安全策略的列表

本节介绍可以应用于打印机的安全策略的列表。

Interface

Wireless Connection Policy
Prohibit use of Direct Connection
Prohibit use of wireless LAN
USB Policy
Prohibit use as USB device
Prohibit use as USB storage device

Network

Communication Operational Policy
Always verify signatures for SMB/WebDAV server functions
Always verify server certificate when using TLS
Prohibit cleartext authentication for server functions
Prohibit use of SNMPv1
Port Usage Policy
Restrict BMLinkS port (port number: 1900)
Restrict dedicated port (port number: 9002, 9006, 9007, 9011-9015, 9017-9019, 9022, 9023, 9025, 20317, 47545-47547)
Restrict FTP port (port number: 21)
Restrict SIP (IP fax) port (port number: 5004, 5005, 5060, 5061, 49152)
Restrict IPP port (port number: 631)
Restrict LPD port (port number: 515)
Restrict mDNS port (port number: 5353)
Restrict RAW port (port number: 9100)
Restrict remote operation's software port (port number: 5900)
Restrict SLP port (port number: 427)
Restrict SMB port (port number: 137, 138, 139, 445)
Restrict SMTP port (port number: 25)
Restrict SNMP port (port number: 161)
Restrict WSD port (port number: 3702, 60000)

Authentication

Authentication Operational Policy
Prohibit guest users to use device
Force settings of auto logout
Password Operational Policy
Prohibit caching of password for external servers
Display warning when default password is in use
Prohibit use of the default password for remote access
Password Settings Policy
Set minimum number of characters for password
Set password validity period
Force use of at least 1 lowercase character
Force use of at least 1 digit
Force use of at least 1 symbol
Force use of at least 1 uppercase character
Prohibit use of 3 or more identical consecutive characters
Lockout Policy
Enable lockout

Key/Certificate

Prohibit use of weak encryption
Prohibit use of key/certificate with weak encryption
Use TPM to store password and key

Log

Force recording of audit log
Force SNTP settings

Job

Printing Policy
Prohibit immediate printing of received jobs
Sending/Receiving Policy
Allow sending only to registered addresses
Force confirmation of fax number
Prohibit auto forwarding

Storage

Force complete deletion of data