Advancing authentication in network management

Posted On July 25, 2011 By Scott Guercio

 

Authentication (log in/sign on) has always been an important part of network management (note: a vlog has since been published to simplify the following explanation). IT administrators use tools such as Active Directory to control access and security for both network users and network resources. One trend we are seeing here at Advance – The Document Specialists, is the desire of IT personnel who support MFPs (multifunctional printers) to manage machine access through their already existing Active Directory user credentials. 

Both Ricoh/Savin and Canon, the MFP manufacturers that Advance represents, offer the ability to restrict device operation through Active Directory authentication. When users approach an MFP, they will be prompted to sign in, just as they would log on to their PC. Their username and password credentials are checked against Active Directory, prior to allowing access to the device. Once approved, users will have the potential to utilize individual workflow buttons that pertain only to them, and sent email will come from their address and not the address of the MFP.

Users may also have differing levels of available functionality, as administrators can assign varying permission sets to either individual users or groups of users. This can help control both security and output costs. For example, some users may not be able to scan documents, while others may not be able to produce full color pages and must select duplexing. With the addition of software, Active Directory MFP authentication can also include customized rules for printing, usage reports from multiple devices, and the ability to retrieve sent print jobs from any machine on the network.

Logging in at the device can be made easier through the use of a proximity card reader. Many organizations utilize card readers for building and departmental entry. Those same cards can potentially be read by the MFP, allowing users to sign on without the need to type in their username and password. By waving their card at the device, they can be authenticated through Active Directory.