To ensure the security of Card Authentication Package v2 (CAP v2) /Enhanced Locked Print NX v2 (ELP-NX v2), the security settings must be set to match the customer's environment.
To prevent damage from malicious attackers, follow the points below in addition to the contents of "Software/Extension Security" and ensure that installation and setup are performed properly.
To prevent leakage of user information over the network during authentication, we recommend that models that support encrypted communication use it. We also recommend using an authentication method with higher security.
We recommend that customers who use "Simple" with the Active Directory authentication change to Kerberos authentication.
To prevent eavesdropping of the communication content, we recommend setting the communication protocol to LDAPS when using LDAP authentication.
To prevent eavesdropping of the communication content, we recommend setting the communication protocol to HTTPS when using Card Authentication Package Enterprise Server v2.
We recommend you to use a digital certificate issued by a trusted third-party certification authority instead of a self-signed certificate. If you want to use a self-signed certificate, it has to be installed from Admin Tool.
To prevent leakage of print information over the network during printing, we recommend that models that support encrypted communication use it. Set the SSL communication setting to "On" (enabled) in the print settings.
We recommend you to use a digital certificate issued by a trusted third-party certification authority instead of a self-signed certificate. If you want to use a self-signed certificate, it has to be installed from Admin Tool.
To prevent leakage of user information over the network during authentication, we recommend that models that support encrypted communication use it. We also recommend using an authentication method with higher security.
To enable encrypted communication, enable the SSL/TLS setting on the administrator web page. Match the SSL/TLS version and encryption strength used to the multifunction device or printer settings.
We recommend you to use a digital certificate issued by a trusted third-party certification authority instead of a self-signed certificate. If you want to use a self-signed certificate, it also has to be installed from Admin Tool.
We recommend you to encrypt print documents you want to save.
To prevent leakage of print information over the network during printing, we recommend you to use encrypted communication.
To enable encrypted communication, enable the SSL/TLS setting on the administrator web page. Match the SSL/TLS version and encryption strength used to the multifunction device or printer settings.
Also enable the SSL/TLS setting when connecting to an external database.
We recommend you to use a certificate issued by a trusted third-party certification authority instead of a self-signed certificate as the digital certificate used to encrypt the communication. If you want to use a self-signed certificate, it also has to be installed on the server.
Use on a network protected by a firewall, not directly connected to the Internet.
After changing the administrator or password of the multifunction device or printer, the ID and password of the device administrator in Admin Tool must also be changed.
To prevent eavesdropping of the network, we recommend you to turn "On" (enable) the SSL communication setting.