1
Purpose and Audience
This
document provides information on the secure installation, setup and operation. All customers, but particularly
those concerned with secure installation and operation of these devices, should follow these guidelines.
Overview
This document lists some important customer information and guidelines
1
that will ensure that your device is operated
and maintained in a secure manner.
Background
These devices are currently undergoing Common Criteria evaluation and are evaluated in a particular configuration,
referred to in the rest of this document as the “evaluated configuration”. Section 1 describes how to install and configure
the machine so that it is in the same configuration as it is for evaluation.
Customers are advised that changes to the evaluated configuration may be required to support business goals and
for compliance with policies applicable to their environment
2
. After careful review of this document, customers should
document settings to be applied to devices in their environment establishing a unique benchmark configuration to
support processes such as installation, change management and audit. Xerox Professional Services, which can be
contacted via
http://www.xerox.com/about-xerox/customer-training/tab1-ab-enus.html
, can assist in evaluating and
configuring these devices.
The information provided here is consistent with the security functional claims made in the applicable Security Targets
3
. Upon completion of the evaluation, the Security Target will be available from the Common Criteria Certified Product
website (
http://www.commoncriteriaportal.org/products.html
) list of evaluated products, from the Xerox security
website (http://www.xerox.com/information-security/common-criteria-certified/enus.html), or from your Xerox
representative.
1
All guidelines in this document apply to the System Administrator unless explicitly stated otherwise.
2
For example, if the customer security policy requires that passwords are reset on a quarterly basis, the Reset Policy for the Admin Password will
need to be enabled. Also, many customers choose to manage user credentials centrally, rather than on individual devices through local
authorization.
3
Xerox Multi-Function Security Target, Xerox® WorkCentre® 3655/3655i 2016 Xerox® ConnectKey® Technology, Version 1.2, July 2016
Xerox Multi-Function Security Target, Xerox® WorkCentre® 5845/5855/5865/5865i/5875/5875i/5890/5890i 2016 Xerox® ConnectKey®
Technology, Version 1.2, July 2016; Xerox Multi-Function Security Target, Xerox® WorkCentre® 5945/5945i/5955/5955i 2016 Xerox®
ConnectKey® Technology, Version 1.2, July 2016; Xerox Multi-Function Security Target, Xerox® WorkCentre® 6655/6655i 2016 Xerox®
ConnectKey® Technology, Version 1.2, July 2016; Xerox Multi-Function Security Target, Xerox® WorkCentre® 7220/7220i/7225/7225i 2016
Xerox® ConnectKey® Technology, Version 1.2, July 2016; Xerox Multi-Function Security Target, Xerox® WorkCentre® 7830/7830i/7835/7835i
2016 Xerox® ConnectKey® Technology, Version 1.2, July 2016; Xerox Multi-Function Security Target, Xerox® WorkCentre®
7845/7845i/7855/7855i 2016 Xerox® ConnectKey® Technology, Version 1.2, July 2016; Xerox Multi-Function Security Target, Xerox®
WorkCentre® 7970/7970i 2016 Xerox® ConnectKey® Technology, Version 1.2, July 2016.
