manualshive.com logo in svg

Xerox WorkCentre 7220, Information

The Xerox WorkCentre 7220 is a versatile printer with advanced features for efficient document management. For a quick setup and overview, download the free Quick Start Manual from our website. Easily access the manual for detailed instructions on how to maximize the functionality of this printer. Download it from manualshive.com.

Share
Download
background image

WorkCentre 7220-7225 Information Assurance Disclosure Paper 

Ver. 1.0, January 2013 

 

 

 

 

Page

 33 of 61 

3.2.2.3.

 

Common Access Card (CAC1/PIV/.NET) 

With the addition of the CAC accessory kit, the device is able to utilize the following cards: 

 

Axalto Access 64kV2 

 

Oberthur PIV V1.08 

 

Gemalto PIV 144K 

 

Gemalto Access 64KV2 

 

Gemalto .NET v2 

 

Gemplus GXP3 64V2N 

 

Oberthur ID One V5.2 

 

Oberthur ID One 128K 

 

Oberthur ID-One Cosmo 64 V5.2 D with OCS Applets 

 

Gemplus GCX4 

 

Oberthur ID-One Cosmo 64 V5.2 D with ActivIdentity Applets 

 

Gemplus GCX4 72K with ActivIdentity Applets 

 

Oberthur ID-One Cosmo v7.0 128K with ActivIdentity Applets 

 

GnD SmartCafe Expert v3.2 144KB with ActivIdentity Applets 

 

Gemalto TOP DL GX4 FIPS with ActivIdentity Applets 

 

GnD SCE 3.2 80K with ActivIdentity Applets 

 

Oberthur 7.0 PIV with Oberthur Applets 

 

Oberthur D1 72K/V2 (contact-less and PIV)  

 

Gemalto .NET v1  

Sending encrypted data to multiple recipients is made possible using an organizations LDAP directory. 

The user may view certificates of potential recipients to ensure they are sent to the intended parties.  Controls are 
also in place to prevent sending to users without encryption certificates 

Audit logs record which e-mails were sent encrypted and those that were not.   

In addition, Confirmation Reports detail which recipients received e-mail and if it was encrypted or not. 

Summary of Contents for WorkCentre 7220

Page 1: ...x Corporation 800 Phillips Road Webster New York 14580 2012 2013 Xerox Corporation All rights reserved Xerox and the sphere of connectivity design are trademarks of Xerox Corporation in the United Sta...

Page 2: ...sure Paper Ver 1 0 January 2013 Page 2 of 61 Contributors Michael Barrett Steve Beers Bob Crumrine Mike Faraoni Gordon Farquhar Mirelsa Fontanes Tim Hunter Larry Kovnat Tom Pierce Roger Rhodes Steve S...

Page 3: ...2 Hardware 15 2 4 Scanner 16 2 4 1 Purpose 16 2 4 2 Hardware 16 2 5 Graphical User Interface GUI 16 2 5 1 Purpose 16 2 6 Marking Engine Image Output Terminal or IOT 16 2 6 1 Purpose 16 2 6 2 Hardware...

Page 4: ...ns Role Based Access Control RBAC 47 4 5 SMart eSolutions 48 4 6 Encrypted Partitions 48 4 7 Image Overwrite 49 4 7 1 Algorithm 49 4 7 2 User Behavior 49 4 7 3 Overwrite Timing 50 4 7 4 Overwrite Comp...

Page 5: ...ign functions and features of the products relative to Information Assurance IA This document does NOT provide tutorial level information about security connectivity PDLs or products features and func...

Page 6: ...Description This product consists of an in put document handler and scanner marking engine including paper path controller and user interface Figure 2 1 WorkCentre 7220 7225 Multifunction System Docum...

Page 7: ...ler Power Interface TOE internal wiring proprietary TOE internal wiring proprietary PCI Bus TOE Physical Boundary Original Documents Optical interface Human Interface Hardcopy Finisher Paper output in...

Page 8: ...uthentication Controller Graphical User Interface Security Audit Controller Cryptographic Operations Controller User Data Protection SSL Controller User Data Protection IP Filtering Controller User Da...

Page 9: ...pre collation sometimes referred to as scan once print many When producing multiple copies of a document the scanned image is processed and buffered in the DRAM in a proprietary format Extended buffe...

Page 10: ...in System memory while the job is being processed Once the job is complete the memory is reused for the next job Likewise Image memory holds job data in a proprietary format while the job is being pr...

Page 11: ...do not remain stored on this disk One exception is Print From Saved Jobs feature Customer jobs saved on the machine s hard disk using this feature must be manually deleted by the customer If On Deman...

Page 12: ...al connections available at the right rear of the machine The tray contains a single controller board An optional fax board may also be installed Disk s are mounted on the underside of the tray Below...

Page 13: ...aders SW upgrade USB Printing Scan to USB Debug Port Troubleshooting and Monitoring Ethernet Network Connectivity Diagnostic LED Readout Displays status codes for Diagnostics Foreign Device Interface...

Page 14: ...rt and location Purpose Front panel 1 Host port User retrieves print ready files from Flash Media or stores scanned files on Flash Media Physical security of this information is the responsibility of...

Page 15: ...Fax Card is a printed wiring board assembly containing a fax modem and the necessary telephone interface logic It connects to the controller via a serial communications interface The Fax Card is respo...

Page 16: ...pose The GUI detects soft and hard button actuations and provides text and graphical prompts to the user The GUI is sometimes referred to as the Local UI LUI to distinguish it from the WebUI which is...

Page 17: ...m Software Structure 2 7 1 Open source components Open source components in the connectivity layer implement high level protocol services The security relevant connectivity layer components are Apache...

Page 18: ...ork and physical I O drivers The controller operating system is Wind River Linux kernel v 2 6 34 Xerox may issue security patches for the OS in which case the Xerox portion of the version number i e a...

Page 19: ...2013 Page 19 of 61 2 7 3 Network Protocols Figure 2 5 and Figure 2 6 are interface diagrams depicting the IPv4 and IPv6 protocol stacks supported by the device annotated according to the DARPA model F...

Page 20: ...up the shared secret When an IPSec tunnel is established between a client and the machine the tunnel will also be active for administration with SNMPv2 tools HP Open View etc providing security for S...

Page 21: ...P ISAKMP 515 TCP LPR 631 TCP IPP 1900 TCP UDP SSDP 1901 UDP SSDP 3003 TCP http SNMP reply 3702 TCP UDP WSD Discovery 4500 TCP UDP IKE Negotiation Port for IPSec 5353 TCP UDP Multicast DNS 5354 TCP Mul...

Page 22: ...o E mail or Internet Fax I Fax is exporting images to an SMTP server or when email alerts are being transmitted SMTP messages images are transmitted to the SMTP server from the device 2 8 2 4 Port 53...

Page 23: ...resident on the hard disk of the device It does not and cannot act as a proxy server to get outside of the network the device resides on Hence the server cannot access any networks or web servers outs...

Page 24: ...s to most destinations and purchasers without the need for previous approval from or notification to BXA At the time of the opinion restricted destinations and entities included terrorist supporting s...

Page 25: ...o a remote repository using an https connection the device must verify the certificate provided by the remote repository A Trusted Certificate Authority certificate should be uploaded to the device in...

Page 26: ...e 2 8 2 21 Port 3702 WSD Discovery WS Discovery Multicast This is the default port for WS Discovery the discovery of services in an ad hoc network with a minimum of networking services for example no...

Page 27: ...t 61502 WS Web Service interface s used to get set services available on the device 2 8 2 32 Port 61503 WS Web Service interface s used to get session information applicable to the current active sess...

Page 28: ...he available services such as Copy Fax Server Fax Reprint Saved Jobs Email Internet Fax Workflow Scanning Server Extensible Interface Platform Services Also users can be authorized to access one or an...

Page 29: ...WorkCentre 7220 7225 Information Assurance Disclosure Paper Ver 1 0 January 2013 Page 29 of 61 Figure 3 1 Authentication and Authorization schematic...

Page 30: ...in and as many as 8 additional alternate authentication domains 3 2 2 1 Kerberos Authentication Solaris or Windows The authentication steps are 1 A User enters a user name and password at the device i...

Page 31: ...the Domain Controller 2 The Domain Controller responds back to the device whether or not the user was successfully authenticated If 2 is successful steps 3 5 proceed as described in steps 4 6 of the K...

Page 32: ...1 The device sends the Domain Controller hostname to the DNS Server 2 The DNS Server returns the IP Address of the Domain Controller 3 The device sends an authentication request directly to the Domain...

Page 33: ...Cosmo v7 0 128K with ActivIdentity Applets GnD SmartCafe Expert v3 2 144KB with ActivIdentity Applets Gemalto TOP DL GX4 FIPS with ActivIdentity Applets GnD SCE 3 2 80K with ActivIdentity Applets Obe...

Page 34: ...enticate a user The device can also take in additional information about the user to allow for two factor authentication The Web Service interface allows the 3rd party to tell the device that someone...

Page 35: ...nto bind to _ the LDAP server The device uses a simple bind to the LDAP server unless the device was able to obtain a TGS for the LDAP server from the Kerberos Servier In this case a SASL GSSAPI bind...

Page 36: ...re is installed and with it a new whitelist for the new version The digital signature prevents corrupted files from being installed by verification that the file is genuine Xerox software and has not...

Page 37: ...The following table lists the events that are recorded in the log Event ID Event description Entry Data 1 System startup Device name Device serial number 2 System shutdown Device name Device serial n...

Page 38: ...IIO status Accounting User ID Accounting Account ID Total fax recipient phone numbers fax recipient phone numbers 14 Lan Fax Job Job name User Name Completion Status IIO status Accounting User ID Acco...

Page 39: ...Passwords Device name Device serial number StartupMode enabled disabled System Params Password changed Start Job Password changed 29 Network User Login UsereName Device name Device serial number Comp...

Page 40: ...Enabled Disabled 43 Device clock UserName Device name Device serial number Completion Status time changed date changed 44 SW upgrade Device name Device serial number Completion Status Success Failed 4...

Page 41: ...onfigured Interface Web Local CAC SNMP Session IP address if available 60 Device Clock NTP Enable Disable Device Name Device serial number Enable Disable NTP NTP Server IP Address Completion Status Su...

Page 42: ...vailable File names downloaded Destination IP address or USB device Completion status Success failed 74 Scan to USB Job Job Name User Name Completion Status IIO Status Accounting User ID Name Accounti...

Page 43: ...ent Device name Device serial number Type Read Modify Execute Deluge McAfee message text 87 McAfee Agent User name Device name Device serial number Completion Status Enabled Disabled 88 Digital Certif...

Page 44: ...Wired 100 Address Book Permissions UserName Machine Name Machine serial number Completion Status SA Only Open Access Enabled WebUI SA Only Open Access Enabled LocalUI 101 Address Book Export UserName...

Page 45: ...atus Success or Failed 108 Convenience Authentication Enable Disable Configure UserName Device name Device serial number Completion Status Enabled Disabled Configured 109 Efax Passcode Length UserName...

Page 46: ...cific services to zero for users that should not have rights to use the feature After each job is performed the user s balance is updated by the number of impressions or scans performed Services becom...

Page 47: ...device may be used In addition users can be assigned multiple roles Through the Web UI on the Xerox device the SA may perform the following functions Configure Job Types which will be allowed such as...

Page 48: ...ending the meter reads back to the server Supplies Assistant Once the connection with the Xerox Communication Server has been established the Supplies Assistant service will be automatically enabled b...

Page 49: ...emporary files IIO or to the entire spooling area of the disks ODIO hex value 0xCA ASCII compliment of 5 Step 3 Pattern 3 is written to the sectors containing temporary files IIO or to the entire spoo...

Page 50: ...Reporting Immediate Image Overwrite When an Immediate Image Overwrite is performed at the completion of each job the user may view the Completed Jobs Log at the Local UI In each Job entry there will...

Page 51: ...rinter is the server in the client server relationship An SSL certificate for HTTPS is an example Validates certificates for features where the printer is the client in the client server relationship...

Page 52: ...nd encrypting emails when the user is authenticated to the device using a CAC NET or PIV smart card containing appropriate signing and encryption certificates The device allows signing to multiple rec...

Page 53: ...that contains the latest security information pertaining to its products Please see http www xerox com security Xerox has created a document which details the Xerox Vulnerability Management and Disclo...

Page 54: ...t transfer protocol IBM International Business Machines ICMP Internet Control Message Protocol IETF Internet Engineering Task Force IFAX Internet Fax IIO Immediate Image Overwrite IIT Image Input Term...

Page 55: ...Secure File Transfer Protocol SLP Service Location Protocol SNMP Simple Network Management Protocol SRAM Static Random Access Memory SSDP Simple Service Discovery Protocol SSL Secure Sockets Layer TCP...

Page 56: ...support 0 or 3 for more than 1 sheet for prtInputCurrentLevel will be considered a caveat denoted as C 6 The Printer MIB requires a few groups from RFC 1213 and RFC 1514 to be supported Therefore this...

Page 57: ...e C local UI button selection messages are not captured within table Console Display Light group 5 objects supported w caveats only the Power Saver LED is supported the other LEDs were not implemented...

Page 58: ...ered the standards track New type 2 enumerations from next generation Printer MIB supported supported New Printer MIBv2 objects implemented optional not support because Printer MIBv2 has NOT entered t...

Page 59: ...ver IEEE802 networks 1042 ICMP ICMP Echo ICMP Time ICMP Echo Reply and ICMP Destination Unreachable message 792 Reverse Address Resolution Protocol RARP 903 Bootstrap Protocol BOOTP 951 Clarifications...

Page 60: ...ance Disclosure Paper Ver 1 0 January 2013 Page 60 of 61 Printing Description Languages Postscript Language Reference Third Edition PCL6 PCL5C PCL XL class 3 0 emulation TIFF 6 0 JPEG Portable Documen...

Page 61: ...e Disclosure Paper Ver 1 0 January 2013 Page 61 of 61 Appendix E References Kerberos FAQ http www cmf nrl navy mil krb kerberos faq html IP port numbers http www iana org assignments service names por...

Reviews:

No comments

Related manuals for WorkCentre 7220

Oce COLOR SYSTEM 110 Operator'S Manual preview
COLOR SYSTEM 110
Brand: Oce Pages: 392
Xerox Phaser 7800 Installation Manual preview
Phaser 7800
Brand: Xerox Pages: 2
Xerox Phaser 3600 Voluntary Product Accessibility Template preview
Phaser 3600
Brand: Xerox Pages: 11
Xerox CiPress 325 Customer Help Information preview
CiPress 325
Brand: Xerox Pages: 192
Xerox Phaser 6100 Instructions Manual preview
Phaser 6100
Brand: Xerox Pages: 10
Xerox DocuPrint N24 Function Manual preview
DocuPrint N24
Brand: Xerox Pages: 15
Xerox WORKCENTRE 7425 Quick Use Manual preview
WORKCENTRE 7425
Brand: Xerox Pages: 88
Xerox PHASER 8560MFP Supplementary Manual preview
PHASER 8560MFP
Brand: Xerox Pages: 10
Xerox ColorQube 9203 Quick Manual preview
ColorQube 9203
Brand: Xerox Pages: 33
Xerox C123 Copycentre Quick Reference Manual preview
C123 Copycentre
Brand: Xerox Pages: 154
Xerox WorkCentre 5845 Installation And Operation Manual preview
WorkCentre 5845
Brand: Xerox Pages: 14
Oki MB760dnfax Basic Manual preview
MB760dnfax
Brand: Oki Pages: 94
Konica Minolta bizhub C654e Specification & Installation Manual preview
bizhub C654e
Brand: Konica Minolta Pages: 32
Ricoh Aficio SP C730DN User Manual preview
Aficio SP C730DN
Brand: Ricoh Pages: 100
Oki C831dn Safety And Warranty Manual preview
C831dn
Brand: Oki Pages: 48
Xerox WorkCentre 7200 series Specifications preview
WorkCentre 7200 series
Brand: Xerox Pages: 12
Konica Minolta Bizhub 4050i Shortcut Manual preview
Bizhub 4050i
Brand: Konica Minolta Pages: 44
Ricoh RN-MF1 Service Manual preview
RN-MF1
Brand: Ricoh Pages: 162

Brands by name

Popular brands

Load more brands