manualshive.com logo in svg

Canon iR-ADV Security Kit-B1, Service Manual

The Canon iR-ADV Security Kit-B1 is an essential add-on for enhancing the security of your Canon iR-ADV device. To ensure optimal usage, be sure to download the free Service Manual from manualshive.com to access detailed instructions and insights on maximizing the performance of your security kit.

Share
Download
background image

3

3

3-7

3-7

Installation > Checking the Operation After Making the Settings > Overview of the Security Policy Setting

Installation > Checking the Operation After Making the Settings > Overview of the Security Policy Setting

Setting by the PC

Communication condition of the PC: 

In this procedure, the PC performs encryption communication with a device connected by 
IPSec encryption.   
It communicates with a device which has not been encrypted without encryption.

Checking the setting: 

Encryption communication is regarded as successful when a ping is sent from the device 
as usual and a response is returned after performing the setting accordingto the procedure

F-3-9

Overview of the Security Policy Setting

In this procedure, a new policy is created by selecting Control Panel > All Control Panel Items 
> Administrative Tools > Windows Firewall with Advanced Security.
Flow of setting procedure: 

Setting location

Setting item

Windows Firewall with Advanced Security on Local Computer

 Windows Firewall Properties Control Panel > All Control Panel Items > Administrative Tools > 

Windows Firewall with Advanced Security

IPsec Settings

Windows Firewall with Advanced Security on Local Computer

IPsec defaults

Customize

Key exchage(Main 

Mode)

Advanced > Customize > Edit Security Method > Add

Integrity algorithm : SHA-1

Encryption algorithm : AES-CBC 128

Key exchange algorithm : Diffie-Hellman Group 2

Do not choose "Use Deffie-Hellman for enhanced security" in Key 

exchange options

Data protection (Quick 

Mode)

Select "Require encryption for all connection security rules that 

use these settings."

Add Intergrity and Encryption Algorithms,

Protocol : ESP (recommended)

Algorithms : AES-CBC 128

Integrity algorithm : SHA-1

Authentication methodAuthentication method > Advanced > Customize > First 

Authentication > Add First Authentication Method >Preshared key 

(not recommended) (Ex: canon)

Connection Security Rules

 Windows Firewall Properties Control Panel > All Control Panel Items > Administrative Tools > 

Windows Firewall with Advanced Security

Connection Security Rules

Rule Type

Custom

Endpoints

Any IP address

Requirements

Require authentication for inbound and outbound connetions

Authentication Method Default
Protocol and Ports

Protocol type : Any

Profile

Select : Domain, Private, Public

Name

Any (Ex : test)

Connection Security Rules

Enable Rule

Select the created policy and assign it by right-clicking the mouse.

T-3-1

Summary of Contents for iR-ADV Security Kit-B1

Page 1: ...4 3 2 1 iR ADV Security Kit B1 for IEEE 2600 1 Service Manual February 27 2012 Revision 0 Specifications Functions Installation Maintenance ...

Page 2: ...rmation as the need arises In the event of major changes in the contents of this manual over a long or short period Canon will issue a new edition of this manual The following paragraph does not apply to any countries where such provisions are inconsistent with local law Trademarks The product names and company names used in this manual are the registered trademarks of the individual companies Cop...

Page 3: ...lation Points to Note About Installation 3 2 Before Installation 3 2 Handling the Options with VOID Seal 3 2 Installation Overview 3 The following shows installation overview of Installation Procedure for iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria Certification 3 Checking the Operation After Making the Settings 3 5 Checking the Ping When IPSec is in Operation 3 5 Setting by the Device ...

Page 4: ...switch closing the front door and closing the delivery unit door which results in supplying the machine with power 2 In the digital circuits 1 is used to indicate that the voltage level of a given signal is High while 0 is used to indicate Low The voltage value however differs from circuit to circuit In addition the asterisk as in DRMD indicates that the DRMD signal goes on when 0 In practically a...

Page 5: ...1 1 Specifications Specifications Product compositions ...

Page 6: ...with Function matter of the security and Guarantee requirements as a result of the evaluation based on the specifiedevaluation standards and evaluation methods 1 IEEE Std 2600 1TM 2009 is a protection profile of the evaluation assurance level EAL3 ALC_FLR 2 2 Products combining the following are target products for certification in addition to iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria...

Page 7: ... options is the same as that when IEEE 2600 1 CC certification was obtained on the touch paneldisplay There are following mentions in iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria Certification of Administrator Guide After the operations are completed the administrator must confirm that the machine is operating normally as a 2600 1 model 1 Press Counter Check of the Control Panel 2 Press ...

Page 8: ...Press Version Information MEAP Contents version F 1 7 F 1 8 10 14 6 Press OK after checking that the versions are the same as the following on the version information screen MEAP Contents 10 14 Note Since versions are not given to any options other than HDD Data Encryption Mirroring Kit they are aggregated in the Controller Version ACCESS MANAGEMENT SYSTEM and iR ADV Security Kit B1 for IEEE 2600 ...

Page 9: ...2 2 Functions Functions Basic Function New Function ...

Page 10: ...e which satisfies consumers needs In IEEE 2600 series PPs are classified into 4 categories as shown below depending on the operation environment of the usage type Protection Profile 2600 1 Protection Profile 2600 2 Protection Profile 2600 3 Protection Profile 2600 4 Security Target Specifications of Company A Security Target Security Target ST Each Benda defines it every product CC Common Criteria...

Page 11: ...ration of stored data The target is described as a removable storage and is limited to one which can be removed by an end user instead of a service technician MFP function option corresponds to this function 7 Network 2600 1 SMI SFR Package for Hardcopy Device Shared medium Network communication function This function is intended for LAN WAN and wired wireless network since the network mentioned h...

Page 12: ... as image data generated by a job from being reused HDD complete deletion function 4 Protection function for user data in the nonvolatile memory such as HDD To prevent leakage of information due to the HDD unit taken away HDD encryption function 5 Protection function for network data To prevent LAN data from being stolen IPSec 6 Protection function for user data transfer To counter the attacks by ...

Page 13: ...tion Settings Setting items Displayed Screen Setting value IEEE 2600 1 certification machine Setting value at the time of shipment Report with TX Image Send Common Settings TX Report OFF ON Send Fax Settings Fax TX Report Use Remote Fax Send Fax Settings Remote Fax Settings Use Remote Fax OFF OFF Restrict Printer Jobs 3 Printer Restrict Printer Jobs ON OFF Use Fax Memory Lock 4 Receive Forward Com...

Page 14: ...in Preferences Settings Registration 7 Indicates an item displayed when the Remote Operator s Software Kit is enabled Setting value IEEE 2600 1 1 The Advanced Box is disabled since it is not targeted for audit log 2 Memory media is disabled since the information may be carried away Setting value IEEE 2600 1 Setting value at the time of shipment 3 A general user cannot change the setting to 0 min o...

Page 15: ...the MIB access restriction setting since the use of MIB allows the user to change the devicesetting without the user authentication from Remote UI SNMPv1 SNMPv3 Setting value IEEE 2600 1 Setting value at the time of shipment 6 OFF is set for the image display of TX report since images printed in the TX report may result in the leakage of information T 2 10 F 2 2 T 2 11 Setting value IEEE 2600 1 Se...

Page 16: ...Setting value IEEE 2600 1 Setting value at the time of shipment T 2 14 T 2 15 T 2 16 11 ON is selected for Use I Fax Memory Lock to prevent the received I Fax job from being printed without limit Setting value IEEE 2600 1 Setting value at the time of shipment 12 The number of digits for Mail Box PIN is fixed to 7 however since the PIN less than 7 digits created before the execution of Unified Secu...

Page 17: ...e at the time of shipment 14 ON restricted is set for Device Information Delivery Settings Restrict Receiving for Each Function Settings Registration Value so that the setting will not be changed by the device information delivery from other devices Setting value IEEE 2600 1 Setting value at the time of shipment T 2 19 T 2 20 15 Audit Log Retrieval Setting value IEEE 2600 1 Setting value at the ti...

Page 18: ... registering editing deleting importing and exporting users in the authentication application SSO H Logs generated when registering editing deleting importing and exporting roles in the authentication application SSO H Job log 1001 Operation of PRINT COPY SCAN Transmission reception log 8193 Transmission of SEND Mail Box document operation log 8197 and Mail Box authentication log 8199 Target box M...

Page 19: ...t guaranteed to be stored in chronological order since those of different storage destinations or typesare collected 2 The number of managed logs is 20 000 Delete logs from device after export can also be selected at the time of log export When the log collection function is stopped after it once started logs which have been collected up to that point continue to be kept instead of being deleted 3...

Page 20: ...3 3 Installation Installation Points to Note About Installation Installation Overview Checking the Operation After Making the Settings ...

Page 21: ... by the field remedy the machine is excluded from IEEE2600 1 CC certification To maintain the status of IEEE2600 1CC certification install the firmware for the host machine from the CD included in the package of iR ADV Security Kit B1 for IEEE 2600 1 Common Criteria Certification Handling the Options with VOID Seal LMS options are sealed by the VOID seal seal to prevent falsification Check that th...

Page 22: ...4035 4025 Series Service Manual Installation Installing the Encryption Mirroring Board Refer to imageRUNNER ADVANCE 4051 4045 4035 4025 Series Service Manual Installation Combination of HDD Options 2 Installing the System 1 Remove the VOID seal from the IEEE2600 certification kit take out the CD ROM and register the firmware to SST 2 Install the registered firmware after formatting according to th...

Page 23: ...atches with the version described in the User s Guide Controller version 9100 0 408 Scanner version 201 101 Canon MFP Security Chip 2 01 Refers to the encryption board included in the HDD Data Encryption Mirroring Kit 2 Counter check screen Device configuration check Check that the following 4 options are displayed ACCESS MANAGEMENT SYSTEM Data erase Security Kit B1 for IEEE2600 1 3 Counter check ...

Page 24: ...nection work performed by the user Under this environment the response of ping can be confirmed which has been sent to the PC with which the encryption communication has been established The procedure introduces the setting by which the communication only between a device connected to the local network and a PC on which Windows7 operates isenabled Setting by the Device Complete the device setting ...

Page 25: ...hentication Method Shared Key Enter canon here This character string is used in the PC setting of the next section F 3 5 F 3 6 IPSec Network Settings Leave everything as they are by default Validity 480 mins Size 0 MB PFS OFF Auth Encryption Auto Reference You can compare it when You output a list of IPSec policy when a change entered later Settings Registration Preferences Network TCP IP Settings...

Page 26: ... Advanced Security IPsec Settings Windows Firewall with Advanced Security on Local Computer IPsec defaults Customize Key exchage Main Mode Advanced Customize Edit Security Method Add Integrity algorithm SHA 1 Encryption algorithm AES CBC 128 Key exchange algorithm Diffie Hellman Group 2 Do not choose Use Deffie Hellman for enhanced security in Key exchange options Data protection Quick Mode Select...

Page 27: ...tallation Checking the Operation After Making the Settings IPSec defaults Customize IPsec Setting Create a new IP Security Policy Select Start Control Panel System and Security Administrative Tools Local Security Policy Select the Windows Firewall Properties F 3 10 F 3 11 IPSec defaults Customize F 3 12 ...

Page 28: ...orithm AES CBC 128 Key exchange algorithm Diffie Hellman Group 2 Do not choose Use Deffie Hellman for enhanced security in Key exchange options F 3 13 Note Delete the security method that is set by default Data protection Quick Mode Select Require encryption for all connection security rules that use these settings Add Intergrity and Encryption Algorithms Protocol ESP recommended Algorithms AES CB...

Page 29: ...tication Add First Authentication Method Preshared key not recommended Ex canon Note This character string is used in the Device setting of the befor section F 3 15 F 3 16 Connection Security Rules The setting can be done in the wizard format The following shows each setting screen to be checked after the setting Control Panel All Control Panel Items Administrative Tools Windows Firewall with Adva...

Page 30: ...ection Security Rules Installation Checking the Operation After Making the Settings Connection Security Rules Rule Type Custom Endpoints Any IP address F 3 19 F 3 20 Requirements Require authentication for inbound and outbound connetions Authentication Method Default F 3 21 F 3 22 ...

Page 31: ...Security Policy Protocol and Ports Protocol type Any Profile Select Domain Private Public F 3 23 F 3 24 Name Any Ex test Assigning the Security Policy IPsec communication starts when a policy is assigned Control Panel All Control Panel Items Administrative Tools Windows Firewall with Advanced Security Select the created policy and assign it by right clicking the mouse F 3 25 F 3 26 ...

Page 32: ...Settings PING Command Enter the IP address of the PC whose policy has been set Press the Start button Connection is successful when Response from the host is displayed F 3 27 F 3 28 Reference When the IP address of a PC is determined by the DHCP server the IP address cannot be located even by referring to the network setting Select Start All Programs Accessories Command Prompt and check the IP add...

Page 33: ...4 4 Maintenance Maintenance Notes when service Reference matter in market service ...

Page 34: ... when applying problem correction firmware be sure to notify the user Firmware update via CDS is handled as special upgrading which is differentiated from the normal firmware delivery since its version is that of IEEE2600certification Obtain the ID and password information in advance for the CDS special upgrading Recovery after Servicing Work When the setting of iR ADV Security Kit B1 for IEEE 260...

Page 35: ...ions Which Operates Normally Reference matter in market service Functions Which Operates Normally Version upgrade by SST Installation of IPSec Board encrypts communication In the case of communication between SST and the host machine system can be installed by SST vianetwork in the same way as the normal service since IPSec function is not used ...

Reviews:

No comments

Related manuals for iR-ADV Security Kit-B1

Canon Color imageCLASS MF8580Cdw Getting Started Manual preview
Color imageCLASS MF8580Cdw
Brand: Canon Pages: 36
Canon Color imageCLASS MF8280Cw Settings Manual preview
Color imageCLASS MF8280Cw
Brand: Canon Pages: 24
Canon Color imageCLASS LBP7660Cdn Quick Setup Manual preview
Color imageCLASS LBP7660Cdn
Brand: Canon Pages: 2
Canon Color imageCLASS 8180c Quick Start Manual preview
Color imageCLASS 8180c
Brand: Canon Pages: 24
Canon CD-300 Printer Manual preview
CD-300
Brand: Canon Pages: 30
Canon Color imageCLASS MF8080Cw Configuration Manual preview
Color imageCLASS MF8080Cw
Brand: Canon Pages: 46
GDC SX-4000 Installation Manual preview
SX-4000
Brand: GDC Pages: 64
Canon Color imageRUNNER LBP5360 Release Note preview
Color imageRUNNER LBP5360
Brand: Canon Pages: 3
VASTEX V-1000 Installation And Operating Insctructions preview
V-1000
Brand: VASTEX Pages: 2
Vauxhall 2009 Tigra Quick Reference Manual preview
2009 Tigra
Brand: Vauxhall Pages: 2
Xerox Phaser 7750 Supplementary Manual preview
Phaser 7750
Brand: Xerox Pages: 16
Xerox 7760DN - Phaser Color Laser Printer Instruction Sheet preview
7760DN - Phaser Color Laser Printer
Brand: Xerox Pages: 6
Harol TR850 Assembly Instructions Manual preview
TR850
Brand: Harol Pages: 16
Samsung CLP-600 Series User Manual preview
CLP-600 Series
Brand: Samsung Pages: 115
SimplyHome SH003B User Manual And Installation Instructions preview
SH003B
Brand: SimplyHome Pages: 2
OKIDATA DOC-IT Series Fast Start preview
DOC-IT Series
Brand: OKIDATA Pages: 13
SEWOO LK-P24 Quick Manual preview
LK-P24
Brand: SEWOO Pages: 17
Mad4One PUSH-N2 How To Mount preview
PUSH-N2
Brand: Mad4One Pages: 5

Brands by name

Popular brands

Load more brands