manualshive.com logo in svg

Canon iR-ADV Security Kit-B1, Service Manual

The Canon iR-ADV Security Kit-B1 is an essential add-on for enhancing the security of your Canon iR-ADV device. To ensure optimal usage, be sure to download the free Service Manual from manualshive.com to access detailed instructions and insights on maximizing the performance of your security kit.

Share
Download
background image

2

2

2-2

2-2

Functions > Basic Function > What is IEEE2600? > IEEE2600.1

Functions > Basic Function > What is IEEE2600? > IEEE2600.1

Basic Function

What is IEEE2600?

 

Background

In addition to paper documents, MFPs contain user information and information saved in the 
MFPs as the assets to be protected.  
The security requirements which the users request for the assets to be protected differ 
depending on the conditions.

 

Field status

 The security requirements of MFPs that can be used by the users are not unified by each 
manufacturer.  
Users request that the necessary functions be clearly specified. 
Manufacturers want to clarify which functions are needed by the users.  

 

Security standard for MFP

The security standard in which these needs are organized had been requested.  
In the light of this circumstance, IEEE2600 was established as the security standard for the 
hard copy devices. 

 

IEEE2600.1

IEEE 2600.1 describes security requirements of MFPs and printers, and is one of the PPs 
(Protection Profiles) of IEEE 2600 series.
PP is a document that describes a set of security requirements in certain product range which 
satisfies consumers' needs.
In IEEE 2600 series, PPs are classified into 4 categories as shown below depending on the 
operation environment of the usage type.

Protection Profile

2600.1

Protection Profile

2600.2

Protection Profile

2600.3

Protection Profile

2600.4

Security Target

Specifications of 

Company A

Security Target

Security Target

ST: 

Each Benda defines it 

every product.

CC(Common Criteria (ISO 15408))

Specifications of 

Company B

Specifications of 

Company C

In IEEE2600, a security requirement for CC certification (Protection Profile (PP)) which 
is common to MFP vendors has been established.  IEEE2600 divides the operational 
environment into 4 categories. 

IEEE2600.1

Protection Profile for 

Operational Environment A

Assumed to be used in the military or government, 

which is a large-scale environment with high-level 

awareness against security. 

IEEE2600.2

Protection Profile for 

Operational Environment B

Assumed to be used in a general office, which 

is a large-scale environment with medium-level 

awareness against security.

IEEE2600.3

Protection Profile for 

Operational Environment C

Assumed to be used in the public, which is a middle-

scale environment.

IEEE2600.4

Protection Profile for 

Operational Environment D

Assumed to be used in SOHO, which is a small-scale 

environment.

F-2-1

T-2-1

Summary of Contents for iR-ADV Security Kit-B1

Page 1: ...4 3 2 1 iR ADV Security Kit B1 for IEEE 2600 1 Service Manual February 27 2012 Revision 0 Specifications Functions Installation Maintenance ...

Page 2: ...rmation as the need arises In the event of major changes in the contents of this manual over a long or short period Canon will issue a new edition of this manual The following paragraph does not apply to any countries where such provisions are inconsistent with local law Trademarks The product names and company names used in this manual are the registered trademarks of the individual companies Cop...

Page 3: ...lation Points to Note About Installation 3 2 Before Installation 3 2 Handling the Options with VOID Seal 3 2 Installation Overview 3 The following shows installation overview of Installation Procedure for iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria Certification 3 Checking the Operation After Making the Settings 3 5 Checking the Ping When IPSec is in Operation 3 5 Setting by the Device ...

Page 4: ...switch closing the front door and closing the delivery unit door which results in supplying the machine with power 2 In the digital circuits 1 is used to indicate that the voltage level of a given signal is High while 0 is used to indicate Low The voltage value however differs from circuit to circuit In addition the asterisk as in DRMD indicates that the DRMD signal goes on when 0 In practically a...

Page 5: ...1 1 Specifications Specifications Product compositions ...

Page 6: ...with Function matter of the security and Guarantee requirements as a result of the evaluation based on the specifiedevaluation standards and evaluation methods 1 IEEE Std 2600 1TM 2009 is a protection profile of the evaluation assurance level EAL3 ALC_FLR 2 2 Products combining the following are target products for certification in addition to iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria...

Page 7: ... options is the same as that when IEEE 2600 1 CC certification was obtained on the touch paneldisplay There are following mentions in iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria Certification of Administrator Guide After the operations are completed the administrator must confirm that the machine is operating normally as a 2600 1 model 1 Press Counter Check of the Control Panel 2 Press ...

Page 8: ...Press Version Information MEAP Contents version F 1 7 F 1 8 10 14 6 Press OK after checking that the versions are the same as the following on the version information screen MEAP Contents 10 14 Note Since versions are not given to any options other than HDD Data Encryption Mirroring Kit they are aggregated in the Controller Version ACCESS MANAGEMENT SYSTEM and iR ADV Security Kit B1 for IEEE 2600 ...

Page 9: ...2 2 Functions Functions Basic Function New Function ...

Page 10: ...e which satisfies consumers needs In IEEE 2600 series PPs are classified into 4 categories as shown below depending on the operation environment of the usage type Protection Profile 2600 1 Protection Profile 2600 2 Protection Profile 2600 3 Protection Profile 2600 4 Security Target Specifications of Company A Security Target Security Target ST Each Benda defines it every product CC Common Criteria...

Page 11: ...ration of stored data The target is described as a removable storage and is limited to one which can be removed by an end user instead of a service technician MFP function option corresponds to this function 7 Network 2600 1 SMI SFR Package for Hardcopy Device Shared medium Network communication function This function is intended for LAN WAN and wired wireless network since the network mentioned h...

Page 12: ... as image data generated by a job from being reused HDD complete deletion function 4 Protection function for user data in the nonvolatile memory such as HDD To prevent leakage of information due to the HDD unit taken away HDD encryption function 5 Protection function for network data To prevent LAN data from being stolen IPSec 6 Protection function for user data transfer To counter the attacks by ...

Page 13: ...tion Settings Setting items Displayed Screen Setting value IEEE 2600 1 certification machine Setting value at the time of shipment Report with TX Image Send Common Settings TX Report OFF ON Send Fax Settings Fax TX Report Use Remote Fax Send Fax Settings Remote Fax Settings Use Remote Fax OFF OFF Restrict Printer Jobs 3 Printer Restrict Printer Jobs ON OFF Use Fax Memory Lock 4 Receive Forward Com...

Page 14: ...in Preferences Settings Registration 7 Indicates an item displayed when the Remote Operator s Software Kit is enabled Setting value IEEE 2600 1 1 The Advanced Box is disabled since it is not targeted for audit log 2 Memory media is disabled since the information may be carried away Setting value IEEE 2600 1 Setting value at the time of shipment 3 A general user cannot change the setting to 0 min o...

Page 15: ...the MIB access restriction setting since the use of MIB allows the user to change the devicesetting without the user authentication from Remote UI SNMPv1 SNMPv3 Setting value IEEE 2600 1 Setting value at the time of shipment 6 OFF is set for the image display of TX report since images printed in the TX report may result in the leakage of information T 2 10 F 2 2 T 2 11 Setting value IEEE 2600 1 Se...

Page 16: ...Setting value IEEE 2600 1 Setting value at the time of shipment T 2 14 T 2 15 T 2 16 11 ON is selected for Use I Fax Memory Lock to prevent the received I Fax job from being printed without limit Setting value IEEE 2600 1 Setting value at the time of shipment 12 The number of digits for Mail Box PIN is fixed to 7 however since the PIN less than 7 digits created before the execution of Unified Secu...

Page 17: ...e at the time of shipment 14 ON restricted is set for Device Information Delivery Settings Restrict Receiving for Each Function Settings Registration Value so that the setting will not be changed by the device information delivery from other devices Setting value IEEE 2600 1 Setting value at the time of shipment T 2 19 T 2 20 15 Audit Log Retrieval Setting value IEEE 2600 1 Setting value at the ti...

Page 18: ... registering editing deleting importing and exporting users in the authentication application SSO H Logs generated when registering editing deleting importing and exporting roles in the authentication application SSO H Job log 1001 Operation of PRINT COPY SCAN Transmission reception log 8193 Transmission of SEND Mail Box document operation log 8197 and Mail Box authentication log 8199 Target box M...

Page 19: ...t guaranteed to be stored in chronological order since those of different storage destinations or typesare collected 2 The number of managed logs is 20 000 Delete logs from device after export can also be selected at the time of log export When the log collection function is stopped after it once started logs which have been collected up to that point continue to be kept instead of being deleted 3...

Page 20: ...3 3 Installation Installation Points to Note About Installation Installation Overview Checking the Operation After Making the Settings ...

Page 21: ... by the field remedy the machine is excluded from IEEE2600 1 CC certification To maintain the status of IEEE2600 1CC certification install the firmware for the host machine from the CD included in the package of iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria Certification Handling the Options with VOID Seal LMS options are sealed by the VOID seal seal to prevent falsification Check that th...

Page 22: ...4035 4025 Series Service Manual Installation Installing the Encryption Mirroring Board Refer to imageRUNNER ADVANCE 4051 4045 4035 4025 Series Service Manual Installation Combination of HDD Options 2 Installing the System 1 Remove the VOID seal from the IEEE2600 certification kit take out the CD ROM and register the firmware to SST 2 Install the registered firmware after formatting according to th...

Page 23: ...atches with the version described in the User s Guide Controller version 9100 0 408 Scanner version 201 101 Canon MFP Security Chip 2 01 Refers to the encryption board included in the HDD Data Encryption Mirroring Kit 2 Counter check screen Device configuration check Check that the following 4 options are displayed ACCESS MANAGEMENT SYSTEM Data erase Security Kit B1 for IEEE2600 1 3 Counter check ...

Page 24: ...nection work performed by the user Under this environment the response of ping can be confirmed which has been sent to the PC with which the encryption communication has been established The procedure introduces the setting by which the communication only between a device connected to the local network and a PC on which Windows7 operates isenabled Setting by the Device Complete the device setting ...

Page 25: ...hentication Method Shared Key Enter canon here This character string is used in the PC setting of the next section F 3 5 F 3 6 IPSec Network Settings Leave everything as they are by default Validity 480 mins Size 0 MB PFS OFF Auth Encryption Auto Reference You can compare it when You output a list of IPSec policy when a change entered later Settings Registration Preferences Network TCP IP Settings...

Page 26: ... Advanced Security IPsec Settings Windows Firewall with Advanced Security on Local Computer IPsec defaults Customize Key exchage Main Mode Advanced Customize Edit Security Method Add Integrity algorithm SHA 1 Encryption algorithm AES CBC 128 Key exchange algorithm Diffie Hellman Group 2 Do not choose Use Deffie Hellman for enhanced security in Key exchange options Data protection Quick Mode Select...

Page 27: ...tallation Checking the Operation After Making the Settings IPSec defaults Customize IPsec Setting Create a new IP Security Policy Select Start Control Panel System and Security Administrative Tools Local Security Policy Select the Windows Firewall Properties F 3 10 F 3 11 IPSec defaults Customize F 3 12 ...

Page 28: ...orithm AES CBC 128 Key exchange algorithm Diffie Hellman Group 2 Do not choose Use Deffie Hellman for enhanced security in Key exchange options F 3 13 Note Delete the security method that is set by default Data protection Quick Mode Select Require encryption for all connection security rules that use these settings Add Intergrity and Encryption Algorithms Protocol ESP recommended Algorithms AES CB...

Page 29: ...tication Add First Authentication Method Preshared key not recommended Ex canon Note This character string is used in the Device setting of the befor section F 3 15 F 3 16 Connection Security Rules The setting can be done in the wizard format The following shows each setting screen to be checked after the setting Control Panel All Control Panel Items Administrative Tools Windows Firewall with Adva...

Page 30: ...ection Security Rules Installation Checking the Operation After Making the Settings Connection Security Rules Rule Type Custom Endpoints Any IP address F 3 19 F 3 20 Requirements Require authentication for inbound and outbound connetions Authentication Method Default F 3 21 F 3 22 ...

Page 31: ...Security Policy Protocol and Ports Protocol type Any Profile Select Domain Private Public F 3 23 F 3 24 Name Any Ex test Assigning the Security Policy IPsec communication starts when a policy is assigned Control Panel All Control Panel Items Administrative Tools Windows Firewall with Advanced Security Select the created policy and assign it by right clicking the mouse F 3 25 F 3 26 ...

Page 32: ...Settings PING Command Enter the IP address of the PC whose policy has been set Press the Start button Connection is successful when Response from the host is displayed F 3 27 F 3 28 Reference When the IP address of a PC is determined by the DHCP server the IP address cannot be located even by referring to the network setting Select Start All Programs Accessories Command Prompt and check the IP add...

Page 33: ...4 4 Maintenance Maintenance Notes when service Reference matter in market service ...

Page 34: ... when applying problem correction firmware be sure to notify the user Firmware update via CDS is handled as special upgrading which is differentiated from the normal firmware delivery since its version is that of IEEE2600certification Obtain the ID and password information in advance for the CDS special upgrading Recovery after Servicing Work When the setting of iR ADV Security Kit B1 for IEEE 260...

Page 35: ...ions Which Operates Normally Reference matter in market service Functions Which Operates Normally Version upgrade by SST Installation of IPSec Board encrypts communication In the case of communication between SST and the host machine system can be installed by SST vianetwork in the same way as the normal service since IPSec function is not used ...

Reviews:

No comments

Related manuals for iR-ADV Security Kit-B1

GCC Technologies 12 Ram Installation Manual preview
12
Brand: GCC Technologies Pages: 14
FeiYu Tech WG2 Instruction Manual preview
WG2
Brand: FeiYu Tech Pages: 14
ICON VARIANT Instruction Manual preview
VARIANT
Brand: ICON Pages: 8
X-lite URANO Installation Instructions Manual preview
URANO
Brand: X-lite Pages: 6
Lastolite Cubelite Setting-Up Manual preview
Cubelite
Brand: Lastolite Pages: 3
QMS Magicolor 2 plus Manual preview
Magicolor 2 plus
Brand: QMS Pages: 90
QMS Magicolor 2 Desklaser Quick Setup Manual preview
Magicolor 2 Desklaser
Brand: QMS Pages: 4
QMS 1725E Supplementary Manual preview
1725E
Brand: QMS Pages: 8
QMS 1725E Getting Started Manual preview
1725E
Brand: QMS Pages: 94
QMS 1660E Supplementary Manual preview
1660E
Brand: QMS Pages: 6
Öhlins YA812 Mounting Instructions preview
YA812
Brand: Öhlins Pages: 2
Öhlins YA 314 Mounting Instructions preview
YA 314
Brand: Öhlins Pages: 2
Öhlins TR 538 Mounting Instructions preview
TR 538
Brand: Öhlins Pages: 2
Öhlins ST44 Mounting Instructions preview
ST44
Brand: Öhlins Pages: 2
Öhlins SD195 Mounting Instruction preview
SD195
Brand: Öhlins Pages: 2
Öhlins SD 168 Mounting Instructions preview
SD 168
Brand: Öhlins Pages: 2
Öhlins SD 154 Mounting Instructions preview
SD 154
Brand: Öhlins Pages: 2
Öhlins RS 562 Mounting Instructions preview
RS 562
Brand: Öhlins Pages: 2

Brands by name

Popular brands

Load more brands