manualshive.com logo in svg

Xerox CX PRINT SERVER 550, Дополнительное руководство, Страница: 10 / 64

Поделиться
Скачать
Xerox CX PRINT SERVER 550 Скачать руководство пользователя страница 10

10

 

For Optimal Performance of the Security 
features 

The manager (of the organization that the machine is used for) needs to follow the instructions below: 

 

Assign appropriate persons as system and machine administrators, and manage and train them properly. 

 

The manager and system administrators have to train users about the security policies and procedures of their 

organization. 

 

The machine have to be placed in a secure or monitored area that provides protection from unmanaged 

physical access to the machine. 

 

If the network where the machine is installed is to be connected to external networks, configure the network 

properly to block any unauthorized external access. 

 

The users have to set a user ID and a passcode certainly on accounting configuration of printer driver. 

 

Users and administrators have to set passcodes and encryption key according to the following rule for the 

client PC login and the machine’s setup. 

Do not use an easily guessed character strings passcode. 

A passcode has to contain both numeric and alphabetic characters. 

 

Users and administrators have to manage and operate it so that own user ID and passcode may not be 

disclosed to another person. 

 

Administrators have to set the account policy in the remote authentication server as follows. 

Set password policy to [9 or more characters] 

Set account lockout policy to [5 times] 

 

For secure operation, all of the remote trusted IT products that communicate with the machine implement the 

communication protocol in accordance with industry standard practice with respect to RFC/other standard 

compliance (SSL/TLS, IPSec, SNMPv3, S/MIME ) and work as advertised. 

 

The settings described below are required same as the machine’s configuration. 

1.)

 

SSL/TLS 

Set the SSL client (WEB browser) and SSL server that communicate with the machine as following data 

encryption suite 

SSL_RSA_WITH_RC4_128_SHA 

SSL_RSA_WITH_3DES_EDE_CBC_SHA 

TLS_RSA_WITH_AES_128_CBC_SHA 

TLS_RSA_WITH_AES_256_CBC_SHA 

  (Specifically, the recommended browser is Microsoft internet Explorer 6/7/8, Mozilla Firefox 2.x/3.x ) 

2.)

 

S/MIME 

Set the machine and E-mail clients as following Encryption Method/Message Digest Algorithm. 

RC2 (128bit )/SHA1 

3Key Triple-DES (168bit )/SHA1 

Содержание CX PRINT SERVER 550

Страница 1: ...Xerox Color 550 560 Printer Security Function Supplementary Guide Version 1 0 April 2011...

Страница 2: ...ring the System Administration mode 13 Use Passcode Entry from Control Panel 13 Change the System Administrator s Passcode 13 Set Maximum Login Attempts 14 Set Service Rep Restricted Operation 14 Set...

Страница 3: ...tication Login to Local Accounts 29 Remote Authentication Login to Remote Accounts 29 Functions Controlled by Authentication 30 Authentication for Folder 32 Types of Folder 32 Operation Using Control...

Страница 4: ...scode by System Administrator Using CentreWare Internet Services 51 Problem Solving 52 Fault Clearance Procedure 52 Fault Codes 53 Security Xerox 61 Appendix 62 Copyright 2011 by Fuji Xerox Co Ltd All...

Страница 5: ...ser Guide Version 1 0 August 2010 701P50979_en The security features of the Xerox Color 550 560 Printer is supported by the following ROM versions Controller ROM Ver 1 203 1 IOT ROM Ver 62 23 0 IIT RO...

Страница 6: ...The System Administrator Passcode Change the default passcode 1111 to another passcode of 9 or more characters Maximum Login Attempts Default 5 Times Service Rep Restricted Operation Set to On and th...

Страница 7: ...special setting by System Administrator When you set Data Encryption On again enter an encryption key of 12 characters Data Restoration The enciphered data cannot be restored in the following conditio...

Страница 8: ...e form overlay feature Folder and job flow sheet settings Folder name passcode etc Files in Folder Address book data Important Be sure to save all necessary settings and files before starting to use t...

Страница 9: ...may remain on the hard disk The overwriting operation will resume if you power the machine on again with the unfinished files remaining on the hard disk Service Representative Restricted Operation Sp...

Страница 10: ...to contain both numeric and alphabetic characters Users and administrators have to manage and operate it so that own user ID and passcode may not be disclosed to another person Administrators have to...

Страница 11: ...browser communicate directly without Proxy server and you can prevent man in the middle attacks Confirm the Machine ROM version and the System Clock Before initial settings the System Administrator Ma...

Страница 12: ...Machine Status button on the control panel 5 Select Tools on the touch screen 6 Select System Settings 7 Select Common Service Settings 8 Select Machine Clock Timers You can Check the time and date o...

Страница 13: ...panel 7 Select Tools Use Passcode Entry from Control Panel 1 Select Authentication Security Settings on the Tools screen 2 Select Authentication 3 Select Passcode Policy 4 On the Passcode Policy scree...

Страница 14: ...rvice Rep Restricted Operation 5 Select Change Settings 6 Select On 7 Select Maintenance Passcode 8 Select New Passcode 9 Enter a new passcode of 9 or more characters using the keyboard displayed and...

Страница 15: ...0 Enter the same passcode and then select Save 11 Select Save 12 Select Yes to make the change 13 Select Yes to Reboot Set Authentication 1 Select Authentication Security Settings on the Tools screen...

Страница 16: ...h item 15 To exit the Access Control screen select Close Set Private Print 1 Select Authentication Security Settings on the Tools screen 2 Select Authentication 3 Select Charge Private Print Settings...

Страница 17: ...irect Fax Note When remote authentication is used use the following procedure to set Direct Fax to Disabled 1 Select System Settings on the Tools screen 2 Select Fax Service Settings 3 Select Fax Cont...

Страница 18: ...Test 5 Select On 6 Select Save 7 To exit the Maintenance screen select Close 8 Select Reboot now on the confirmation screen Set Software Download 1 Select System Settings on the Tools screen 2 Select...

Страница 19: ...ns 1 Open your Web browser and enter the TCP IP address of the machine in the Address or Location field press the Enter key at Your Workstation 2 Enter the System Administrator s ID and passcode if pr...

Страница 20: ...up Entries should be in base DN format for instance cn admin cn users dc xerox dc com You can also place restrictions on the use of the Copy Fax Scan Print and other features by enter a name for the g...

Страница 21: ...the Retype Password 6 Click the Import Set IPSec Note Before setting Digital Signature for IKE Authentication Method you will have to import an IPSec certificate according to same procedure as Config...

Страница 22: ...NMP v1 v2c Protocols box 6 Click the Apply 7 Click the Edit SNMPv3 Properties and check the Account Enabled for Administrator Account 8 Enter a new Authentication Password minimum 8 characters 9 Enter...

Страница 23: ...ertificate Purpose 8 Click the Display the list and check a desirable Certificate 9 Click the Certificate Details 10 Click the Use this certificate 11 Click SSL TLS Settings 12 Check the Enabled box f...

Страница 24: ...ly 5 Click the Reboot Machine Important Allows the user to pause an active copy print scan or Embedded Fax job while it is being processed by the machine But only system administrators can cancel the...

Страница 25: ...stored When the number of recorded events exceeds 15 000 the oldest audit log file is overwritten and a new audit event is stored There is no deletion function Set Audit Log 1 Open your Web browser a...

Страница 26: ...26 2 Supply the Administrator ID and Password when prompted 3 Click the Properties tab 4 Click Audit Log 5 Click Export as text file...

Страница 27: ...occurrence Also when Self Test function is set at initiation The machine calculates the checksum of Controller ROM to confirm if it matches the specified value and displays an error on the control pan...

Страница 28: ...ure restricts operations according to the user type Machine Administrator Authenticated Users with System Administrator Privileges Authenticated Users with no System Administrator Privileges Unauthent...

Страница 29: ...o are not registered with the machine An Unauthenticated User cannot use services that are restricted Local Machine Authentication Login to Local Accounts Local machine authentication uses the user in...

Страница 30: ...ow Sheets and Folder Local Access Direct operation of the machine from the control panel is called Local Access The functions restricted by Local Access are as follows Device Access All Services Pathw...

Страница 31: ...ure use the print driver to set account information such as user ID and passcode If verification using account information fails for a print job the print data will be either saved in the machine or d...

Страница 32: ...low sheets in the System Administration mode is recommended NOTE For Folder and job flow sheets Authenticated Users who are given the System Administrator privileges have the same access level as Auth...

Страница 33: ...Job Flow Sheet Display O O X Link X O X Auto Run O O X Manual Run O O X Folder Operation Machine Administrator Shared by Machine Administrator Personal Create O X Display O O Delete O O Change Setting...

Страница 34: ...e for operation depending on changes made to the authentication status are linked to a Folder you can still use them except for changing copying them If you release the link the job flow sheet will no...

Страница 35: ...ticated interrupt mode User B login job complete User B logout cancel the interrupt mode Note Before enter the User ID and password please select Registered User or System Administrator when remote au...

Страница 36: ...Settings E mail Address Allows you to enter the E mail address The specified address is the sender s address displayed on the E mail screen Enter up to 128 characters NOTE The E mail Address button a...

Страница 37: ...ode Authenticate by the procedure as described User Authentication 1 Select User Details Setup 2 Select Change Passcode 3 Enter the Current Passcode and select Next 4 On the Change Passcode screen Sel...

Страница 38: ...confirmation window appears Select Delete job to cancel the job completely Deleting the sending Job Scan Fax and receiving job Fax 1 On the control panel press Job Status button The Active Jobs tab di...

Страница 39: ...uired settings 3 Select Close Files Retrieved By Client Specifies when and how to delete files in Folder after they are retrieved Print Delete Confirmation Screen Specifies whether to display a confir...

Страница 40: ...a stored file from following menu Date Time Oldest File Date Time Newest File File Name Ascending File Name Descending Create Folder This feature allows users to create Folder for saving confidential...

Страница 41: ...nt or delete files in the private Folder displayed on the Send from Folder screen Some Folders however may require you to enter a passcode depending on the operation you attempt Private Folder created...

Страница 42: ...42 Select All Selects all the files in the Folder so that you can print or delete them all at once Print Prints the selected file s Delete Deletes the selected file s...

Страница 43: ...rivate Charge Print on the Secure Print Jobs More screen NOTE If you entered the screen with System Administrator s ID a list of authentication user IDs will be displayed Select the desired user ID fr...

Страница 44: ...CentreWare Internet Services can be used to check each job and the machine status or change the network settings NOTE This service must be installed and set up by the System Administrator prior to us...

Страница 45: ...xxx IPv6 http xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx If a port number is set append it to the IP address or Internet address as follows In the following example the port number is 80 URL http vvv xxx...

Страница 46: ...ead to head or head to toe Output Color Allows you to set whether to print in color or in monochrome Output Destination Allows you to select output trays from the drop down menu Paper Paper Supply All...

Страница 47: ...r the Folder Folder Number Displays the Folder numbers Clicking the number of a registered Folder displays the Folder List of Files page for the Folder Folder Name Displays the names of Folders Clicki...

Страница 48: ...Format Specify the file format to be used when retrieving the page Print File Paper Supply Select the paper tray to be used to print the selected file Output Destination Select the output tray Quantit...

Страница 49: ...plays the passcode to the Folder To change the passcode enter it with up to 20 characters Leave the text box blank if not setting a passcode Retype Passcode Re type the passcode for verification Check...

Страница 50: ...tem Administrators to delete the active print jobs 1 Click Jobs tab on the Main Panel of the home page 2 Select the desired job on the Active Jobs screen 3 Click the Delete button 4 A confirmation win...

Страница 51: ...the machine in the Address or Location field Press the Enter key 2 Enter System Administrator s ID and passcode if prompted 3 Click the Properties tab 4 Click Security 5 Click Authentication Configura...

Страница 52: ...animated graphics and clear the fault in the order specified Also refer to the fault codes displayed on the touch screen in the Machine Status mode Refer to Fault Codes table on below for an explanati...

Страница 53: ...Support Center 016 402 Cause The authentication connection timed out Remedy Confirm the network connection and switch setting of the authentication device physically connected to the machine via a net...

Страница 54: ...server to a valid one You can clear this error by selecting Disabled for LDAP SSL TLS Communication under SSL TLS Settings on the machine however note that selecting this option does not ensure the v...

Страница 55: ...y The network cables are plugged in securely 016 577 Cause Unable to connect to the FTP service of the destination server Remedy Take one of the following actions Check if the FTP service of the serve...

Страница 56: ...it manually then retry executing the job 016 587 Cause The machine failed to transfer data using FTP of the Scan to PC feature because folder deletion was not successful on the FTP server after connec...

Страница 57: ...d folder does not exist Remedy Create a new folder or specify an existing folder 016 764 Cause Unable to connect to the SMTP server Remedy Consult the SMTP server administrator 016 765 Cause Unable to...

Страница 58: ...ec certificate is not set when Authentication Method is set to Digital Signature Remedy Check the IPSec settings and enable IPSec again When Authentication Method is set to Preshared Key set the passw...

Страница 59: ...active status of the target server Check whether the server name has been correctly set for LDAP Server Directory Service Settings under Remote Authentication Server Directory Service 018 782 018 783...

Страница 60: ...ate Remedy Ask the sender to send the e mail with a valid S MIME certificate 027 713 Cause The received e mail has been discarded because it might be altered on its transmission route Remedy Tell the...

Страница 61: ...61 Security Xerox For the latest information on security and operation concerning your device see the Xerox Security Information website located at www xerox com security...

Страница 62: ...thentication Security Settings Overwrite Hard Disk On Set Scheduled Image Overwrite Authentication Security Settings Overwrite Hard Disk Scheduled Image Overwrite Security On Demand Overwrite Schedule...

Страница 63: ...erberos Server Set SSL TSL System Settings Connectivity Network Setup Security Settings SSL TLS Settings Security SSL TLS Settings Off Configuring Machine Certificates Security Machine Digital Certifi...

Страница 64: ...Setting System Settings Stored File Setting Create Folder Setup Menu Create Folder Scan Tab Folder Create Change User Passcode by System Administrator Authentication Security Settings Authentication...

Отзывы:

Нет отзывов