background image

 

 

Xerox

®

 D95/D110/D125 Copier/Printer Security Function Supplementary Guide

 

59

 

Security @ Xerox  

For the latest information on security and operation concerning your device, see the Xerox 
Security Information website located at 

www.xerox.com/security. 

 

10 

Summary of Contents for D95

Page 1: ...Version 1 0 February 2012 Xerox D95 D110 D125 Copier Printer Security Function Supplementary Guide...

Page 2: ......

Page 3: ...ll rights reserved Xerox Xerox and Design CentreWare and FreeFlow are trademarks of Xerox Corporation in the United States and or other countries Microsoft and Windows and registered trademarks of Mic...

Page 4: ......

Page 5: ...by Print Report 7 How to Check the System Clock 7 Initial Settings Procedures Using Control Panel 9 Authentication for Entering the System Administration Mode 9 Use Passcode Entry from Control Panel...

Page 6: ...the Secure Operation 29 Overview of Authentication 29 Users Controlled by Authentication 29 Machine Administrator 29 Authenticated Users with System Administrator Privileges 30 Authenticated Users wit...

Page 7: ...Ware Internet Services 43 Accessing Xerox CentreWare Internet Services 43 Print 45 Scan Folder Operation 45 Folder List of Files 47 Edit Folder 48 Folder Setup 48 Import the files 49 Printing Job Dele...

Page 8: ......

Page 9: ...strator Guide The security features of the Xerox D95 D110 D125 Copier Printer are supported by the following ROM versions Controller PS ROM Ver 1 201 1 IOT ROM Ver 83 25 0 IIT ROM Ver 9 8 0 ADF ROM Ve...

Page 10: ...D110 D125 Copier Printer have the following security features Hard Disk Data Overwrite Hard Disk Data Encryption User Authentication System Administrator s Security Management Customer Engineer Operat...

Page 11: ...nimum Length Set to 9 characters Auto Clear Default Enabled Report Print Set to Disable Self Test Set to Enabled Software Download Set to Disabled SMB Set to Disabled for NetBEUI Xerox FreeFlow Set to...

Page 12: ...settings and files before starting to use the data encryption feature or changing the settings An error occurs if the connected hard disk does not match the encryption settings Use of the Overwrite H...

Page 13: ...organization The machine needs to be placed in a secure or monitored area where the machine is protected from unmanaged physical access If the network where the machine is installed is to be connected...

Page 14: ...ec host that communicates with the machine select an Encryption Method Message Digest Algorithm from the following AES 128bit SHA1 3Key Triple DES 168bit SHA1 4 SNMPv3 The encryption method of SNMPv3...

Page 15: ...reen 3 Select Printer Reports on the touch screen 4 Select Configuration Reports 5 Press the Start button on the control panel You can identify the software versions of the components of the machine b...

Page 16: ......

Page 17: ...This is the factory default ID 3 Select Next on the touch screen 4 Enter 1111 from the keyboard when passcode is required 5 Select Enter on the touch screen 6 Press the Machine Status button on the co...

Page 18: ...to confirm your entry Set Maximum Login Attempts 1 Select Authentication Security Settings on the Tools screen 2 Select Authentication 3 Select Maximum Login Attempts By System Administrator 4 On the...

Page 19: ...ect 1 Overwrite or 3 Overwrites 5 Select Save Set Scheduled Image Overwrite 1 Select Authentication Security Settings on the Tools screen 2 Select Overwrite Hard Disk 3 Select Scheduled Image Overwrit...

Page 20: ...emote Authentication Server Setting 9 Select Authentication System Setup 10 Select Authentication System 11 Select Change Settings 12 On the Authentication System screen select LDAP or Kerberos 13 Sel...

Page 21: ...cted 1 On the Receive Control screen select According to Print Auditron 2 Select Save As Private Charge Print Job for Job Login Success 3 Select Delete Job for Job Login Failure 4 Select Delete Job fo...

Page 22: ...lect Save 8 To exit the Machine Clock Timers screen select Close Set Report Print 1 Select System Settings on the Tools screen 2 Select Common Service Settings 3 Select Reports 4 Select Print Reports...

Page 23: ...on the Tools screen 2 Select Common Service Settings 3 Select Other Settings 4 On the Other Settings screen select Software Download 5 Select Change Settings 6 Select Disabled 7 Select Save 8 To exit...

Page 24: ......

Page 25: ...e a computer supporting the TCP IP protocol to use Xerox CentreWare Internet Services Xerox CentreWare Internet Services supports the browsers that satisfy SSL TLS conditions 1 Open your Web browser e...

Page 26: ...te Authentication is used follow the procedure below to set WebDAV to Disabled 1 Click Connectivity on the Properties screen 2 Click Port Setting 3 Uncheck the Enabled box for WebDAV 4 Click Apply Set...

Page 27: ...ss Group boxes enter a name for the group Entries should be in base DN format for instance cn admin cn users dc xerox dc com You can also restrict the use of the Copy Scan Print and other features by...

Page 28: ...1 Click Reboot Machine Note For secure operation check the Enabled box for Verify Remote Server Certificate and import the CA certificate according to the same procedure as that in Configuring Machine...

Page 29: ...fy Shared Key box Next proceed to set the IPSec address 6 Click Certificate Management in Security 7 Select IPSec for Certificate Purpose 8 Click Display the list and check a desirable certificate 9 C...

Page 30: ...confirm it 10 Enter a new Privacy Password minimum 8 characters 11 Enter the new Privacy Password again to confirm it 12 Check Account Enabled for Print Drivers Remote Clients Account 13 Click Apply N...

Page 31: ...k Apply 5 Click Security on the Properties screen 6 Click Certificate Management 7 Select S MIME for Certificate Purpose 8 Click Display the list and check a desirable certificate 9 Click Certificate...

Page 32: ...n 2 Click Job Management 3 Select Administrators Only for Job Deletion 4 Click Apply 5 Click the Reboot Machine button Important Allows the user to pause an active copy print scan job while it is bein...

Page 33: ...hange and user operation are traced and recorded based on when and who operated what function Auditable events are stored with time stamps into NVRAM When the number of stored events reaches 50 the 50...

Page 34: ...ox CentreWare Internet Services for viewing and analyzing The logged data cannot be viewed from the local UI In addition SSL TLS communication must be enabled in order to access to the logged data 1 O...

Page 35: ...ion and displays an error on the control panel at error occurrence Also when Self Test function is set at initiation the machine calculates the checksum of Controller ROM to confirm if it matches the...

Page 36: ......

Page 37: ...ation feature restricts operations according to the user type Machine Administrator Authenticated Users with System Administrator Privileges Authenticated Users with no System Administrator Privileges...

Page 38: ...his her user ID on the authentication screen Unauthenticated Users These are users who are not registered with the machine An Unauthenticated User cannot use services that are restricted Local Machine...

Page 39: ...ccess are as follows Device Access All Services Pathway verifies users when users access a service screen Job Status Pathway verifies users when users access the Job Status screen Machine Status Pathw...

Page 40: ...en the Authentication feature is enabled Note When a user account is deleted the Folder and job flow sheets associated with the account are also deleted Any files stored in the Folder will also be del...

Page 41: ...older Operation System Administrator and Authenticated Users Machine Administrator Shared Folder Personal Folder owner Personal Folder other Create Display Delete Change Settings Display File Delete F...

Page 42: ...File Delete File Store File Print File Job Flow Sheet Display Link Auto Run Manual Run Operation available Operation not available Note When job flow sheets not available for operation depending on c...

Page 43: ...on the control panel become available Important When another user interrupts and uses the machine by using the interrupt mode the user needs to logout before canceling the interrupt mode Example User...

Page 44: ...enter a passcode using the screen keyboard You can enter 4 to 12 alphanumeric characters Note The Passcode button appears when you have chosen the use of a passcode and you have enabled Local Accounts...

Page 45: ...ings and data for the selected account Change User Passcode by General User This feature allows Authenticated Users users who are authenticated by the procedure described in User Authentication to cha...

Page 46: ...n Job 1 On the control panel press Job Status button The Active Jobs tab displays 2 Touch the desired job then press Delete from the pop up menu Folder Stored File Settings This section describes the...

Page 47: ...ntion period for a stored file Selecting On allows you to specify a retention period within the range from 4 to 23 hours in 1 hour increments Note If the machine is turned off before the specified per...

Page 48: ...to enter a passcode depending on the operation you attempt Private Folders created by other users are inactive and inaccessible to you 1 Press the Services Home button on the control panel 2 Select Se...

Page 49: ...s More screen Note If you enter the screen with System Administrator s ID a list of authentication user IDs is displayed Select a user ID from the list or enter the displayed number in Go to and selec...

Page 50: ......

Page 51: ...ion on the installation and setups of the Xerox CentreWare Internet Services feature refer to the System Administration Guide Some of the Xerox CentreWare Internet Services features have restricted ac...

Page 52: ...xxxx xxxx xxxx xxxx 80 The home page of Xerox CentreWare Internet Services is displayed Note When the Authentication feature is enabled you are required to enter your user ID and your password You nee...

Page 53: ...nochrome Output Destination Allows you to select output trays from the drop down menu Paper Paper Supply Allows you to select the paper tray from the drop down menu Paper Size Allows you to select the...

Page 54: ...Name Displays the names of Folders If you click the name of a registered Folder the Folder List of Files page for the Folder is displayed Number of Files in this Folder Displays the number of files st...

Page 55: ...Compression Format Displays the compression formats of the files Page Count Displays the page counts of the files Type Displays the job types of the files Retrieve Retrieve Page Selects whether or no...

Page 56: ...ou to set whether to automatically delete files when they reach the specified expiration dates Number of Files in this Folder Displays the number of files stored in the Folder Link Job Flow Sheet to t...

Page 57: ...the home page 2 Select the desired job on the Active Jobs screen 3 Click the Delete button 4 A confirmation window appears Select OK to cancel the job completely Change User Passcode by System Adminis...

Page 58: ......

Page 59: ...reen messages and animated graphics to clear the fault according to the specified order Also refer to the fault codes displayed on the touch screen in the Machine Status mode Refer to the Fault Codes...

Page 60: ...hether it is connected to the machine correctly 016 403 Cause The root certificate did not match Remedy Confirm the authentication server and store the root certificate of the server certificate of th...

Page 61: ...the validity of the LDAP server 016 526 Cause LDAP server SSL authentication error The server name does not match the certificate Remedy Set the same LDAP server address to the machine and to the SSL...

Page 62: ...access privilege to the FTP server 016 581 Cause The machine failed to transfer data using FTP of the Scan to PC feature because the suffix of the file or folder name exceeded the limit after connecti...

Page 63: ...C feature because a network error occurred Remedy Try again If the error persists contact our Customer Support Center 016 703 Cause The machine received e mail which specified an invalid folder number...

Page 64: ...rs are not used for the host name specified on the machine Remedy Take one of the following measures Check whether the network cables are plugged in securely Enter the host name using ASCII characters...

Page 65: ...a using SMB of the Scan to PC service because the number of users logging into the SMB server exceeded the limit when logging in to the SMB server Remedy Take one of the following measures Confirm how...

Page 66: ...e 027 711 Cause No S MIME certificate was obtained from the received email Remedy Import the sender s S MIME certificate to the machine or attach an S MIME certificate to S MIME signature mail sent fr...

Page 67: ...ier Printer Security Function Supplementary Guide 59 Security Xerox For the latest information on security and operation concerning your device see the Xerox Security Information website located at ww...

Page 68: ...ty Service Representative Restricted Operation Off Set Overwrite Hard Disk Authentication Security Settings Overwrite Hard Disk On Set Scheduled Image Overwrite Authentication Security Settings Overwr...

Page 69: ...ng On Set Receive E mail Connectivity Network Setup Port Setting Connectivity Port Setting Off Set IPP System Settings Connectivity Network Setup Port Setting Connectivity Port Setting On Set LDAP Con...

Page 70: ...ettings Authentication Create View User Accounts Account Number Security Authentication Configuration Next Account Number Edit Change User Passcode by General User User Details Setup Change Passcode F...

Reviews: