HP JetAdvantage Security Manager 250 Device E-LTU User guide

Type
User guide

This manual is also suitable for

HP JetAdvantage Security Manager -
User Guide
SUMMARY
HP JetAdvantage Security Manager is a security compliance solution to create a security policy that assesses and monitors
the security settings for a eet of HP products.
Legal information
Copyright and License
© Copyright 2020 HP Development Company,
L.P.
Reproduction, adaptation, or translation without
prior written permission is prohibited, except as
allowed under the copyright laws.
The information contained herein is subject to
change without notice.
The only warranties for HP products and
services are set forth in the express warranty
statements accompanying such products and
services. Nothing herein should be construed
as constituting an additional warranty. HP shall
not be liable for technical or editorial errors or
omissions contained herein.
Applicable product: J8023AA
Edition 16.0, 12/2020 (version 4.0)
Trademark Credits
Microsoft®, Windows®, and Windows Server®
are U.S. registered trademarks of Microsoft
Corporation.
Adobe
®
, Acrobat
®
, and PostScript
®
are
trademarks of Adobe Systems Incorporated.
VMware® is a registered trademark of VMware,
Inc.
Table of contents
1 Introduction .................................................................................................................................................................................................1
2 Getting started with Security Manager....................................................................................................................................................3
Access the Security Manager application ...........................................................................................................................................3
Features of the Security Manager .......................................................................................................................................................3
Common controls and notications ....................................................................................................................................................5
What you must provide .........................................................................................................................................................................6
3 Setting up Security Manager.....................................................................................................................................................................7
Congure the Security Manager settings ...........................................................................................................................................7
Congure General settings ...................................................................................................................................................................7
Install licenses.........................................................................................................................................................................................8
Set up Instant On Security ................................................................................................................................................................. 10
Congure the email server settings ................................................................................................................................................. 13
Set up global credentials.................................................................................................................................................................... 14
4 Create a security policy........................................................................................................................................................................... 17
Policies page navigation..................................................................................................................................................................... 17
Create a policy ..................................................................................................................................................................................... 17
Edit a policy .......................................................................................................................................................................................... 18
Policy editor icons ...................................................................................................................................................................... 19
Set severity, remediation, and unsupported behavior to policy items in Quick Settings ............................................... 19
Set policy options for a single item ................................................................................................................................ 20
Set policy options for all the items or for a category .................................................................................................. 21
Set policy options for Firmware Security Assessment Reporting ............................................................................ 21
Export and Import policies................................................................................................................................................................. 21
Export a policy ............................................................................................................................................................................ 22
Import a policy............................................................................................................................................................................ 22
5 Using Security Manager .......................................................................................................................................................................... 23
Add and edit device information....................................................................................................................................................... 23
Create a group............................................................................................................................................................................. 23
Create a Manual Group ..................................................................................................................................................... 23
Create an Automatic Group.............................................................................................................................................. 24
Discover devices ......................................................................................................................................................................... 25
iii
Use Automatic Discovery to add or modify devices to a group ................................................................................. 25
Use Manual Discovery to add or modify devices to a group....................................................................................... 26
Edit a discovery task ......................................................................................................................................................... 27
Devices page navigation............................................................................................................................................................ 27
Export device details.................................................................................................................................................................. 28
Edit device and group information .......................................................................................................................................... 29
Manage Groups.................................................................................................................................................................. 29
Add, remove, or delete a device from a group.............................................................................................................. 30
Assign a license manually ................................................................................................................................................ 31
Set device credentials....................................................................................................................................................... 32
Set SSL/TLS enforcement................................................................................................................................................ 33
Assess and remediate ........................................................................................................................................................................ 34
Run or Schedule an assessment or remediation .................................................................................................................. 34
Task page navigation ................................................................................................................................................................. 35
Modify a task............................................................................................................................................................................... 36
Start a task ......................................................................................................................................................................... 36
Edit a task ........................................................................................................................................................................... 36
Delete a task....................................................................................................................................................................... 37
View assessment results........................................................................................................................................................... 37
View results from the Devices page ............................................................................................................................... 37
View results from the Reports page............................................................................................................................... 37
Setup alert subscriptions ................................................................................................................................................................... 38
Alert (subscriptions) page navigation...................................................................................................................................... 38
Create an alert subscription...................................................................................................................................................... 38
Edit, rename, or delete an alert subscription......................................................................................................................... 39
Run reports .......................................................................................................................................................................................... 40
Export and Schedule reports............................................................................................................................................................. 40
Generate reports and instantly export the reports .............................................................................................................. 40
Create a schedule to export reports........................................................................................................................................ 41
Edit or delete a created schedule............................................................................................................................................. 42
Export reports to customized locations ................................................................................................................................. 42
6 Use the HP Security Manager certicate management solution ..................................................................................................... 45
7 Network port assignments .................................................................................................................................................................... 47
8 Legal statements..................................................................................................................................................................................... 49
End User License Agreement ............................................................................................................................................................ 49
Copyrights ............................................................................................................................................................................................ 52
log4net license............................................................................................................................................................................ 52
nhibernate license...................................................................................................................................................................... 54
Appendix A Use the HP Security Manager certicate management solution.................................................................................... 61
Appendix B Network port assignments................................................................................................................................................... 63
Appendix C Legal statements ................................................................................................................................................................... 65
End User License Agreement ............................................................................................................................................................ 65
Copyrights ............................................................................................................................................................................................ 68
log4net license............................................................................................................................................................................ 68
iv
nhibernate license...................................................................................................................................................................... 70
v
vi
Introduction1
HP JetAdvantage Security Manager (HP Security Manager) is a security compliance solution for a eet of HP
products. It enables administrators to create a security policy to reduce network risks and monitor security for a
eet of printers.
The key benets of using Security Manager are the following:
Easily and quickly create device security policies. Intelligent prompts guide you through the process by
providing advice and recommendations as you congure the policy.
Add device IP addresses or hostnames using the following methods:
Import a text or XML le that contains the device information.
Automatically or manually discover devices.
Automatically assess/remediate devices when they are rst connected to the network using the Security
Manager Instant-On Security feature and allowing automatic remediation.
Create a schedule to run assessments or assess/remediate devices at preset intervals.
To learn more about HP Security Manager see the following topics:
Getting started with Security Manager on page 3
Setting up Security Manager on page 7
Using Security Manager on page 23
Introduction 1
2 Chapter 1 Introduction
Getting started with Security Manager2
Security Manager version 3.4 is a web-based application supported by the following browsers:
Internet Explorer (IE) 11 or newer
Edge 79 or newer (Chromium based)
Chrome 60 or newer versions.
To view the main topics in HP Security Manager Home page, see Introduction on page 1
The following sections will help you to get started with HP Security Manager:
Access the Security Manager application
Follow these steps to log into Security Manager:
1. Install HP Security Manager.
NOTE: For HP Security Manager installation instructions, see the HP JetAdvantage Security Manager
Installation and Setup Guide.
2. Make sure you have a supported web browser, and then open HP JetAdvantage Security Manager.
3. Make sure to add the user name to any of the following HPIPSC group for remote access to the web service:
HPIPSC
HPIPSC_Guest
HPIPSC_Analyst
4. Type your username (Domain\username), password, and then click Login.
NOTE: If the login operation fails, HP Security Manager displays an error notication message. A maximum
of 5 invalid password attempts will lock the account for 30 minutes.
Features of the Security Manager
The HP Security Manager features are always present on the top menu tabs, providing a user to easily access
each function.
The top menu tabs include:
Getting started with Security Manager
3
Dashboard
The Dashboard tab is the default page that displays after a successful login. It provides a graphical overview
of the device eet in the following tabs:
Current Fleet Status: Displays the current devices in the eet and provides the following information:
Number of devices: The total number of devices in the eet and the number of licensed and
unlicensed devices.
The number of licenses for the devices.
Assessment status of the devices.
Not assessed status of the devices.
The number of days remaining for license to Expire.
Historical Fleet Status: Displays the history of the devices in the eet depending on the number of
days selected in the Last Day(s) edit box. The Show data percentage option displays the percentage or
number in the report.
NOTE: The maximum selection for the number of days in the Last Day(s) edit box is “90”.
Depending on the range selected, it provides a comparative study of the rst and last date on the range
for the total number of devices, the assessment status, and not assessed status of devices.
NOTE: To select the rst date of the range, click on the bar graph. The last day of the range is usually
the current date.
Policies
The Policies tab displays information of the number of policies and the status for each policy (valid, invalid,
or new). It allows you to create, edit, and import policies.
Devices
The Devices tab displays information of the number of devices on the network, device identity information
(IP address, hostname, and model name), whether a device is supported, whether a license is assigned, date
assessed, most recent policy name used, and a group name associated with a device. Icons indicate whether
the device passed the assessment and the device status.
Use the Devices tab to perform the following tasks:
Create a group to associate devices to the group and manage these groups.
Discover devices connected to the network and add them to a group.
Create a task to assess or assess and remediate a group of devices.
Assign licenses, set credentials and verify devices.
Tasks
The Tasks tab displays information of the status of tasks (completed, in progress, or scheduled), name and
type of a task, associated policy, group name, and the schedule of the tasks (the task last ran and the task
schedule to run). It provides options to create and schedule new assessment /remediation tasks. You can
schedule a task to run once or to repeat as necessary, such as daily, weekly, or monthly.
4
Chapter 2 Getting started with Security Manager
Use the New Task icon from the Policies, Devices, or Tasks tabs to create a new task, and then view the
assessments /remediations of devices in the Task tab.
Alerts
The Alerts tab allows a user to create alerts based on set conditions for device groups and receive
notications.
Use the Alert icon to create alerts from the Devices or Alerts tabs to receive notication.
NOTE: To receive alert notications, make sure to set the SMTP Server in the Automated Email settings.
Reports
The Reports tab provides options to run reports that display information about devices, policies, and
assessments.
Use the Executive Summary report in the Reports tab to review recommendations and device status. For
more information about the various reports (Devices assessed, Devices not assessed, Policy items assessed,
Recommendations, and Remediations), see, Run reports on page 40.
Settings icon ( )
Displays the following options:
Settings: Allows you to congure global settings.
About HPSM: Displays a graphical overview of the software.
Help: Provides information and instructions for HP Security Manager.
Help (whitepapers): Displays list of Whitepaper links with additional Help information.
Prole icon ( )
Displays the username (role assigned to a user), and a Logout button.
Security Manager assigns the following roles to users:
Administrator: Enables a user to access all features and perform all operations in Security Manager.
Analyst: Enables a user to access all features but perform limited operations in Security Manager. This
includes disabling the My Preferences and General options in Settings.
Guest: Enables a user to only view the Dashboard and Reports tabs, it does not allow any interactive
operation.
NOTE: By default, the domain user account used for installing HP Security Manager is the administrator. To
add additional users, the administrator will add the domain user to an appropriate group based on a specic
role.
Common controls and
notications
This section provides the controls and notications consistent across all tabs in HP Security Manager.
Common controls in the Devices, Policies and Tasks list panel
Common controls and
notications 5
Filter - Sorts or lters the contents displayed in a list panel based on lter criteria. The available lter
options depend upon the active columns. Filter options will only appear if the corresponding columns (IP
address, Assessment Status, Supported, Licensed, Group Membership, or Device Status) are displayed.
Search - Searches for strings in the list panel.
Sort — Allows every column in the device list panel to be sorted. Click the arrow next to a column
heading to sort the column. To change the order of the columns, you can drag and drop the columns.
Common notication types
NOTE: All notications are dismissed after ve seconds.
Success message: A message displays in a green slide out for a successful operation.
Information message: A message displays in a blue slide when the system provides information of the
operation.
Failure message: A message displays in a red slide out for a failed operation.
What you must provide
The following are the basic requirements to use HP Security Manager:
A supported Microsoft Windows computer.
The following Microsoft Windows 64-bit operating systems are supported:
Windows Server 2019, 2016, 2012, 2012 R2 and 2008 R2.
Windows 10, 8.1, and 8.
HP Security Manager is supported in a VMware environment.
Requirements: Microsoft Windows Server 2012 R2 or later (64-bit versions) is a compatible guest operating
system in VMware ESX and ESXi versions 4.0 Update 4 or later.
A supported HP device (printer, MFP, digital sender, or a supported Zebra device).
For a current list of supported HP devices, go to www.hp.com/go/SecurityManager.
The latest HP device rmware version.
HP recommends that you install the latest rmware version to ensure that the devices contain the latest
security updates and features. For rmware upgrade instructions, see the setup or user guides provided with
the device.
The latest HP JetDirect rmware version.
HP JetDirect cards require rmware version 40.xx or newer. For rmware upgrade instructions, see the
set up or use guides provided with the HP JetDirect. For products with embedded NIC's, it's always
recommended to use the latest rmware.
6
Chapter 2 Getting started with Security Manager
Setting up Security Manager3
Use the instructions in this section to set up the Security Manager settings.
Congure
the Security Manager settings
Learn how to congure HP Security Manager settings.
1. Log in to HP Security Manager and select the Settings menu icon ( ), and then select the Settings option.
2. In the left navigation pane, select one of the following menus to congure the settings:
My Preferences - To select the Time Format (12 or 24 hours)
General - To congure device remediation and hostname resolution settings.
Licenses - To install Security Manager licenses.
Instant-On Security - To discover and congure devices when they are rst connected to the network.
Automated Email - To set up email settings and notify recipients.
Global Credentials - To set up global credentials to verify device credentials.
Service Integration - To set up integration with Qualys.
To view the main topics in HP Security Manager Home page, see Introduction on page 1
Congure
General settings
HP recommends verifying the global remediation setting that controls whether an out-of-compliance device is
remediated (corrected) during the assessment process.
NOTE: To control how individual out-of-compliance policy items are processed during remediation, use the
policy's Quick Settings (Policy). For more information, see Set severity, remediation, and unsupported behavior
to policy items in Quick Settings on page 19.
NOTE: HP Security Manager resolves IP addresses to hostnames only during the initial discovery. To resolve IP
addresses to hostnames at a later time, delete the device, and then add the device again.
Follow these steps to set the device remediation and hostname resolution option:
1. Log in to HP Security Manager and select the Settings menu icon ( ), and then select the Settings option.
Setting up Security Manager
7
2. On the left navigation pane, in the General menu, select the appropriate remediation option for devices:
Enable device remediation (Remediate and Report) - This is the default option selected and enables to
remediate out-of-compliance devices.
Disable device remediation (Report Only) - Select this option to disable remediation.
NOTE: To prevent accidental changes to devices on the network, disable device remediation. When
this option is selected, the setting applies to all policies and takes precedence over an individual policy's
advanced remediation settings (Quick Settings (Policy)).
3. In the Hostname Resolution section, enable or disable the Resolve IP addresses to hostnames when devices
are added option.
NOTE: This option is enabled by default and allows HP Security Manager to resolve IP addresses to
hostnames when devices are added. When set to enabled, this option requires that the DNS entry functions
in both directions. Otherwise, the device import fails, and the hostname will not be added during discovery.
To disable the option, select to clear the check box.
4. In the Repetitive Remediation Report section, enable or disable the Enable Reporting option.
By default, this option is disabled. When enabled, it reports devices that are continually out-of-compliance
and has the following reporting features:
Remediation Threshold: Type the number of remediation attempts for devices that are reported
continually out-of-compliance.
Renew Reporting: Select the time period (month, start date, and type in a start time) to reset the
remediation attempts count for devices.
NOTE: Repetitive Remediation Report is renewed instantly for an elapsed start date and time.
5. In the Device Assessment History section, enable or disable the Enable Reporting option. By default, this
option is set to enabled and allows to set Save Assessment data.
6. Select an option under the Remove historical data section to remove Recommendation and Remediation
data older than specied days to free up disk space.
NOTE: The latest report will not be removed.
7. Click Save.
NOTE: If the default selections have not been changed, the Save button will remain disabled.
Install licenses
Licenses are provided using a license
le. To create a policy, or to assess and remediate the devices on the
network, install a HP Security Manager device license. Without a device license, all other actions are available,
such as sorting, ltering, and verifying.
NOTE: HP Security Manager is installed with a demonstration license that allows a limited assessment for up
to 50 devices. Only a demonstration policy is available for use and the Policy Editor is limited to a few items.
This license is overridden when a trial or full license is installed. Contact your HP representative for more
information.
8
Chapter 3 Setting up Security Manager
NOTE: If HP JetAdvantage Security Manager service is not running, an error message will display on the HP
Security Manager application.
The purchase of HP Security Manager should include device licenses.
Licenses are node locked using the HPSM's server MAC address.
After licenses are installed, devices are automatically licensed when the following actions occur:
when adding devices using a text or xml le. For more information, see Use Manual Discovery to add or
modify devices to a group on page 26.
when discovering devices using the Instant-On Security feature. For more information, see Set up
Instant On Security on page 10.
If there are insuicient licenses available during an import, the devices are added but not licensed. For
devices that are not licensed, add licenses in the Settings page, and then use the Assign Licenses icon
located in the device toolbar in the Devices page.
NOTE: To reduce the risk of depleting all the licenses, make sure that there are enough licenses before
importing.
To return licenses to the license pool, delete the licensed device.
NOTE: Deleting a licensed device removes that device's historical data.
License Settings
The License Expiry Threshold text box is for temporary licenses and allows a user to set up a notication of the
number of days before a license expires.
Follow these steps to install licenses or add additional licenses:
1. Log in to HP Security Manager and select the Settings menu icon ( ), and then select the Settings option.
2. On the left navigation pane, click Licenses.
3. Click Add Licenses.
4. Locate where the license le (.lic) is stored in the le browser and double-click to open the le.
HP Security Manager reads the license le and updates the Settings page with the available licenses and
expiration information.
This includes the number of days remaining before the license expires. A license warning message will
display before the license expires.
If an error displays, the causes are:
HP Security Manager cannot connect to the license server.
HP Security Manager tried to update a demonstration license. A new demonstration license will not
override an existing demonstration license.
HP Security Manager tried to install a demonstration license when a normal license is currently
installed.
HP Security Manager tried to install the same license le.
HP Security Manager tried to install a corrupted or invalid license le.
Install licenses
9
5. Click View License Details to open the Individual License Details window. It contains details about the
Individual license.
NOTE: If there is mismatch in the license reported via dierent Flexera APIs then an extra Note is shown in
Individual License Details window reporting this inaccuracy in license count.
6. In the License Expiry Threshold text box, type a number from 7 to 60.
NOTE: Depending on the number of days congured, the application will display a license warning
message after a user logs into the application. This message will provide information of the number of days
remaining when the license expires.
Set up Instant On Security
HP Enterprise printers running the latest
rmware version use the Instant-On Security and the HP Device
Announcement Agent features to automatically announce their presence to HP Security Manager when they are
rst connected to the network.
To discover and congure devices across applications like HP Security Manager, HP Web Jetadmin and HP
JetAdvantage Connector (JAMC), congure the Primary Listener and the Secondary Listener options. The “Device
Announcement Agent (DAA) server” is called the Primary Listener. The work of the Primary Listener is to route
devices to the Secondary Listener. HP Security Manager is a primary or secondary listener and HP Web Jetadmin
can only be a secondary listener.
NOTE: Automatic assessment/ remediation of newly discovered devices requires a device license and a valid
initial assessment policy.
NOTE: To implement Instant-On Security, the device must support HP Device Announcement Agent.
For a list of devices that include HP Device Announcement Agent, go to www.hp.com/go/SecurityManager.
Automatic discovery requires that the Accept Device Announcements feature is enabled (disabled by default) and
the device's HP Device Announcement Agent feature is enabled (enabled by default). In addition, the corporate
DNS server must be congured with an entry that points the hostname hp-print-mgmt to the IP address of the
HP Security Manager server, when HP Security Manager is the Primary Listener.
When the device announcement agent is activated on a compatible printer, the HP device announcement agent
looks for a host with the DNS hostname of hp-print-mgmt. If found, the device announces itself directly
to HP Security Manager. If Accept Device Announcements is enabled and the device passes the minimum
authentication requirements, the device is automatically added to HP Security Manager.
NOTE: A device is not added to HP Security Manager if it fails the minimum authentication required for the
assessment.
When the device announcement agent is enabled, it announces itself to the HP Security Manager server in the
following situations:
When the device is turned on.
When a cold reset is performed on the device.
When the IP stack comes up (for example, after a network conguration change).
When the conguration server IP address changes (use this if a DNS entry cannot be used).
10
Chapter 3 Setting up Security Manager
When the HP Device Announcement Agent feature is enabled using the check box in the device
HP Embedded Web Server or the device control panel.
FutureSmart 4 devices announce their presence every 48 hours.
When Accept Device Announcements is enabled, each device that passes the authentication is assigned a device
license from the license pool.
Follow these steps to set up Instant-On Security:
NOTE: The Instant-On Security feature might fail, if IPsec, Windows rewall, or other rewalls does not allow
communication with HP Security Manager using port 3329.
1. To activate Instant-On Security and automatic remediation, request the site administrator to add an entry in
the corporate DNS server that points hp-print-mgmt to the IP address of the HP Security Manager server.
2. Enable communication with port 3329.
a. Click the Settings menu icon ( ), and then select the Settings option.
b. In the left navigation pane, select Instant-On Security.
c. Select the Accept Device Announcements check box, and then click OK in the conrmation dialog box
to enable communication with port 3329.
3. Determine if Security Manager should be the Primary Listener or Secondary Listener.
If HP Security Manager is set as the Primary Listener, follow these steps to add information of the
Secondary Listener:
NOTE: Only ve Secondary Listeners are allowed. This value can be altered in the conguration le
“maxSecondaryListeners”. After updating the conguration, it is required to restart the Service and IIS.
NOTE: HP Web Jetadmin can only be set as a Secondary Listener. Security Manager and HP
JetAdvantage Connector can be set as a Primary or Secondary Listener.
a. Click New, and then type the IP Address or Hostname and Description.
b. If required , select the Validate the Identity Certicate before sending Device announcement
message to the Listener check box.
c. To modify a Secondary Listener, select the row in the Secondary Listeners table, and click Edit.
d. To delete a Secondary Listener, select the row in the Secondary Listeners table, and click Delete.
If HP Security Manager is set as the Secondary Listener, follow these steps to select one of the
following server certicates to use for authentication and validation by the Primary Listener:
Self-Signed
CA-Signed
4. Select an Authentication method for the Primary and Secondary Listener. The default option is No
Authentication (Out of the Box).
If authentication is not required, select No Authentication (Out of the Box).
NOTE: This is the simplest authentication method because HP Security Manager automatically
congures devices to be compliant with the security policy when they are taken out of the box and
Set up Instant On Security
11
connected to the network. This method also works on devices when a cold reset is performed because
no authentication is required for auto discovery, assessment, and remediation.
For the highest authentication level, select Mutual Authentication, click Select Certicate, select a
certicate from the list of certicates found on the HP Security Manager server, and then click Select.
NOTE: Optionally, you can use HP Security Manager to manage the identity certicates on the HP
Security Manager server and the devices.
NOTE: This authentication method is most secure as it requires certicates to be congured on the
device and in HP Security Manager. This enables the HP Security Manager server and the device to
verify that the
certicate for the other is valid. When the IP address of a device changes or a cold reset
is performed, the device and the HP Security Manager server communicate using the secure socket
layer (SSL) to validate certicates before an automatic remediation occurs. The certicates must be
valid identity certicates signed by a trusted certicate authority and installed on the HP Security
Manager server and each device. Each device must be set to require mutual authentication using
certicates during a pre-staging process.
5. To restrict and control the devices entering HP Security Manager, select the Use Device Serial Number List
check box, and then click Add Device Serial Number(s).
6. Select one of the following methods to add serial numbers on the Add Device Serial Number(s) window:
NOTE: Security Manager uses the list of serial numbers to accept a device the rst time, and then
automatically removes the serial number from the list. It recognizes all future announcements by that
device as a valid device.
Type the printer’s serial number in the Device Serial Number text box, and then click Add to list.
Click Add from le, locate the xml or text le from your le browser, open the le in Security Manager,
and then click Add.
7. Create a valid policy from the Policies page.
For instructions, see Create a policy on page 17
NOTE: You must create a valid initial policy to use with Automatic Remediation.
8. Select the Allow Automatic Remediation check box to activate automatic remediation.
NOTE: If Allow Automatic Remediation is enabled, an automatic assessment/ remediation of the device
occurs.
9. Select a policy from the Initial Assessment Policy drop-down list to ensure new devices are compatible with
the requirement.
NOTE: The valid policies are sorted in the list from the oldest to newest policy. This policy is used for
newly announced devices and ensures that the device is fully compliant with the requirements. The selected
Initial Assessment Policy is always used one time for the initial remediation. After the initial assessment, HP
Security Manager uses the most recently applied policy.
NOTE: If the policies are not valid, a “No valid policies” message displays in the Initial Assessment Policy
text box and the Save button is disabled.
12
Chapter 3 Setting up Security Manager
10. Click Save to save the entries.
NOTE: If HP JetAdvantage Security Manager service is not running, the HP Security Manager application
will not save the entries, and display an error message.
After conguring the Instant-On Security settings, devices powered on will automatically populate and remediate
in HP Security Manager.
Devices automatically discovered display in the Instant-On Auto Discovered column in the Devices page.
Congure the email server settings
Use the Automated Email setting option to congure the email server to authenticate and send email
notications when scheduled tasks are completed.
Follow these steps to congure email server settings:
1. Log in to HP Security Manager and select the Settings menu icon ( ), and then select the Settings option.
2. On the left navigation pane, click Automated Email.
3. In the E-mail Server Settings section, type the information required to identify the email server.
SMTP Server – Contains the hostname or IP address of the email server.
Port – Contains the network port to use to contact the email server.
NOTE: By default, the network port is set to 25.
Enable SSL – Enables or disables the use of SSL when working with the email server.
NOTE: By default, this option is set to enabled.
Specify CredentialsSpecies whether user credentials are required. If enabled, then the Username,
Password, and Domain text boxes are available.
Username – The name used to log in to the SMTP (email) server.
Password – The password used to log in to the SMTP server. The characters are encrypted when
typed.
Domain (Optional) – The username is often related to a domain. If so, then the domain is required
to qualify the username.
4. In the Automatic Email Notication Settings, type the information required.
Email Subject – The subject used in the email that is sent.
Recipient(s) – An email addresses of one or more recipient.
If more than one addresses are specied, use a space, comma, or semicolon to separate the addresses.
NOTE: If an email address is incorrect, tasks will run for a longer time and fail.
From Address – The email address used for the sender in the message.
5. Send a test email.
Congure
the email server settings 13
a. Click Send Test E-mail to make sure that the server and the congured settings are correct.
b. Check your email for the test email.
6. Click Save.
Click Yes to conrm the changes to the settings in the conrmation dialog box.
Set up global credentials
Global credentials are used as part of the device verication process when performing tasks which include device
discovery, verifying devices, assess only, assess and remediate of a device and setting the Instant-On Security
feature.
Use the Global Credentials feature to set global credentials for all existing devices and custom groups.
When verifying devices, HP Security Manager rst attempts to check the assigned device credentials for a device.
If the verication fails with device credentials, it checks the devices default credentials. If the default credentials
verication fails, it veries the device with the global credentials.
NOTE: The device, default, and global credentials are also applicable for Assess Only and Assess and
Remediate policies on a device.
Follow these steps to set up the Global Credentials:
1. Log in to HP Security Manager and select the Settings menu icon ( ), and then select the Settings option.
2. On the left navigation pane, click Global Credentials.
3. On the SNMP Credentials section, complete the following steps to set the SNMPv1/v2 Read, Read/Write
or/and SNMPv3 credentials:
a. Select the Get Community Name check box, type the SNMP v1/v2 Get (e.g. Read) Community name in
the rst text box, and then type the name again in the second text box to conrm.
b. Select the Set Community Name check box, type the SNMP v1/v2 Set (e.g. Read/ Write) Community
name in the rst text box, and then type the name again in the second text box to conrm.
4. Set the SNMP v3 credentials:
a. Select the Set v3 Credentials check box.
b. Type the SNMP name in the User Name text box.
c. Type the Authentication Passphrase, and then type the passphrase again to conrm.
d. Select the Authentication Protocol (MD5 or SHA).
e. Type the Privacy Passphrase, and then type the passphrase again to conrm.
NOTE: If the device requires key credentials, Security Manager automatically converts the
passphrase.
f. Select the Privacy Protocol (DES or AES).
5. On the Other Credentials section, complete the tasks to set up the credentials.
14
Chapter 3 Setting up Security Manager
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59
  • Page 60 60
  • Page 61 61
  • Page 62 62
  • Page 63 63
  • Page 64 64
  • Page 65 65
  • Page 66 66
  • Page 67 67
  • Page 68 68
  • Page 69 69
  • Page 70 70
  • Page 71 71
  • Page 72 72
  • Page 73 73
  • Page 74 74
  • Page 75 75
  • Page 76 76
  • Page 77 77
  • Page 78 78
  • Page 79 79
  • Page 80 80
  • Page 81 81
  • Page 82 82

HP JetAdvantage Security Manager 250 Device E-LTU User guide

Type
User guide
This manual is also suitable for

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI