Thank you for your feedback



Lexmark Secure by Default FAQS

Document ID:FA1301

Usergroup :External
  Languages  
  Properties  

Solution

Affected Products:

Single-Function: CS33x, C3224, C3326, CS42x, CS52x, CS62x, CS72x, CS82x, CS92x, C2240, C2325, C2425, C2535, C2240, C4150, C6160,
B2236, MS32x, MS42x, MS52x, MS62x, MS72x, MS82x, B2338, B2442, B2546, B2650, B2865, M1242, M1246, M3250, M5255, M5265, M5270

Multifunction: CX33x, MC3224, MC3326, XS925, XS955, CX42x, CX52x, CX62x, CX72x, CX82x, CX92x, MC2325, MC2425, MC2535, MC2640, XC2235, XC4240, XC4140, XC4150, XC6152, XC8155, XC8160,
XC9235, XC9245, XC9255, XC9265, MB2236, MX32x, MX42x, MX52x, MX62x, MX72x, MX82x, MB2442, MB2546, MB2650, MB2770, XM1242, XM1246, XM3250, XM5370, XM7355, XM7370

 

Overview:

The 2019 printer firmware (FW6.1 or FW7+) defines a default configuration that is reasonably secure and in compliance with regulations.
This article highlights some of the key changes to expect on printers with the 2019 firmware.

 

Comparison of Secure Default Settings between Firmware Releases

  Current FW (Up to FW6.1) Firmware 7+
Admin Account in ISW Not available Available with Opt out option
    With Admin Account (opt-in) Without Admin Account (opt-out)
Disk Encryption *OFF *ON *ON
Default Cipher List *OWASP Cipher String ‘B’
 
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES256-SHA256
DHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-SHA
ECDHE-RSA-AES128-SHA
DHE-RSA-AES256-SHA
DHE-RSA-AES128-SHA
*OWASP Cipher String ‘B’
 
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES256-SHA256
DHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-SHA
ECDHE-RSA-AES128-SHA
DHE-RSA-AES256-SHA
DHE-RSA-AES128-SHA
*OWASP Cipher String ‘B’
 
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES256-SHA256
DHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-AES256-SHA
ECDHE-RSA-AES128-SHA
DHE-RSA-AES256-SHA
DHE-RSA-AES128-SHA
Restricted ports *TCP 79 (Finger) *TCP 79 (Finger)
*TCP 21 (FTP)
*UDP 69 (TFTP)
*TCP 5001 (IPDS)
*TCP 9600 (IPDS)
*TCP 10000 (Telnet)
*TCP 79 (Finger)
*TCP 21 (FTP)
*UDP69 (TFTP)
*TCP 5001 (IPDS)
*TCP 9600 (IPDS)
*TCP 10000 (Telnet)
Restricted  Functions in Admin Menu   Security Menu
Network/Ports Menu
Function Configuration Menus
Option Card Menu
SE Menu
 
Restricted Functions in Device Management Operator Panel Lock Operator Panel Lock
Import / Export All Settings
Operator Panel Lock

* Denotes Out-of-the-box-settings.

 

Solution:

Additional security settings can be adjusted as usual after completing the account setup in the Initial Setup Wizard in order to customize the device security to the customers preference.

 

Still Need Help?

Further information about security setup can be found in the Embedded Web Server Administrator’s Guide for the product.

Have the following available when calling Lexmark Technical Support;

  • Printer model(s)
  • Printer serial number

 



Link:
Please enter the email address you would like to send a copy of this page to.