Multifunction Device and Network Printers STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
MFD or a printer can be managed from any IP
<GroupDescription></GroupDescription>Group -
There is no restriction on where a MFD or a printer can be remotely managed.
<VulnDiscussion>Since unrestricted access to the MFD or printer for management is not required the restricting the management interface to sp...Rule High Severity -
Print Services Restricted to Port 9100 and/or LPD
<GroupDescription></GroupDescription>Group -
Print services for a MFD or printer are not restricted to Port 9100 and/or LPD (Port 515). Where both Windows and non-Windows clients need services from the same device, both Port 9100 and LPD can be enabled simultaneously.
<VulnDiscussion>Printer services running on ports other than the known ports for printing cannot be monitored on the network and could lead t...Rule Low Severity -
MFD/Printer Restrict Jobs Only From Print Spooler
<GroupDescription></GroupDescription>Group -
A MFD or printer is not configured to restrict jobs to those from print spoolers.
<VulnDiscussion>If MFDs or printers are not restricted to accept print jobs only from print spoolers that authenticate the user and log the j...Rule Medium Severity -
MFD Authorized Users Restrictions
<GroupDescription></GroupDescription>Group -
Print spoolers are not configured to restrict access to authorized users and restrict users to managing their own individual jobs.
<VulnDiscussion>If unauthorized users are allowed access to the print spooler they can queue large print file creating a denial of service fo...Rule Medium Severity -
MFD and Spooler Auditing
<GroupDescription></GroupDescription>Group -
The devices and their spoolers do not have auditing enabled.
<VulnDiscussion>Without auditing the identification and prosecution of an individual that performs malicious actions is difficult if not impo...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.