Xerox® Security Guide for Light Production Mono Class Products
3 Network Security
Xerox products are designed to offer a high degree of security and flexibility in almost any network
environment. This section describes several aspects of the product related to network security.
TCP/IP Ports & Services
Xerox devices are robust, offering support for a wide array of services and protocols. The devices are
capable of hosting services as well as acting as a client for others. The diagram below presents a high-
level overview of inbound communications (from other hosts on the network into listening services on the
device) and outbound connections initiated by the device (acting as a client to external network services).
Inbound (Listening Services)
Out Bound (Network Client)
Print Services
LPR, IPP, Raw IP, etc.
Management Services
SNMP, Web interface, WebServices,
etc.
Infrastructure & Discovery Services
IPSEC, SSDP, WSD, mDNS,
NetBIOS, etc.
Built-in Scan Services
FTP, HTTP & HTTPS (TLS), SFTP
(SSH), SMB, CIFS, SMTP &
SMTPS, POP3 & POPS, etc.
Authentication Services
LDAP & LDAPS, SMB, Kerberos.
Infrastructure
ISAKMP (IPSec), DHCP & DHCPv6,
etc.
Cloud Services
Dropbox, Google Drive, OneDrive,
and several others.
Listening services (inbound ports)
The following table summarizes all potentially open ports on the product. These ports can be
enabled/disabled within the product configuration.
Port
Type
Service Name
20
TCP
• FTP data (Active) - Client -
20
TCP
• FTP data (FreeFlow)
21
TCP
• FTP – Client -
21
TCP
• FTP data (FreeFlow)
25
TCP
• SMTP
53
TCP/UDP
• DNS – Client -
67
UDP
• BOOTP/DHCP – Client
80
TCP
• HTTP(CWIS)
80
TCP
• HTTP(UPnP Discovery)