You can increase the network security on the machine to avoid output of data and tampering data and increase the security and confidentiality.
We recommend that you set a network manager for security reasons when using the SSO-H.
The security on the network for this machine is maintained using the following modes.
You can have a safe encrypted communication by installing server certificate to the machine when the user is accessing the machine via browser. With SSL communication, using the server certificate and public key, common key that can only be used by the user and the machine is generated. Doing so, you can prevent interception and theft of the data. (See "Key Pair and Server Certificate Settings for Encrypted SSL Communication" and "Changing the Key Pair Used With SSL Encrypted Communications.")
The following is the structure of the SSL communication.
|
1.
|
When the user accesses the machine from their computer, the server certificate for SSL and the public key for the server are requested.
|
|
2.
|
The certificate and the public key is sent to the user's computer from the machine.
|
|
3.
|
Using the public key received from the server, encrypt the uniquely generated common key on the computer.
|
|
4.
|
Send the encrypted common key to the machine.
|
|
5.
|
Use the private key on the machine and decode the encrypted common key.
|
|
6.
|
Now, the user's computer and the machine both possess the common key and can send/receive data using the common key.
|
Firewall is a system that prevents access by outside network, and attacks/intrusions to the network. You can use firewall on this machine to block access from outside network that appears to be dangerous by restricting communication from specified outside IP address. (See "Confirming Settings and Block Log.")
SNMP is a protocol that manages the entire network. This machine supports SNMPv1 and SNMPv3. SNMP oversees and controls the communication machine connected to this machine via network. (See "Communication Environment Setup.")
Manages all of the authentication information via the authentication server (RADIUS: Remote Authentication Dial In User Service) and authenticates the supplicant. You can prevent unauthorized access because only the supplicant authenticated by the RADIUS server has permission to connect to the network by the authenticator.
The authenticator blocks communication for the supplicant that is not authenticated by the RADIUS server. (See "IEEE802.1X Authentication Settings.")
IPSec is a protocol for creating a security policy to protect data received from and sent to the IP network from threats such as interception, alteration, and theft. (See "IPSec Settings.") For information on the optional products required to use this function, see "Optional Products Required for Each Function."
Advanced Space is a storage in the machine that stores files in a file format such as PDF, JPEG, TIFF formats which can be used on your computer. There are two types of storage locations in the Advanced Space; Shared Space and Personal Space. In [Advanced Space Settings], you can specify various settings for the Advanced Space such as the Open to Public settings, user authentication settings, and whether to allow users to use the Personal Space. (See "Setting the Advanced Space.")
In [Network Settings], you can register the Advanced Space of another machine which is open to the public by SMB or WebDAV as the external reference. (See "Setting the Network.")
In [Network Settings], you can register the Advanced Space of another machine which is open to the public by SMB or WebDAV as the external reference. (See "Setting the Network.")
If the MEAP application is used by accessing this machine via Web browser, you can use the SSL communication. (See "MEAP Settings.")