[unisog] Printers, printers, printers

Paul FM paulfm at me.umn.edu
Wed Dec 12 13:24:27 GMT 2007

We actually have two private subnets.

One, which basically only allows the print-server to talk to the printers.
And another, which is only accessible from within the department (We have 
some people who don't want to send through the print server - and there are 
the multi-function devices).

Dan Green wrote:
> We have the same setup for printers (well, we have it and are slowly moving
> printers on to the secured VLAN), and yes, nothing gets on the network
> without a SysAdmin giving it an IP address. Use the same setup for IP based
> security cameras as well. 
> Cheers,
> Dan
> **********************
> Dan Green
> Director of Information Technology
> Dept. of Electrical and Computer Engineering 
> North Carolina State University 
> dan_green at ncsu.edu
> 919.515.0136
> 919.515.5523 (fax)
> http://www.wolftech.ncsu.edu/
> -----Original Message-----
> From: unisog-bounces at lists.dshield.org
> [mailto:unisog-bounces at lists.dshield.org] On Behalf Of
> Valdis.Kletnieks at vt.edu
> Sent: Tuesday, December 11, 2007 5:12 PM
> To: UNIversity Security Operations Group
> Subject: Re: [unisog] Printers, printers, printers
> On Tue, 11 Dec 2007 16:46:11 EST, "Gaddis, Jeremy L." said:
>> On 12/11/07, Martin Manjak <MManjak at uamail.albany.edu> wrote:
>>> I'm curious as to what other schools are doing with respect managing 
>>> printers. Some of the issues and challenges include:
>>> I'm very interested in what types of controls people may have in 
>>> place to address any of the above?
>> We put printers on their own subnets, with ACLs in place that prevent 
>> "printer traffic" except from authorized print servers.  The same set 
>> of ACLs prevents access to the management interface except from 
>> authorized managers.
> How do you enforce that for printers that people/depts buy for themselves,
> or do you have total control over the network, so they can't connect
> *anything* without your OK?
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> https://lists.sans.org/mailman/listinfo/unisog

The views and opinions expressed above are strictly
those of the author(s).  The content of this message has
not been reviewed nor approved by any entity whatsoever.
Paul Markfort   Info: http://www.menet.umn.edu/~paulfm

More information about the unisog mailing list