67: ...Reset Button LEDs various ports and the reset button can be found on primos These components are described in the Quick Installation Guide Using the reset button you can reset the primos the configur...

Page 68: ...e files can be downloaded from the homepage of SEH Computertechnik GmbH http www seh technology com services downloads download mobility solutions primos html Note Every update file has its own readme...

Page 69: ...th your request e g via email Logging Per default only some information is stored in the service file If logging is enabled much more detailed information will be logged The SEH support can perform a...

Page 70: ...our client Send the service file to the SEH support Configuring the SSH Access Note The SSH connection may only be established and used after consultation with the SEH support Using SSH for purposes o...

Page 71: ...Name 67 Gateway 67 Hardware Address 68 Host name 68 IP Address 68 Subnet Mask 68 Default Name The primos default name is made up of the two letters IC and the device number The device number consists...

Page 72: ...ppear only once in your local network The IP address must be saved in primos to make sure that it can be addressed within the network Subnet Mask With the help of the subnet mask large networks can be...

Page 73: ...s the BIOS mode if the activity LED blinks regularly Warning primos is not operational in the BIOS mode If a primos is in the BIOS mode the device will be marked accordingly in the SEH primos App with...

Page 74: ...check the cabling connections the primos IP address 7 and the proxy settings of your browser If you still cannot establish any connection the following safety mechanisms might be the cause The access...

Page 75: ...e the same time server SNTP server for primos and the directory service Check the primos time server configuration 20 Make sure that a DNS server is configured in primos and that primos can access it...

Page 76: ...t settings 62 Description 20 Device settings 20 DHCP 13 Directory service 17 35 Active Directory 17 35 46 LDAP 17 35 46 User 35 DNS Domain Name Service 16 DNS server 38 Documentation 3 Downloads 5 E E...

Page 77: ...out 11 Security 9 Start 9 Structure 10 Print 24 36 Across subnets 37 Print center 37 Print Jobs 30 Print jobs Accept 33 Delete 33 Reject 33 Print queue See Queue Printer Action 33 Name 32 Start 33 Sto...

Page 78: ...ubnet mask 13 68 Support 5 Switching Off 65 T TCP Port Access Control 48 Test mode 48 Test page 33 Time of the device 20 Time server 20 Time zone 20 Troubleshooting 69 U Update 63 URI Uniform Resource...

Reviews:

No comments

Related manuals for primos

Canon 1750 Service Manual preview
1750
Brand: Canon Pages: 358
IBM 5100 Installation Manual preview
5100
Brand: IBM Pages: 64
NEC NEC Express5800 Series Initial Operation Verification Manual preview
NEC Express5800 Series
Brand: NEC Pages: 4
NEC NEC Express5800 Series Software Installation preview
NEC Express5800 Series
Brand: NEC Pages: 21
NEC NEC Express5800 Series Manual preview
NEC Express5800 Series
Brand: NEC Pages: 10
NEC NEC Express5800 Series System Configuration Manual preview
NEC Express5800 Series
Brand: NEC Pages: 22
NEC NEC Express5800 Series Configuration Manual preview
NEC Express5800 Series
Brand: NEC Pages: 71
NEC NEC Express5800 Series Maintenance Manual preview
NEC Express5800 Series
Brand: NEC Pages: 166
NEC NEC Express5800 Series Notice preview
NEC Express5800 Series
Brand: NEC Pages: 16
Unitech MP300 Quick Start Manual preview
MP300
Brand: Unitech Pages: 2
F5 VIPRION 2400 Platform Manual preview
VIPRION 2400
Brand: F5 Pages: 72
F+D Feinwerk- und Drucktechnik TOP-ino Operating Instructions Manual preview
TOP-ino
Brand: F+D Feinwerk- und Drucktechnik Pages: 22
Olympus P-10 Supplementary Manual preview
P-10
Brand: Olympus Pages: 2
Olympus P-10 Instruction Manual preview
P-10
Brand: Olympus Pages: 148
Radio Shack TRS-80 Operation Manual preview
TRS-80
Brand: Radio Shack Pages: 57
Olivetti ARTJET 20 User Manual preview
ARTJET 20
Brand: Olivetti Pages: 22
IBM DB2 9 Planning Manual preview
DB2 9
Brand: IBM Pages: 51
Velvac Road-iQ Installation Manual preview
Road-iQ
Brand: Velvac Pages: 55

Brands by name

Popular brands

Load more brands