[unisog] Printers, printers, printers

Dan Green dan_green at ncsu.edu
Tue Dec 11 22:59:36 GMT 2007


We have the same setup for printers (well, we have it and are slowly moving
printers on to the secured VLAN), and yes, nothing gets on the network
without a SysAdmin giving it an IP address. Use the same setup for IP based
security cameras as well. 

Cheers,
Dan

**********************
Dan Green
Director of Information Technology
Dept. of Electrical and Computer Engineering 
North Carolina State University 
dan_green at ncsu.edu
919.515.0136
919.515.5523 (fax)
http://www.wolftech.ncsu.edu/




-----Original Message-----
From: unisog-bounces at lists.dshield.org
[mailto:unisog-bounces at lists.dshield.org] On Behalf Of
Valdis.Kletnieks at vt.edu
Sent: Tuesday, December 11, 2007 5:12 PM
To: UNIversity Security Operations Group
Subject: Re: [unisog] Printers, printers, printers

On Tue, 11 Dec 2007 16:46:11 EST, "Gaddis, Jeremy L." said:
> On 12/11/07, Martin Manjak <MManjak at uamail.albany.edu> wrote:
> > I'm curious as to what other schools are doing with respect managing 
> > printers. Some of the issues and challenges include:
> >
> > I'm very interested in what types of controls people may have in 
> > place to address any of the above?
> 
> We put printers on their own subnets, with ACLs in place that prevent 
> "printer traffic" except from authorized print servers.  The same set 
> of ACLs prevents access to the management interface except from 
> authorized managers.

How do you enforce that for printers that people/depts buy for themselves,
or do you have total control over the network, so they can't connect
*anything* without your OK?



More information about the unisog mailing list