manualshive.com logo in svg

Xerox WORKCENTRE 7755, Information Manual

The Xerox WORKCENTRE 7755 is an advanced multifunction printer capable of delivering high-quality prints with efficient performance. To make the user experience seamless, a comprehensive "Quick Use Manual" is available for download, providing step-by-step instructions and troubleshooting tips. It's completely free to download from manualshive.com.

Share
Download
background image

XEROX WorkCentre 7755/7765/7775 Information Assurance Disclosure Paper

 

 

 17 

Ver. 1.01, April 2010 

        

Page 

 17 of 40 

2.8.2.11.

 

Port 427, SLP 

When activated, this port is used for service discovery and advertisement.  The device will advertise itself as a printer and 
also listen for SLP queries using this port.  It is not configurable.  This port is explicitly enabled / disabled in the Properties tab 
of the device’s web pages. 

2.8.2.12.

 

Port 443, SSL 

This is the default port for Secure Sockets Layer communication.  This port can be configured via the device’s web pages.  
SSL must be enabled before setting up either SNMPv3 or IPSec or before retrieving the audit log (see Sec. 4.1).  SSL must 
also be enabled in order to use any of the Web Services (Scan Template Management, Automatic Meter Reads, or Network 
Scanning Validation Service). 
SSL should be enabled so that the device can be securely administered from the web UI.  If the optional scanning feature 
has been purchased, SSL can be used to secure the filing channel to a remote repository. 
SSL uses X.509 certificates to establish trust between two ends of a communication channel.  When storing scanned images 
to a remote repository using an https: connection, the device must verify the certificate provided by the remote repository.  
A Trusted Certificate Authority certificate should be uploaded to the device in this case. 
To securely administer the device, the user’s browser must be able to verify the certificate supplied by the device.  A 
certificate signed by a well-known Certificate Authority (CA) can be downloaded to the device, or the device can generate a 
self-signed certificate.  In the first instance, the device creates a Certificate Signing Request (CSR) that can be downloaded 
and forwarded to the well-known CA for signing.  The signed device certificate is then uploaded to the device.  Alternatively, 
the device will generate a self-signed certificate.  In this case, the generic Xerox root CA certificate must be downloaded 
from the device and installed in the certificate store of the user’s browser. 
The device supports only server authentication. 

2.8.2.13.

 

Port 515, LPR 

This is the standard LPR printing port, which only supports IP printing.  It is a configurable port, and may be explicitly 
enabled or disabled in User Tools via the Local User Interface or in the Properties tab of the device’s web pages. 

2.8.2.14.

 

Port 631, IPP 

This port supports the Internet Printing Protocol.  It is not configurable. This is disabled when the http server is disabled. 

2.8.2.15.

 

Port 1900, SSDP 

This port behaves similarly to the SLP port.  When activated, this port is used for service discovery and advertisement.  The 
device will advertise itself as a printer and also listen for SSDP queries using this port.  It is not configurable.  This port is 
explicitly enabled / disabled in the Properties tab of the device’s web pages. 

2.8.2.16.

 

Port 3003, http/SNMP reply 

This port is used when the http server requests device information.  The user displays the Web User Interface (WebUI) and 
goes to a page where the http server must query the device for settings (e.g. Novell network settings).  The http server 
queries the machine via an internal SNMP request (hence this port can only open when the http server is active).  The 
machine replies back to the http server via this port.  It sends the reply to the loopback address (127.0.0.0), which is 
internally routed to the http server.  This reply is never transmitted on the network.  Only SNMP replies are accepted by this 
port, and this port is active when the http server is active (i.e. if the http server is disabled, this port will be closed).  If 
someone attempted to send an SNMP reply to this port via the network, the reply would have to contain the correct 
sequence number, which is highly unlikely, since the sequence numbers are internal to the machine.  

2.8.2.17.

 

Port 9100, raw IP 

This allows downloading a PDL file directly to the interpreter.  This port has limited bi-directionality (via PJL back channel) 
and allows printing only. This is a configurable port, and may be disabled in either (1) User Tools via the Local User 
Interface, or (2) in the Properties tab of the device’s web pages. 

2.8.3.

 

IP Filtering 

The devices contain a static host-based firewall that provides the ability to prevent unauthorized network 
access based on IP address and/or port number.  Filtering rules can be set by the SA using the WebUI.  An 
authorized SA can create rules to (Accept / Reject / Drop) for ALL or a range of IP addresses.  In addition to 
specifying IP addresses to filter, an authorized SA can enable/disable all traffic over a specified transport 
layer port.

Summary of Contents for WORKCENTRE 7755

Page 1: ...Information Assurance Disclosure Paper Xerox WorkCentre 7755 7765 7775 Multifunction Systems Information Assurance Disclosure Paper Version 1 0 Prepared by Larry Kovnat Xerox Corporation 1350 Jefferso...

Page 2: ...1 01 April 2010 Page 2 of 40 2010 Xerox Corporation All rights reserved Xerox and the sphere of connectivity design are trademarks of Xerox Corporation in the United States and or other counties Othe...

Page 3: ...of this document is to inform Xerox customers of the design functions and features of the WorkCentre products relative to Information Assurance IA This document does NOT provide tutorial level inform...

Page 4: ...y to connect the copier to a LAN CopyCentre models of these products are available which provide copy only features and do not include a Network Controller Figure 2 1 WorkCentre Multifunction System 2...

Page 5: ...rget Port Foreign Device Interface Scanner Interface UI Physical external Interfaces Power Button Button and TOE internal wiring proprietary Physical external Interface Figure 2 2 TOE System Partition...

Page 6: ...nctions the CC works with the EPC DRAM to enable electronic pre collation sometimes referred to as scan once print many When producing multiple copies of a document the scanned image is processed and...

Page 7: ...e spooling space is dynamically allocated to each job at the job completion this space is de allocated to be available for new images All residual customer data in de allocated space can be overwritte...

Page 8: ...odem T 30 protocol only Foreign Device Interface FDI Allows connection of optional access control hardware accessory not present in evaluated TOE Scanner Proprietary connection between the Scan Module...

Page 9: ...mory and fax modem It connects to the CC via PCI bus The Fax Card is responsible for implementing the T 30 fax protocol and for managing all of the fax specific features of the product The fax telepho...

Page 10: ...ne is comprised of paper supply trays and feeders paper transport laser scanner xerographics and paper output and finishing 2 6 3 Control and Data Interfaces Images and control signals are transmitted...

Page 11: ...pril 2010 Page 11 of 40 IP Filtering is also provided by the kernel Figure 2 7 Network Controller Operating System layer components 2 7 3 Network Protocols Figure 2 3 is an interface diagram depicting...

Page 12: ...XEROX WorkCentre 7755 7765 7775 Information Assurance Disclosure Paper 12 Ver 1 01 April 2010 Page 12 of 40 Figure 2 3 IPv4 Network Protocol Stack...

Page 13: ...and are well behaved protocols There are no Xerox unique additions to these protocols 2 8 1 1 IPSec The device supports IPSec tunnel mode The print channel can be secured by establishing an IPSec asso...

Page 14: ...UDP NETBIOS Name Service 138 UDP NETBIOS Datagram Service SMB filing and Scan template retrieval 139 TCP NETBIOS SMB filing and Scan template retrieval 161 UDP SNMP 162 UDP SNMP trap 389 UDP LDAP 396...

Page 15: ...a proxy server Features that can make use of a proxy server include the Automatic Meter Read feature scanning to a remote repository or retrieving scan templates from a remote template pool 2 8 2 5 P...

Page 16: ...t supporting states Cuba Iran Libya North Korea Sudan and Syria their nationals and other sanctioned entities such as persons listed on the Denied Parties List Xerox provides this information for the...

Page 17: ...figurable port and may be explicitly enabled or disabled in User Tools via the Local User Interface or in the Properties tab of the device s web pages 2 8 2 14 Port 631 IPP This port supports the Inte...

Page 18: ...nts database When the device is set for network authentication the user s network credentials will be used to authenticate the user at the network domain controller User s can be entered into groups c...

Page 19: ...XEROX WorkCentre 7755 7765 7775 Information Assurance Disclosure Paper 19 Ver 1 01 April 2010 Page 19 of 40 Figure 3 1 Authentication and Authorization schematic...

Page 20: ...E mail and Scan to Fax Server The authentication steps are 1 A User enters a user name and password at the device in the Local UI The device sends an authentication request to the Kerberos Server 2 T...

Page 21: ...rver returns the IP Address of the Domain Controller 3 The device sends an authentication request directly to the Domain Controller through the router using the IP address of the Domain Controller 4 T...

Page 22: ...normal user with read only privileges User credentials are not used for this authentication step and are never transmitted over the network Scan to Fax Server The device logs in to the Fax Server as s...

Page 23: ...Network Controller DRAM or Network Controller hard disk However this mode is only used by a CSE if directed by a Field Engineer when all other diagnostics fail to solve a problem The written repair pr...

Page 24: ...the PSW must send the expected synchronization message to the machine 2 The Marking Engine will respond with an acknowledge message containing its serial number 3 The PSW will send a request for Diagn...

Page 25: ...Interface where host discovered Ethernet Token Ring etc Device subnet mask Device IP address Device Media Access Control MAC address The Novell test will NOT collect Print Queue Name Attached to File...

Page 26: ...parated file format The log does not clear when it is disabled and will persist through power cycles The following table lists the events that are recorded in the log Tagged index Event ID Event descr...

Page 27: ...ob Job name User Name Completion Status IIO status Accounting User ID Accounting Account ID Total fax recipient phone numbers fax recipient phone numbers 16 16 ODIO Full started Device name Device ser...

Page 28: ...Status Configured enabled disabled 34 40 SNMPv3 UserName Device name Device serial number Completion Status Configured enabled disabled 35 41 IP Filtering Rules UserName Device name Device serial num...

Page 29: ...he print driver or on the Web UI before a print job is submitted an XSA ID must also be entered The ID is sent to the Network controller for validation If the submitted ID is valid the job will print...

Page 30: ...s common to all WorkCentre models The algorithm for the Image Overwrite feature is Step 1 Pattern 1 is written to the sectors containing temporary files IIO or to the entire spooling area of the disks...

Page 31: ...he user should insure that all scan jobs have been completed before invoking ODIO Please refer to the customer documentation for a description on how failures are logged 4 5 3 Overwrite Timing The ODI...

Page 32: ...r 32 Ver 1 01 April 2010 Page 32 of 40 5 Responses to Known Vulnerabilities 5 1 Security Xerox www xerox com security Xerox maintains an evergreen public web page that contains the latest security inf...

Page 33: ...NS Dynamic Domain Name Server Maps host names to dynamic static IP addresses DRAM Dynamic Random Access Memory EGP Exterior Gateway Protocol EPC Electronic PreCollation GB Gigabyte HP Hewlett Packard...

Page 34: ...re Board Assembly PSW Portable Service Workstation PWS alternative acronym for Portable Service Workstation RFC Required Functional Capability ROM Read Only Memory ROS Raster Output Scanner SA System...

Page 35: ...nce can only support 0 or 3 for more than 1 sheet for prtInputCurrentLevel will be considered a caveat denoted as C 6 The Printer MIB requires a few groups from RFC 1213 and RFC 1514 to be supported T...

Page 36: ...y Buffer group 2 objects supported w caveats limited local UI messaging captured within table C local UI button selection messages are not captured within table Console Display Light group 5 objects s...

Page 37: ...View etc shareware program supported New type 2 enumerations from next generation Host Resources MIB supported optional not support because Host Resources MIBv2 has NOT entered the standards track New...

Page 38: ...works 894 Standard for the transmission of IP datagrams over IEEE802 networks 1042 ICMP ICMP Echo ICMP Time ICMP Echo Reply and ICMP Destination Unreachable message 792 Reverse Address Resolution Prot...

Page 39: ...of 40 Function RFC Standard Document Printing Application DPA 10175 Appletalk Inside Appletalk Second Edition Printing Description Languages Postscript Language Reference Third Edition PCL6 PCL5E 5SI...

Page 40: ...Information Assurance Disclosure Paper 40 Ver 1 01 April 2010 Page 40 of 40 6 4 Appendix E References Kerberos FAQ http www nrl navy mil CCS people kenh kerber os faq html IP port numbers http www ia...

Reviews:

No comments

Related manuals for WORKCENTRE 7755

QMS 1660 Operation preview
1660
Brand: QMS Pages: 122
QMS 1660 Reference Manual preview
1660
Brand: QMS Pages: 306
Canon RP10 User Manual preview
RP10
Brand: Canon Pages: 37
Xerox WORKCENTRE 5050 Quick Reference Manual preview
WORKCENTRE 5050
Brand: Xerox Pages: 186
Oki C650/ES6450 Basic Operation Manual preview
C650/ES6450
Brand: Oki Pages: 180
Xerox ColorQube 87 Series Manual preview
ColorQube 87 Series
Brand: Xerox Pages: 32
Radio Shack Line Printer VIII Hardware Manual preview
Line Printer VIII
Brand: Radio Shack Pages: 54
Citizen iDP-3535 Service Manual preview
iDP-3535
Brand: Citizen Pages: 37
Konica Minolta bizhub C308 Quick User Manual preview
bizhub C308
Brand: Konica Minolta Pages: 4
DPM DS40 Setup Manual preview
DS40
Brand: DPM Pages: 2
Citizen Swift 120D User Manual preview
Swift 120D
Brand: Citizen Pages: 44
HEIDELBERG Suprasetter 106 Operation preview
Suprasetter 106
Brand: HEIDELBERG Pages: 91
Skip-Line CP130 User Manual preview
CP130
Brand: Skip-Line Pages: 11
Xerox Phaser 6200 Brochure & Specs preview
Phaser 6200
Brand: Xerox Pages: 4
Epilog Laser Legend 6000 Owner'S Manual preview
Legend 6000
Brand: Epilog Laser Pages: 92
Epson ET-M1170 Series User Manual preview
ET-M1170 Series
Brand: Epson Pages: 133
HPRT POS80G Series Ethernet Manual preview
POS80G Series
Brand: HPRT Pages: 7
HPRT Poooli L1 Quick Start Manual preview
Poooli L1
Brand: HPRT Pages: 28

Brands by name

Popular brands

Load more brands