manualshive.com logo in svg

Canon iR-ADV Security Kit-B1, Service Manual

The Canon iR-ADV Security Kit-B1 is an essential add-on for enhancing the security of your Canon iR-ADV device. To ensure optimal usage, be sure to download the free Service Manual from manualshive.com to access detailed instructions and insights on maximizing the performance of your security kit.

Share
Download
background image

2

2

2-11

2-11

Functions > New Function > Self Test Function (IPSec)

Functions > New Function > Self Test Function (IPSec)

Log type
User authentication log

4098

Job log

1001/8193

Mail Box operation log

8197

Mail Box authentication log

8199

Management function log

8198

Network log

8200

User authentication and user management log

3001

NOTE:

Logs generated when [Unified Security Settings] is performed to audit logs

A log as the operation of Unified Security Settings does not remain. Logs for the 

individual change of settings are recorded as the device management logs.

Date display format 
Set the date display format in the service mode LEVEL 2  (COPIER>Option>USER>DATE-
DSP).

Setting value

Date display format

0

YYYY MM/DD

1

DD/MM YYYY

2

MM/DD/YYYY

Display language 

The display language of Remote UI is followed.  English is displayed when unsupported 
language has been specified.  
Display language can also be changed in the service mode setting 
(COPIER>Option>USER>DATE-DSP).

Display location 

Settings/Registration: Management Settings : Device Management > Export/Clear Audit 
Log

•  Audit Log Infomation
•  Export Audit Logs
•  Delete Audit Logs

T-2-23

T-2-24

Limitations: 

1. Collected logs are stored in a file in order.  The logs are not guaranteed to be stored in 
chronological order since those of different storage destinations or typesare collected.   
2. The number of managed logs is 20,000.   
 "Delete logs from device after export" can also be selected at the time of log export.  When 
the log collection function is stopped after it once started, logs which have been collected 
up to that point continue to be kept instead of being deleted. 
3. Logs are not targeted for backup/restoration. 
4. When the display language of a device is changed from the time of log generation to the 
time of log export, garbled characters may appear when CSV file is browsed. 

Self Test Function (IPSec)

Self test function of the IPSec encryption module is added.

- When a device is started, whether it operates normally against the encryption module 
used by IPSec is verified.

•  Verification of the falsification of encryption library 
•  Verification of the operation of encryption algorithm

•  Service call occurs when the result of verification fails.  
•  Occurrence factor: Damaged data in the HDD, etc.

Detail: 

Self test of encryption module is performed when a device is started. 
E615-0001 is displayed when an error occurs as a result of the self test.  
Error code indicates that the encryption module has been damaged.  
Software upgrade needs to be performed from HDD format.  
When E615 occurs, normal operation is not guaranteed for neither clear text nor IPSec 
network communication.

F-2-5

Summary of Contents for iR-ADV Security Kit-B1

Page 1: ...4 3 2 1 iR ADV Security Kit B1 for IEEE 2600 1 Service Manual February 27 2012 Revision 0 Specifications Functions Installation Maintenance ...

Page 2: ...rmation as the need arises In the event of major changes in the contents of this manual over a long or short period Canon will issue a new edition of this manual The following paragraph does not apply to any countries where such provisions are inconsistent with local law Trademarks The product names and company names used in this manual are the registered trademarks of the individual companies Cop...

Page 3: ...lation Points to Note About Installation 3 2 Before Installation 3 2 Handling the Options with VOID Seal 3 2 Installation Overview 3 The following shows installation overview of Installation Procedure for iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria Certification 3 Checking the Operation After Making the Settings 3 5 Checking the Ping When IPSec is in Operation 3 5 Setting by the Device ...

Page 4: ...switch closing the front door and closing the delivery unit door which results in supplying the machine with power 2 In the digital circuits 1 is used to indicate that the voltage level of a given signal is High while 0 is used to indicate Low The voltage value however differs from circuit to circuit In addition the asterisk as in DRMD indicates that the DRMD signal goes on when 0 In practically a...

Page 5: ...1 1 Specifications Specifications Product compositions ...

Page 6: ...with Function matter of the security and Guarantee requirements as a result of the evaluation based on the specifiedevaluation standards and evaluation methods 1 IEEE Std 2600 1TM 2009 is a protection profile of the evaluation assurance level EAL3 ALC_FLR 2 2 Products combining the following are target products for certification in addition to iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria...

Page 7: ... options is the same as that when IEEE 2600 1 CC certification was obtained on the touch paneldisplay There are following mentions in iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria Certification of Administrator Guide After the operations are completed the administrator must confirm that the machine is operating normally as a 2600 1 model 1 Press Counter Check of the Control Panel 2 Press ...

Page 8: ...Press Version Information MEAP Contents version F 1 7 F 1 8 10 14 6 Press OK after checking that the versions are the same as the following on the version information screen MEAP Contents 10 14 Note Since versions are not given to any options other than HDD Data Encryption Mirroring Kit they are aggregated in the Controller Version ACCESS MANAGEMENT SYSTEM and iR ADV Security Kit B1 for IEEE 2600 ...

Page 9: ...2 2 Functions Functions Basic Function New Function ...

Page 10: ...e which satisfies consumers needs In IEEE 2600 series PPs are classified into 4 categories as shown below depending on the operation environment of the usage type Protection Profile 2600 1 Protection Profile 2600 2 Protection Profile 2600 3 Protection Profile 2600 4 Security Target Specifications of Company A Security Target Security Target ST Each Benda defines it every product CC Common Criteria...

Page 11: ...ration of stored data The target is described as a removable storage and is limited to one which can be removed by an end user instead of a service technician MFP function option corresponds to this function 7 Network 2600 1 SMI SFR Package for Hardcopy Device Shared medium Network communication function This function is intended for LAN WAN and wired wireless network since the network mentioned h...

Page 12: ... as image data generated by a job from being reused HDD complete deletion function 4 Protection function for user data in the nonvolatile memory such as HDD To prevent leakage of information due to the HDD unit taken away HDD encryption function 5 Protection function for network data To prevent LAN data from being stolen IPSec 6 Protection function for user data transfer To counter the attacks by ...

Page 13: ...tion Settings Setting items Displayed Screen Setting value IEEE 2600 1 certification machine Setting value at the time of shipment Report with TX Image Send Common Settings TX Report OFF ON Send Fax Settings Fax TX Report Use Remote Fax Send Fax Settings Remote Fax Settings Use Remote Fax OFF OFF Restrict Printer Jobs 3 Printer Restrict Printer Jobs ON OFF Use Fax Memory Lock 4 Receive Forward Com...

Page 14: ...in Preferences Settings Registration 7 Indicates an item displayed when the Remote Operator s Software Kit is enabled Setting value IEEE 2600 1 1 The Advanced Box is disabled since it is not targeted for audit log 2 Memory media is disabled since the information may be carried away Setting value IEEE 2600 1 Setting value at the time of shipment 3 A general user cannot change the setting to 0 min o...

Page 15: ...the MIB access restriction setting since the use of MIB allows the user to change the devicesetting without the user authentication from Remote UI SNMPv1 SNMPv3 Setting value IEEE 2600 1 Setting value at the time of shipment 6 OFF is set for the image display of TX report since images printed in the TX report may result in the leakage of information T 2 10 F 2 2 T 2 11 Setting value IEEE 2600 1 Se...

Page 16: ...Setting value IEEE 2600 1 Setting value at the time of shipment T 2 14 T 2 15 T 2 16 11 ON is selected for Use I Fax Memory Lock to prevent the received I Fax job from being printed without limit Setting value IEEE 2600 1 Setting value at the time of shipment 12 The number of digits for Mail Box PIN is fixed to 7 however since the PIN less than 7 digits created before the execution of Unified Secu...

Page 17: ...e at the time of shipment 14 ON restricted is set for Device Information Delivery Settings Restrict Receiving for Each Function Settings Registration Value so that the setting will not be changed by the device information delivery from other devices Setting value IEEE 2600 1 Setting value at the time of shipment T 2 19 T 2 20 15 Audit Log Retrieval Setting value IEEE 2600 1 Setting value at the ti...

Page 18: ... registering editing deleting importing and exporting users in the authentication application SSO H Logs generated when registering editing deleting importing and exporting roles in the authentication application SSO H Job log 1001 Operation of PRINT COPY SCAN Transmission reception log 8193 Transmission of SEND Mail Box document operation log 8197 and Mail Box authentication log 8199 Target box M...

Page 19: ...t guaranteed to be stored in chronological order since those of different storage destinations or typesare collected 2 The number of managed logs is 20 000 Delete logs from device after export can also be selected at the time of log export When the log collection function is stopped after it once started logs which have been collected up to that point continue to be kept instead of being deleted 3...

Page 20: ...3 3 Installation Installation Points to Note About Installation Installation Overview Checking the Operation After Making the Settings ...

Page 21: ... by the field remedy the machine is excluded from IEEE2600 1 CC certification To maintain the status of IEEE2600 1CC certification install the firmware for the host machine from the CD included in the package of iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria Certification Handling the Options with VOID Seal LMS options are sealed by the VOID seal seal to prevent falsification Check that th...

Page 22: ...4035 4025 Series Service Manual Installation Installing the Encryption Mirroring Board Refer to imageRUNNER ADVANCE 4051 4045 4035 4025 Series Service Manual Installation Combination of HDD Options 2 Installing the System 1 Remove the VOID seal from the IEEE2600 certification kit take out the CD ROM and register the firmware to SST 2 Install the registered firmware after formatting according to th...

Page 23: ...atches with the version described in the User s Guide Controller version 9100 0 408 Scanner version 201 101 Canon MFP Security Chip 2 01 Refers to the encryption board included in the HDD Data Encryption Mirroring Kit 2 Counter check screen Device configuration check Check that the following 4 options are displayed ACCESS MANAGEMENT SYSTEM Data erase Security Kit B1 for IEEE2600 1 3 Counter check ...

Page 24: ...nection work performed by the user Under this environment the response of ping can be confirmed which has been sent to the PC with which the encryption communication has been established The procedure introduces the setting by which the communication only between a device connected to the local network and a PC on which Windows7 operates isenabled Setting by the Device Complete the device setting ...

Page 25: ...hentication Method Shared Key Enter canon here This character string is used in the PC setting of the next section F 3 5 F 3 6 IPSec Network Settings Leave everything as they are by default Validity 480 mins Size 0 MB PFS OFF Auth Encryption Auto Reference You can compare it when You output a list of IPSec policy when a change entered later Settings Registration Preferences Network TCP IP Settings...

Page 26: ... Advanced Security IPsec Settings Windows Firewall with Advanced Security on Local Computer IPsec defaults Customize Key exchage Main Mode Advanced Customize Edit Security Method Add Integrity algorithm SHA 1 Encryption algorithm AES CBC 128 Key exchange algorithm Diffie Hellman Group 2 Do not choose Use Deffie Hellman for enhanced security in Key exchange options Data protection Quick Mode Select...

Page 27: ...tallation Checking the Operation After Making the Settings IPSec defaults Customize IPsec Setting Create a new IP Security Policy Select Start Control Panel System and Security Administrative Tools Local Security Policy Select the Windows Firewall Properties F 3 10 F 3 11 IPSec defaults Customize F 3 12 ...

Page 28: ...orithm AES CBC 128 Key exchange algorithm Diffie Hellman Group 2 Do not choose Use Deffie Hellman for enhanced security in Key exchange options F 3 13 Note Delete the security method that is set by default Data protection Quick Mode Select Require encryption for all connection security rules that use these settings Add Intergrity and Encryption Algorithms Protocol ESP recommended Algorithms AES CB...

Page 29: ...tication Add First Authentication Method Preshared key not recommended Ex canon Note This character string is used in the Device setting of the befor section F 3 15 F 3 16 Connection Security Rules The setting can be done in the wizard format The following shows each setting screen to be checked after the setting Control Panel All Control Panel Items Administrative Tools Windows Firewall with Adva...

Page 30: ...ection Security Rules Installation Checking the Operation After Making the Settings Connection Security Rules Rule Type Custom Endpoints Any IP address F 3 19 F 3 20 Requirements Require authentication for inbound and outbound connetions Authentication Method Default F 3 21 F 3 22 ...

Page 31: ...Security Policy Protocol and Ports Protocol type Any Profile Select Domain Private Public F 3 23 F 3 24 Name Any Ex test Assigning the Security Policy IPsec communication starts when a policy is assigned Control Panel All Control Panel Items Administrative Tools Windows Firewall with Advanced Security Select the created policy and assign it by right clicking the mouse F 3 25 F 3 26 ...

Page 32: ...Settings PING Command Enter the IP address of the PC whose policy has been set Press the Start button Connection is successful when Response from the host is displayed F 3 27 F 3 28 Reference When the IP address of a PC is determined by the DHCP server the IP address cannot be located even by referring to the network setting Select Start All Programs Accessories Command Prompt and check the IP add...

Page 33: ...4 4 Maintenance Maintenance Notes when service Reference matter in market service ...

Page 34: ... when applying problem correction firmware be sure to notify the user Firmware update via CDS is handled as special upgrading which is differentiated from the normal firmware delivery since its version is that of IEEE2600certification Obtain the ID and password information in advance for the CDS special upgrading Recovery after Servicing Work When the setting of iR ADV Security Kit B1 for IEEE 260...

Page 35: ...ions Which Operates Normally Reference matter in market service Functions Which Operates Normally Version upgrade by SST Installation of IPSec Board encrypts communication In the case of communication between SST and the host machine system can be installed by SST vianetwork in the same way as the normal service since IPSec function is not used ...

Reviews:

No comments

Related manuals for iR-ADV Security Kit-B1

Zell AC1000 Operation Manual preview
AC1000
Brand: Zell Pages: 33
Ecco EW4010 Installation And Operation Instructions Manual preview
EW4010
Brand: Ecco Pages: 9
Ecco EW4009 Installation And Operation Instructions Manual preview
EW4009
Brand: Ecco Pages: 9
EBS HandJet 250 Operating Instructions Manual preview
HandJet 250
Brand: EBS Pages: 34
FeiYu Tech WG2 Instruction Manual preview
WG2
Brand: FeiYu Tech Pages: 14
Padwico 835 Instruction Manual preview
835
Brand: Padwico Pages: 28
Magellan CYCLO 315 Series User Manual preview
CYCLO 315 Series
Brand: Magellan Pages: 39
MadStad Engineering MadStad Installation Instruction preview
MadStad
Brand: MadStad Engineering Pages: 2
Chamjin I&C CJ50SP User Manual preview
CJ50SP
Brand: Chamjin I&C Pages: 21
Canon S 200 User Manual preview
S 200
Brand: Canon Pages: 198
Yakima K800 Instructions Manual preview
K800
Brand: Yakima Pages: 8
aci HAZARDOUS ROOM Series Installation & Operation Instructions preview
HAZARDOUS ROOM Series
Brand: aci Pages: 3
aci DUCT Series Manual preview
DUCT Series
Brand: aci Pages: 4
Quantum FastStor 2 Operating Instructions preview
FastStor 2
Brand: Quantum Pages: 3
Herrnhuter A1e Assembly Instructions preview
A1e
Brand: Herrnhuter Pages: 2
Tessera4x4 SOT-1311 ROLL Installation Manual preview
SOT-1311 ROLL
Brand: Tessera4x4 Pages: 20
Matrix Orbital PK202-25 Technical Manual preview
PK202-25
Brand: Matrix Orbital Pages: 60
Mountain Top Sports Bar Installation Manual preview
Sports Bar
Brand: Mountain Top Pages: 12

Brands by name

Popular brands

Load more brands