SEH primos Скачать руководство пользователя страница 47 | Manualshive

Страница: 47 / 78

background image

primos User Manual

Security

43

6.1

How to Define the Encryption Strength for SSL/TLS Connections

The following connections to and from primos can be encrypted via SSL/TLS:

• Web access to the primos Control Center: HTTPS (

• print data transmission: IPPS and Secure AirPrint (

Encryption

strength

The encryption strength and thus the safety of the connection is defined via the
encryption protocol and level.

Protocol

The encryption protocols SSL (Secure Sockets Layer) and its successor TLS (Transport
Layer Security) are used to encrypt the connections.

Encryption

Level

Each encryption level is a collection of so-called cipher suites. A cipher suite is a
standardized sequence of four cryptographic algorithms that are used to establish a
secure connection. Depending on their cipher strength, cipher suites are grouped to form
an encryption level. Which cipher suites are supported by primos, i.e. are part of an
encryption level, depends on the SSL/TLS protocol used.

The following encryption levels can be selected:

•

Any

: The encryption is automatically negotiated by both communicating parties. The

strongest encryption supported by both parties will always be chosen.

• Regular

•

High

: Only cipher suites with an strong encryption are used. (Slow data transfer)

Establishing

Connections

When establishing a secure connection, the protocol to be used and a list of supported
cipher suites is sent to the communicating party. A cipher suite is agreed upon that will
be used later on. The strongest cipher suite that is supported by both parties will be used
by default. If the communication partner does not support the protocol selected and/or
if there is no cipher suite that is supported by both parties, no SSL/TLS connection will be
established.

Warning

The communicating partners of primos (e.g. browser) must support the protocol
selected and the cipher suites of the selected encryption level in order to
successfully establish a connection. If problems occur, select different settings or
reset the parameters of primos; see:

Note

If you set 'Any' for encryption protocol and level, they will be negotiated automatically by
both communicating parties. With these settings, the chances that a secure connection

«
...
45
46
47
48
49
...
»

Содержание primos

Страница 1: ...User Manual...

Страница 2: ...roduct Keep the documentation for further reference during the life cycle of the product All rights are reserved Copying other reproduction or translation without the prior written consent from SEH Co...

Страница 3: ...5 How to Configure Directory Services 17 4 Device Settings 20 4 1 How to Determine a Description 20 4 2 How to Configure the Device Time 20 4 3 How to Configure Local Users 21 4 4 How to Configure Lo...

Страница 4: ...ontrol the Access to primos TCP Port Access Control 48 6 6 How to Use Certificates Correctly 50 6 7 How to Use Authentication Methods 55 7 Maintenance 61 7 1 How to Secure the Configuration Settings B...

Страница 5: ...s 2 Documentation 3 Support And Service 5 Your Safety 6 First Steps 6 Find IP address of primos 7 This chapter contains information concerning the device and the documentation as well as notes about y...

Страница 6: ...iOS devices with primos These are wired or wireless AirPrint network printers In addition primos enhances AirPrint with various features Wide Area AirPrint directory services support and much more pri...

Страница 7: ...er offer a bookmark navigation feature that allows you to view the entire document structure This document contains hyperlinks to the associated information units If you want to print this documentati...

Страница 8: ...on The arrow confirms the consequence of an action Requirements Hooks mark requirements that must be met before you can begin the action Option A square marks procedures and options that you can choos...

Страница 9: ...d on the SEH Computertechnik GmbH homepage http www seh technology com services downloads download mobility solutions primos html For primos you will find current firmware software current tools curre...

Страница 10: ...ore Improper Use All uses of the device that do not comply with the primos functionalities described in the documentation are regarded as improper uses It is not allowed to make modifications to the h...

Страница 11: ...4 How Do I Find the IP Address The primos IP address can be determined using the SEH primos App System Requirements of the SEH primos App Windows 7 Windows 8 Windows 10 Mac OS X 10 7 x OS X 10 8 x 10...

Страница 12: ...via Bonjour primos is advertised under the name primos ICxxxxxx wherein ICxxxxxx is the default name 67 All devices with iOS and Mac OS X OS X macOS support Bonjour natively On devices with other ope...

Страница 13: ...ftware Microsoft Edge Safari Mozilla Firefox Security The access to the primos Control Center is protected 46 The default user profile is User name admin Password admin Note Change the default passwor...

Страница 14: ...he URL The primos Control Center is displayed in the browser Open primos Control Center via SEH primos App Requirements primos is connected to the network and the mains voltage primos has a valid IP a...

Страница 15: ...e manufacturer s contact details and additional information regarding the product are displayed under Product Company The Sitemap provides an overview of and direct access to all pages of the primos C...

Страница 16: ...omputer with a Windows or Mac OS X OS X macOS operating system Different installation files are available depending on the operating system System requirements Windows 7 Windows 8 Windows 10 Mac OS X...

Страница 17: ...ntrol Center 2 Select NETWORK IPv4 3 Configure the IPv4 parameters table 1 13 4 Click Save to confirm The settings are saved Table 1 IP parameters You can define various settings for an ideal integrat...

Страница 18: ...a field can be omitted Example fe80 0 0 0 0 10 1000 1a4 An IPv6 address may be entered or displayed using a shortened version when successive fields contain all zeros 0 In this case two colons are us...

Страница 19: ...lick Save to confirm The settings are saved Table 2 IPv6 parameters Parameters Description IPv6 Enables disables the IPv6 functionality of primos Automatic configuration Enables disables the automatic...

Страница 20: ...the automatic recognition of computers devices and network services in TCP IP based networks primos uses Bonjour to search for printers in the network 25 check the IP address assigned via ZeroConf 7 a...

Страница 21: ...into an Active Directory by making it member of a domain Requirements A DNS server is configured in primos 16 primos was entered with a type A resource record IPv4 address of the host on the DNS serve...

Страница 22: ...llow the communication between participants of different network segments The host name can only be used if a DNS server was configured beforehand Administrator account Defines the name of the adminis...

Страница 23: ...gs 19 LDAP CA certificate Choose the root CA certificate of the certification authority that has issued the certificate of the domain controller DC The CA certificate must already be installed on the...

Страница 24: ...e server SNTP server in the network A time server synchronizes the time of devices within a network Benefits and Purpose primos needs the device time to join directory services 17 and to provide the p...

Страница 25: ...ontrol who can print 35 To do this you can either use directory service users 17 or local users You set up local users on primos Each user needs a name and password In addition a user can be assigned...

Страница 26: ...lect the user to be deleted by clicking the icon 4 Confirm the security query The user is deleted 4 4 How to Configure Local Groups When using user authentication users are used to to control who can...

Страница 27: ...oup is created Change User Memberships 1 Start the primos Control Center 2 Select DEVICE Users 3 Select the group to be edited by clicking the icon 4 In the Users area select the users 5 To confirm cl...

Страница 28: ...Need How to Configure Printers on primos Creating Queues 25 How to Manage Queues 29 How to View the Job History 30 How to Define the Printer Name That Is Displayed on the iOS Devices 32 How to Mainta...

Страница 29: ...ert Printer Setup Starts a search for network printers You will then get a list of printers found and queue proposals for those printers You can edit those and create up to 10 queues Knowledge of prin...

Страница 30: ...inters and automati cally creates queues for up to 10 printers found Then an overview of the queues cre ated is displayed Note Depending on the size of your network running the Smart Printer Setup may...

Страница 31: ...Defines how printers are addressed in the network via Bonjour via hostname or IP address routable Choose hostname IP address if you want to move primos or the printers to a different network after se...

Страница 32: ...er Defines the printer The list shows printers automatically discovered in the network You may also define a printer connection manually Connection Connection type Defines the printing protocol IPP IP...

Страница 33: ...by comma Example 51 982898 8 493206 Connection Defines the connection to a printer in the form of a device URI uniform resource identifier IPP IPPS In IPP Internet Printing Protocol the print data is...

Страница 34: ...jobs are displayed From the 101rd print job onwards the FIFO method first in first out is applied The recorded print jobs will be deleted when primos is reset Note A time server 20 must be configured...

Страница 35: ...lect PRINTING Job history The job history is displayed 3 Click the filter button The job history entries are displayed according to the filter Delete print jobs 1 Start the primos Control Center 2 Sel...

Страница 36: ...via primos on iOS devices The AirPrint identifier is applied to all queues It can be changed at any time The default is air Chose an identifier that begins with a letter that from the beginning of th...

Страница 37: ...imos Control Center 2 Select PRINTING Queues 3 Select the desired queue by clicking the icon 4 In the Device area select the desired printer action from the Action list 5 Click Save to confirm The pri...

Страница 38: ...ated on primos 25 A certificate has been installed on primos 50 1 Start the primos Control Center 2 Select PRINTING Queues 3 Select the desired queue by clicking the icon 4 Tick clear Secure AirPrint...

Страница 39: ...a directory service Active Directory or LDAP 17 To enter a large number of users more easily the users can be grouped in local 22 or directory service groups The group then is entered instead of each...

Страница 40: ...y print content such as documents and pictures from iOS devices iPhone iPad and so on To do so print jobs are sent from iOS apps with AirPrint support to primos via your network primos forwards the pr...

Страница 41: ...rPrint on primos 38 Warning The primos subdomain must not end with local This domain is reserved for multicast Bonjour mDNS On primos define the printer which are to be used with Wide Area AirPrint Co...

Страница 42: ...context menu choose New Conditional Forwarder The dialog New Conditional Forwarder appears 3 In the DNS Domain box enter the primos subdomain 4 In the area IP addresses of the master servers enter in...

Страница 43: ...lect MAINTENANCE Service 3 In the DHCP option 119 area enter your IPv4 DHCP range in the DHCP range box 4 In the DHCP option 119 area enter your primos subdomain in the primos subdo main box The Comma...

Страница 44: ...6d 79 64 6f 6d 61 69 6e 03 63 6f 6d 00 Configures option 119 After each execution the successful execution of the command is confirmed The primos subdomain is created on the DHCP server as option 119...

Страница 45: ...yboard appears 5 Add the primos subdomain Several search domains are to be separated comma 6 Let the key board fade out The primos subdomain has been configured as search domain on the iOS device The...

Страница 46: ...45 How to Manage User Profiles Access Control 46 How to Protect primos from Cross Site Scripting 48 How to Control the Access to primos TCP Port Access Control 48 How to Use Certificates Correctly 50...

Страница 47: ...n be selected Any The encryption is automatically negotiated by both communicating parties The strongest encryption supported by both parties will always be chosen Regular High Only cipher suites with...

Страница 48: ...t support SSL a connection can then not be established 4 From the Encryption level area select the desired level Warning Do not use the encryption level Low if you use up to date browser software and...

Страница 49: ...3 Note When logging into the primos Control Center 46 the password is transmitted in plain text We recommend to only use the HTTPS connection SSL TLS requires a certificate to check the identity of pr...

Страница 50: ...Active Directory or LDAP 17 Directory users can be used to log into the primos Control Center To do this they must be defined on primos The users defined can then authenticate themselves with their di...

Страница 51: ...vice 17 In the directory service users are defined 1 Start the primos Control Center 2 Select SECURITY Device access 3 Into the Users having access to this device box enter the directory service users...

Страница 52: ...ded from locking primos only accepts data packets from network elements defined as exceptions Please note This also applies to iOS devices If the TCP port access control is enabled you can only print...

Страница 53: ...ck the options 5 Make sure that the test mode is enabled 6 Click Save to confirm The settings are saved The port access control is activated until the device is restarted 7 Check the port access and c...

Страница 54: ...d Upon delivery a certificate the so called default certificate is stored in primos It is recommended that you replace the default certificate by a self signed certificate or a requested certificate a...

Страница 55: ...es 3 Click Self signed certificate an 4 Enter the relevant parameters table 10 51 5 Click Create Install The certificate will be created and installed This may take a few minutes Table 10 Parameters f...

Страница 56: ...es 6 Select Upload and save the requests in a text file 7 Click OK 8 Send the text file as certificate request to a certification authority When the certificate has been received it must be saved in t...

Страница 57: ...ate 6 Click Install The requested certificate is installed in primos Installing a PKCS 12 Certificate in primos PKCS 12 certificates are used to save private keys and their respective certificates and...

Страница 58: ...ificate of the authentication server RADIUS in primos Requirements The certificate must be in base64 format 1 Start the primos Control Center 2 Select SECURITY Certificates 3 Click CA certificate 4 Cl...

Страница 59: ...ntication server RADIUS First you must define the authentication procedure TLS PEAP TTLS etc to be used and configure it on all network devices involved What is RADIUS RADIUS Remote Authentication Dia...

Страница 60: ...rtificate signed by a CA The RADIUS server and primos must validate the certificate After the mutual authentication was successful the access to the network will be freed Since each device needs a cer...

Страница 61: ...er authentication The advantage of this procedure is that only the RADIUS server needs a certificate Therefore no PKI is needed Moreover TTLS supports most authentication protocols Requirements primos...

Страница 62: ...authentication methods including user passwords and one time passwords Requirements primos is defined as user with user name and password on a RADIUS server 1 Start the primos Control Center 2 Select...

Страница 63: ...methods to generate PACs The manual delivery mechanism can be every mechanism that the administrator configures and considers to be safe for the network In the case of the automatic delivery an encryp...

Страница 64: ...primos User Manual Security 60 the RADIUS server 9 Install a WPA add on Optional 10 Click Save to confirm The settings are saved...

Страница 65: ...onfiguration Settings Backup 62 How to Reset primos to Its Default Settings Reset 62 How to Perform an Update 63 How to Restart primos 64 How to Shut Down primos 65 How to Use the Service Function 65...

Страница 66: ...same major version of primos software Major software versions are distinguished by the second level of numbering Example A backup created for primos software 17 1 x cannot be installed on primos with...

Страница 67: ...Reset Button LEDs various ports and the reset button can be found on primos These components are described in the Quick Installation Guide Using the reset button you can reset the primos the configur...

Страница 68: ...e files can be downloaded from the homepage of SEH Computertechnik GmbH http www seh technology com services downloads download mobility solutions primos html Note Every update file has its own readme...

Страница 69: ...th your request e g via email Logging Per default only some information is stored in the service file If logging is enabled much more detailed information will be logged The SEH support can perform a...

Страница 70: ...our client Send the service file to the SEH support Configuring the SSH Access Note The SSH connection may only be established and used after consultation with the SEH support Using SSH for purposes o...

Страница 71: ...Name 67 Gateway 67 Hardware Address 68 Host name 68 IP Address 68 Subnet Mask 68 Default Name The primos default name is made up of the two letters IC and the device number The device number consists...

Страница 72: ...ppear only once in your local network The IP address must be saved in primos to make sure that it can be addressed within the network Subnet Mask With the help of the subnet mask large networks can be...

Страница 73: ...s the BIOS mode if the activity LED blinks regularly Warning primos is not operational in the BIOS mode If a primos is in the BIOS mode the device will be marked accordingly in the SEH primos App with...

Страница 74: ...check the cabling connections the primos IP address 7 and the proxy settings of your browser If you still cannot establish any connection the following safety mechanisms might be the cause The access...

Страница 75: ...e the same time server SNTP server for primos and the directory service Check the primos time server configuration 20 Make sure that a DNS server is configured in primos and that primos can access it...

Страница 76: ...t settings 62 Description 20 Device settings 20 DHCP 13 Directory service 17 35 Active Directory 17 35 46 LDAP 17 35 46 User 35 DNS Domain Name Service 16 DNS server 38 Documentation 3 Downloads 5 E E...

Страница 77: ...out 11 Security 9 Start 9 Structure 10 Print 24 36 Across subnets 37 Print center 37 Print Jobs 30 Print jobs Accept 33 Delete 33 Reject 33 Print queue See Queue Printer Action 33 Name 32 Start 33 Sto...

Страница 78: ...ubnet mask 13 68 Support 5 Switching Off 65 T TCP Port Access Control 48 Test mode 48 Test page 33 Time of the device 20 Time server 20 Time zone 20 Troubleshooting 69 U Update 63 URI Uniform Resource...

Отзывы:

Нет отзывов

Похожие инструкции для primos

Бренд: Citizen Страницы: 80

Бренд: Ganz Страницы: 5

Бренд: Xerox Страницы: 55

mC-Print3 MCP31LB

Бренд: Star Страницы: 12

Бренд: Buffalo Страницы: 80

Бренд: Olivetti Страницы: 69

LUXOMAT net ViSTATION

Бренд: B.E.G. Страницы: 4

Бренд: TYANO Страницы: 68

Бренд: Vxl Страницы: 19

Бренд: DNP Страницы: 93

Бренд: AC&T System Страницы: 32

Color Jetprinter 1020

Бренд: Lexmark Страницы: 4

System X Series

Бренд: IBM Страницы: 6

Бренд: Speco Страницы: 28

S510 - ScanSnap - Document Scanner

Бренд: Fujitsu Страницы: 295

Бренд: Cisco Страницы: 72

Бренд: Cisco Страницы: 64

TelePresence MSE 8710

Бренд: Cisco Страницы: 12

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды