ManualsPro Honeywell Honeywell PM43/PM43c MID Range Industrial Barcode Printer User Guide

Honeywell PM43/PM43c MID Range Industrial Barcode Printer User Guide

June 6, 2024
Honeywell

Honeywell logo

Network and Security for Honeywell Printers
User Guide

Disclaimer

Honeywell International Inc. (“HII”) reserves the right to make changes in specifications and other information contained in this document without prior notice, and the reader should in all cases consult HII to determine whether any such changes have been made. The information in this publication does not represent a commitment on the part of HII. HII shall not be liable for technical or editorial errors or omissions contained herein; nor for incidental or consequential damages resulting from the furnishing, performance, or use of this material. HII disclaims all responsibility for the selection and use of software and/or hardware to achieve intended results. This document contains proprietary information that is protected by copyright. All rights are reserved. No part of this document may be photocopied, reproduced, or translated into another language without the prior written consent of HII. Copyright 2020 Honeywell International Inc. All rights reserved. Web Address: www.honeywellaidc.com

Trademarks

Google and Android are trademarks of Google LLC.
Bluetooth trademarks are owned by Bluetooth SIG, Inc., U.S.A. and licensed to Honeywell.
microSD is a registered trademark of SD-3C, LLC.
Qualcomm and Snapdragon are registered trademarks or trademarks of Qualcomm Incorporated in the United States and/or other countries. Other product names or marks mentioned in this document may be trademarks or registered trademarks of other companies and are the property of their respective owners.

Patents
For patent information, refer to www.hsmpats.com.

Customer Support

Technical Assistance
To search our knowledge base for a solution or to log in to the Technical Support portal and report a problem, go to www.hsmcontactsupport.com. For our latest contact information, see www.honeywellaidc.com/locations.

Product Service and Repair

Honeywell International Inc. provides service for all of its products through service centers throughout the world. To obtain warranty or non-warranty service, return your product to Honeywell (postage paid) with a copy of the dated purchase record. To learn more, go to www.honeywellaidc.com and select Service & Repair at the bottom of the page.

Limited Warranty

For warranty information, go to www.honeywellaidc.com and click Get Resources

Product Warranty.

INTRODUCTION

This Security Guide provides information and recommendations to help the user understand how to configure the Honeywell printers for the highest levels of security on their network.

System Architecture

The illustration below provides an example of a system architecture that includes multiple printers and other devices such as scanners and mobile computers, a Wireless infrastructure (WLAN), a device management server, an application support server (for sending out the Print jobs to the printer), and a RADIUS server. The firewall exists to prevent the systems from having direct access to the external networks or to the rest of business system network. It also exists to prevent those systems from accessing the Honeywell printers.

Firmware Binary Image

The printer firmware and its extensions, such as simulators or other printer software must be kept up to date to reduce any security risks.

Note:
Honeywell recommends using up-to-date firmware with the latest features and security updates.

Password Authentication Policy and Management

The following user accounts are available for initial configuration. Passwords must be changed on first log-in.
Note: Honeywell recommends following the principle of least privilege.

User Account Password
user
admin pass
itadmin pass

Honeywell recommends that the user change the default passwords and remove any unused accounts to prevent a security breach. The password should be at least 12 characters in length, include special characters, and contain combinations of upper and lowercase characters. In addition, Honeywell recommends that you change passwords every 90 days.

Network Security

To ensure network security, Honeywell recommends that you configure proper network settings, including the firewall, router, and IDS settings. Honeywell also recommends that you turn off unused or unsecured network services, such as Telnet and FTP.

Here is a list of ports and services that can run on the Honeywell printers:

  • Web Server (Port 443-recommended or Port 80-optional)
  • SFTP (Port 22-disabled by default)
  • FTP (Port 21-disabled by default)
  • Avalanche (Port 1777)
  • NET1 service (Port 9100)
  • SmartSystems (Port 62241)
  • SNMP (Port 161)
  • LPR (Port 515)
  • IKEv2 (Port 500-disabled by default)
  • SSH (Port 22-disabled by default)
  • Telnet (Port 23-disabled by default)
  • XML (Port 9001)
  • NTP (Port 123-disabled by default)
  • Device Management (Port 9300)
  • Connectivity Agent (Port 10000-disabled by default)
  • Verifier Integration Interface, VII (Port 9301-disabled by default)

By Default: open ports are: Web Server (Port 80), Avalanche (Port 1777), NET1 service (Port 9100), SmartSystems (Port 62241), SNMP (Port 161), LPR (Port 515), and XML (Port 9001).
To disable the services running on these ports:

  1. Open the printer user interface, printer web page, or PrintSet.
  2. Go to Settings > System Settings > Manage Services and disable the identified service.

Bluetooth Security

Some Honeywell printers provide wireless communications using Bluetooth wireless technology. Follow these security recommendations and precautions for Bluetooth security:

  • Configure the printer to be non-discoverable. Enabling Bluetooth discovery advertises the Bluetooth address of the printer and allows anyone to pair and connect with the printer.
  • Use a strong PIN or Password. If you are using legacy pairing (Bluetooth V2.0 and below), we recommend that you use a PIN of at least 8 digits.
  • If possible, pair devices ONLY when in a physically secure area. Keep paired devices close together when possible to monitor both devices. Remove paired devices that are no longer in use.
    Note: Honeywell recommends turning off Bluetooth communication if it is not required for your application.

Wi-Fi Security

Some Honeywell printers are equipped with a Wireless Local Area Network (WLAN) radio. The radio is interoperable with other Wi-Fi compliant products, including access points (APs), workstations through PC card adapters, and other wireless portable devices.

When the printer connects through a wireless access point to an organization’s server on a wired network, it’s important to use security precautions to mitigate any potential risk the WLAN AP connection may present to the servers and devices on the wired network.
Non-printing wireless devices should either be on a separate WLAN with different security profiles or the wireless AP should support multiple service set identifiers (SSIDs). By isolating the different networks from each other, the user helps to protect the printers and the other networks and devices from unauthorized access.

Secure Wireless AP Configuration

When configuring a wireless AP, Honeywell recommends that the user:

  • Configure a unique SSID, and not to use the default SSID.
  • Disable the SSID broadcast.
  • Configure the EAP authentication to the network. EAP-PEAP, EAP-TTLS, EAPTLS and EAP-FAST are viable EAP methods. PEAP is preferred.
  • Configure the RADIUS server address.
  • Configure the WPA2 Enterprise, change the AP RADIUS password, and do not use the default password.
  • Configure the 802.1x authentication.
  • Enable MAC filtering and enter the MAC addresses for all the wireless devices. Performing these steps can help prevent unauthorized devices from connecting to the wireless network.
    For detailed configuration information, refer to the setup instructions from the wireless AP supplier.

Secure Printer WLAN Configuration

For the WLAN configuration of the Printer, Honeywell recommends these settings.

  • Configure the proper SSID.
  • Configure the 802.1x authentication.
  • Configure the Protected EAP authentication.
  • Configure for EAP-LEAP, EAP-TLS, EAP-TTLS, EAP-FAST, and EAP-PEAP.
  • If EAP-TLS or EAP-PEAP-TLS is in use, a client certificate must be available on the Printer.

Printer Webpage (HTTP/HTTPS protocol)

The Honeywell printer web page supports both HTTP and HTTPS protocol. It is recommended for users to make use of https to access the printer web page for encrypted data transfer.
The certificate is self-signed, and modern web browsers may have a warning prompt indicating that the web page you are accessing may not be secured.

To avoid this warning prompt, IT administrators can install their custom certificates for HTTPS. This can be done by uploading the certificate into printer directory: /home/user/certificates/webserver
The certificate must be in PEM (Privacy Enhanced Mail) format and must be named as: server.pem
Once uploaded into the directory, the printer must be rebooted for the certificate installation to take effect.
Only IT administrators, using the itadmin account, can upload or remove this certificate. Normal users and administrators will not be able to view or change the contents of this directory.

Debug Log

Some Honeywell printers log the debug information/logs into a “/var/log/messages” file. It cannot be modified. The log information can be useful in analyzing the security attacks and also can perform limited intrusion detection. For example, you could see: Login userid/password failures.

Backup and Recovery

The printer does not implement automatic recovery. Honeywell recommends that users keep backups of the configuration settings, user applications, and user files. Keeping backup files makes it possible to return the printer to service quickly using the printer configuration capabilities if a failure occurs.

SNMP v1/v2 Support

Honeywell printers will eventually phase out SNMP v1/v2 support in future releases, and users are advised to migrate their network management infrastructure to use SNMP v3 that employs authentication and encryption security, and to stop using SNMP v1/v2 in their environment to ensure continued compatibility.

Honeywell
9680 Old Bailes Road
Fort Mill, SC 29707
www.honeywellaidc.com
ALLSKU-PR-EN-SG-01 Rev A
03/20

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>

Honeywell User Manuals

Honeywell 81521 Micro Switch Global Limit Switches Instruction Manual
Honeywell
Honeywell HH57AC080 Temperature Sensor Instruction Manual
Honeywell
Honeywell W14L0683 6.5ft 400ct Eagle Peak Pine Prelit User Manual
Honeywell
Honeywell SNG-S SERIES Hall-Effect Speed Sensor Instruction Manual
Honeywell
Honeywell 32305127 Basic Amplified Board Mount Pressure Sensors Instruction Manual
Honeywell
Honeywell H910P N95 Mask User Guide
Honeywell
Honeywell C7089U1006 VisionPRO Outdoor Temperature Sensor Instruction Manual
Honeywell
Honeywell W14L0694 9 ft. Whistler Fir Pre-Lit Artificial Christmas Tree User Manual
Honeywell
Honeywell DT90E Digital Room Thermostat User Guide
Honeywell
Honeywell HWDT-510W Compact Top-Load Tri-Temperature Water Dispenser Owner’s Manual
Honeywell
Honeywell Home RDWL917AX2000 Portable Wireless Doorbell Installation Guide
Honeywell Home
Honeywell Searchline Excel Plus Alignment Scope User Guide
Honeywell
Honeywell CW45 Wearable Computer User Guide
Honeywell
Honeywell ES800 Portable Evaporative Air Cooler User Manual
Honeywell
Honeywell Home M38794 T10 and T10 plus Pro Smart Thermostat with RedLINK Installation Guide
Honeywell Home
Honeywell CS10PE Evaporative Air Cooler Instructions
Honeywell
Honeywell Home CG511A1000 Medium Thermostat Guard Installation Guide
Honeywell Home
Honeywell MN4CFS9 Portable Air Conditioner with Heat Pump Dehumidifier User Manual
Honeywell
Honeywell DT4R Wireless Modulating Room Thermostat Instruction Manual
Honeywell
Honeywell VisionPRO Series 7 Day Programmable Thermostat User Guide
Honeywell

Related Manuals

GloryFit LC601 Smart Watch User Manual
GloryFit
sauermann Si-HVACR Measurement Mobile App User Manual
sauermann
StarTech PRIVSCNMON24 Universal Acrylic Privacy Screen for Monitors User Guide
StarTech
‎3Dhologramfan 16.5″ PC version Holofan Projector Advertising User Manual
‎3Dhologramfan
makita EK7651H 4-stroke Power Cutter 355mm Instruction Manual
Makita
VOXX PRESTIGE PE2RELCDZ Owner’s Manual
Voxx
NICE Recovery Shoulder Wrap User Guide
Nice
ETNA KKV143 Freestanding Cabinet Model Refrigerators Instructions
ETNA
Tefal KI883D10 Electric Kettle User Guide
Tefal
bObsweep Leaf Robotic Vacuum Cleaner Owner’s Manual
bObsweep
Seiko Landmaster 5M43 User Manual
Seiko
LENOXX KR590P Pink Kids Recliner Chair with Footrest and Cup Holder Instruction Manual
lenoxx
ZhenTec Wireless Multi-channel EEG Acquisition and Analysis System User Manual
ZhenTec
Blue Sun GBP0LL3X-LE GameBall Thumb User Manual
Blue Sun
Schneider Electric LC1D40 TeSys Deca IEC Contactor Instruction Manual
Schneider Electric
KAISER PERMANENTE Medicaid Care Program User Guide
KAISER PERMANENTE
Flare Fireplaces 42 Flare Traditional Series Urban Fireplaces Installation Guide
FLARE FIREPLACES
Electrolux U19 Refrigerator All Freezer Trim Kit Instruction Manual
Electrolux
Farpointe Data WRR-22 Ranger Long Range Receiver User Guide
Farpointe Data
ViewSonic VA2215-mh HD Display Monitor User Guide
Viewsonic
Razer Synapse 2.0 (MAC OSX 10.8)
Razer
EASYLINE DMB-DMB 20 Single Fruit Milkshake Blender User Manual
EASYLINE
Sonus faber Duetto Stereo Wireless Speaker Owner’s Manual
Sonus faber
MASTER-BILT One-Piece Capsule Pak Refrigeration Systems Installation Guide
MASTER-BILT
tivoli Litesphere True RGB+W Lights User Manual
tivoli
STELPRO SAT402ZB Smart Thermostat User Guide
StelPro
CP9104Q Pencil Grinder User Manual
Support
Alovon V8 Wireless Microphone User Manual
Alovon
Revlon 4 in 1 Hair Dryer and Styler Volumizer with Oval Barrel Instruction Manual
REVLON
LEIFHEIT 03223 Digital Roasting Thermometer Instruction Manual
LEIFHEIT
Contact Us   Privacy Policy   5.442ms