Security
74
ColorQube 9301/9302/9303 Multifunction Printer
System Administrator Guide
FIPS 140-2
You can enable the printer to check the current configuration to ensure that transmitted and stored data
is encrypted as specified in Government Standard FIPS 140-2 (Level 1). If FIPS 140-2 encryption is
required, all computers, serves, browser software, security certificates, and applications must comply with
the standard or operate in FIPS-compliant mode.
To allow the printer to use non-FIPS compliant protocols or features when FIPS 140 mode is enabled,
acknowledge the notification of non-compliance during the validation process.
Note:
Enabling FIPS 140 Mode can prevent the printer from communicating with network devices
that communicate using protocols that do not use FIPS-compliant encryption algorithms.
When non-FIPS compliant protocols, such as SNMPv3 or NetWare, are enabled after FIPS mode is
enabled, a message appears indicating the protocols use non-FIPS compliant encryption algorithms.
When you enable FIPS-140 mode, the printer validates the current configuration by performing the
following checks:
Validates certificates for features where the printer is the server in the client-server relationship. An
SSL certificate for HTTPS is an example.
Validates certificates for features where the printer is the client in the client-server relationship. CA
certificates for LDAP, Xerox Extensible Interface Platform (EIP), and SMart eSolutions are examples.
Validates certificates that are installed on the printer, but not used. Certificates for HTTPS, LDAP, or
SNMPv3 are examples.
Checks features and protocols for non-compliant encryption algorithms. For example, NetWare and
SNMPv3 use encryption algorithms that are not FIPS-compliant.
When validation is complete, information and links appear in a table at the bottom of the page.
Click the appropriate link to disable a non-compliant feature, or protocol.
Click the appropriate link to replace any non-compliant certificates.
Click the appropriate link to acknowledge that you allow the printer to use non-compliant features
and protocols.
Enabling FIPS 140 Mode and Checking for Compliance
1.
In CentreWare Internet Services, click
Properties
>
Security
>
Encryption
.
2.
Click
FIPS 140-2
.
3.
Click
Enable
.
4.
Click
Run Configuration Check and Apply
.
A pass or fail message appears:
If the configuration check passes, click
Reboot Machine
to save and restart the printer.
If the configuration check fails, the reasons for the failed test list in a table at the bottom of the
page. For each reason, a link is provided. Click the appropriate link to disable the protocol,
replace the certificate, or allow the printer to use the non-compliant protocol.