Xerox Versant 3100 Press Скачать руководство пользователя | Manualshive

Страница: 10 / 45

background image

Xerox® Security Guide for Entry Production Color Class Products

March 2019

Page 2-8

User Data in Transit

This section focuses on the protection of user data (print/scan/other jobs) in transit as they are submitted
to the product for processing and/or are sent from the product to other systems. Additional protections
are also discussed in the

Network Security

section of this document.

Inbound User Data

Print Job Submission

In addition to supporting network level encryption including IPSec and WPA, Xerox products also support
encryption of print job data at the time of submission. This can be used to securely transmit print jobs
over unencrypted connections or to enhance existing network level security controls.

Encrypted Transport

Description

IPPS (TLS)

Submit print jobs via Secure Internet Printing Protocol. This protocol is
based on HTTP and utilizes the TLS suite to encrypt data.

HTTPS (TLS)

Securely submit a print job directly to product via the built-in web server.

Xerox Print Stream
Encryption

The Xerox Global Print Driver® supports document encryption when
submitting Secure Print jobs to enabled products. Simply check the box to
Enable Encryption when adding the Passcode to the print job.

Outbound User Data

Scanning to Network Repository, Email, Fax Server

Versant® digital press products support scanning of hardcopy documents to external network locations
including file repositories and email and facsimile services. In addition to supporting network level
encryption including IPSec and WPA, Xerox products support the following:

Protocol

Encryption

Description

HTTP

N/A

Unencrypted HTTP protocol

HTTPS (TLS)

TLS

HTTP encrypted by TLS

FTP

N/A

Unencrypted FTP

SFTP (SSH)

SSH

FTP encrypted by SSH

SMBv3

Optional

Encryption may be enabled on a Windows share.
Versant® and ColorPress® products currently support SMB
encryption.

SMBv2

N/A

Unencrypted SMB

SMBv1

N/A

Not used as a transport protocol. Used for network discovery only.

SMTP (email)

S/MIME

The product uses SMTP to transmit data to the email server. Email
authentication, encryption, and signing are supported. Please refer
to the Network Security section of this document for details.

Scanning to User Local USB Storage Product

Scan data is transferred directly to the user’s USB product. Filesystem encryption of user products are
not supported.

«
...
8
9
10
11
12
...
»

Содержание Versant 3100 Press

Страница 1: ...Xerox Security Guide Entry Production Color Presses Versant 2100 3100 Color Digital Press Versant 80 180 Color Digital Press ColorPress Production Press Versant 2100 Press Versant 3100 Press Versant 8...

Страница 2: ...sion 1 0 February 2019 Copyright protection claimed includes all forms and matters of copyrightable material and information now allowed by statutory or judicial law or hereinafter granted including w...

Страница 3: ...CE VALIDATION 3 17 ADDITIONAL NETWORK SECURITY CONTROLS 3 17 4 DEVICE SECURITY BIOS FIRMWARE OS RUNTIME AND OPERATIONAL SECURITY CONTROLS 4 19 FAIL SECURE VS FAIL SAFE 4 19 PRE BOOT SECURITY 4 20 BOOT...

Страница 4: ...uction Color Class Products March 2019 Page 1 2 COLORPRESS 800 1000 800I 1000I 7 35 APPENDIX B SECURITY EVENTS 7 39 XEROX VERSANT 80 180 SECURITY EVENTS 7 39 XEROX VERSANT 2100 3100 SECURITY EVENTS 7...

Страница 5: ...ument is Xerox field personnel and customers concerned with IT security Disclaimer The information in this document is accurate to the best knowledge of the authors and is provided without warranty of...

Страница 6: ...leges can manage the product configuration settings User permissions are configurable through Role Based Access Control RBAC policies described in section 6 Identification Authentication and Authoriza...

Страница 7: ...rt supports the following Walk up users may insert a USB thumb drive to store or retrieve documents for scanning and or printing Versant cannot print from USB not an option from a FAT formatted USB de...

Страница 8: ...upported via optional touch screen user interface or optional dedicated NFC USB dongle Information shared over NFC includes IPv4 address IPv6 address MAC address UUID a unique identifier on the NFC cl...

Страница 9: ...odule TPM The TPM is compliant with ISO IEC 11889 the international standard for a secure cryptoprocessor dedicated to secure cryptographic keys The TPM is used to securely hold the product storage en...

Страница 10: ...encryption when submitting Secure Print jobs to enabled products Simply check the box to Enable Encryption when adding the Passcode to the print job Outbound User Data Scanning to Network Repository...

Страница 11: ...DD See Appendix A Product Security Profiles Models with magnetic HDD See Appendix A Product Security Profiles Print Submission IPPS TLS Supported Supported Supported HTTPS TLS Supported Supported Supp...

Страница 12: ...e device acting as a client to external network services Inbound Listening Services Out Bound Network Client Print Services LPR IPP Raw IP etc Management Services SNMP Web interface WebServices etc In...

Страница 13: ...encryption and authentication at the packet level ColorPress and Versant products support IPSec for both IPv4 and IPv6 protocols Versant 80 180 Press Versant 2100 3100 Press Color 800 100 Press Versan...

Страница 14: ...ts support the latest version TLS 1 2 Versant 80 180 Press Versant 2100 3100 Press Color 800 100 Press Versant 80 Press Versant 180 Press Versant 2100 Press Versant 3100 Press Color 800 1000 Presses C...

Страница 15: ...to the product using a Smart Card For protocols such as HTTPS the printer is the server and must prove its identity to the client Web browser For protocols such as 802 1X the printer is the client and...

Страница 16: ...does not meet this requirement a message appears The message alerts the user that the certificate they are attempting to upload does not meet the key length requirement Versant 80 180 Press Versant 2...

Страница 17: ...0 Presses Color 800i 1000i Presses Email S MIME Versions v3 Not Applicable Not Applicable Digest SHA1 SHA256 SHA384 SHA512 Not Applicable Not Applicable Encryption 3DES AES128 AES192 AES256 Not Applic...

Страница 18: ...milies such as Versant enabling Cisco ISE to automatically detect and profile new Xerox products from the day they are released Customers who use Cisco ISE find that including Xerox products in their...

Страница 19: ...ints contextually Connectivity of Versant and ColorPress devices can be fully managed contextually by Cisco TrustSec TrustSec uses Security Group Tags SGT that are associated with an endpoint s user d...

Страница 20: ...bled IPsec is evaluated first Up to 25 addresses can be enabled for IPv4 and an additional 25 for IPv6 Addresses include IP and subnet allowing individual system or subnets to be enabled A system admi...

Страница 21: ...mware is verified against a whitelist using cryptographic hashing Event Monitoring Logging The Audit Log feature records security related events Continuous Operational Security Firmware and Diagnostic...

Страница 22: ...tion is used to protect the system user data and configuration including security settings from being retrieved or modified Each device uses its own unique key that is securely generated Encryption is...

Страница 23: ...l Service Details Xerox products are serviced by a tool referred to as the Portable Workstation PWS Only Xerox authorized service technicians are granted access to the PWS Customer documents or files...

Страница 24: ...oducts March 2019 Page 5 22 Configuration Security Policy Management Solutions Xerox Device Manager and Xerox CentreWare Web available as a free download centrally manage Xerox Devices For details ple...

Страница 25: ...ColorPress and Versant devices support the following authentication modes Local Authentication Network Authentication Smart Card Authentication CAC PIV SIPR Net Convenience Authentication Local Authen...

Страница 26: ...sing the XCP Plug in architecture and a Smart Card authentication solution created by 90meter under contract for Xerox Details regarding 90meter can be found online here http www 90meter com Other Sma...

Страница 27: ...support various workflows as well as security needs User permissions include security related permissions and non security related workflow permissions e g walkup user options copy scan paper selecti...

Страница 28: ...erabilities in Xerox software and hardware It can be downloaded from this page http www xerox com information security information security articles whitepapers enus html Additional Resources Below ar...

Страница 29: ...Xerox Security Guide for Entry Production Color Class Products March 2019 Page 7 27 Appendix A Product Security Profiles This appendix describes specific details of each Versant and ColorPress product...

Страница 30: ...letely by a system administrator Front Panel Optional USB2 0 Type A port s Users may insert a USB thumb drive to print from or store scanned files to Physical security of this information is the respo...

Страница 31: ...Integrated Circuit soldered to circuit board HDD Magnetic Hard Disk Drive SSD Solid State Disk SD Card Secure Digital Card Controller Non Volatile Memory Size Type Use User Modifiable How to Clear Vo...

Страница 32: ...ogram and work area N SDRAM is erased when machine is powered off Yes 64MB SDRAM ESS PWBA Temporary storage of program and work area N SDRAM is erased when machine is powered off Yes 1Gbit SDRAM page...

Страница 33: ...0 Type A USB target connector used for printing Xxxx Not possible on Versant or CP1000 Note This port can be disabled completely by a system administrator Front Panel Optional USB2 0 Type A port s Us...

Страница 34: ...rd HDD Magnetic Hard Disk Drive SSD Solid State Disk SD Card Secure Digital Card Controller Non Volatile Memory Size Type Use User Modifiable How to Clear Volatile 8MB Flash MCU PWBA Permanent storage...

Страница 35: ...SDRAM MCU PWBA Temporary storage of variables N SRAM is erased when machine is powered off Yes 4Gbit DRAM SYSTEM MEMORY DIMM Temporary storage of program and work area N SDRAM is erased when machine i...

Страница 36: ...M ESS PWBA Temporary storage of program and work area N SDRAM is erased when machine is powered off Yes 1Gbit SDRAM page memory Temporary storage of variables N SRAM is erased when machine is powered...

Страница 37: ...print on those printer from USB Note This port can be disabled completely by a system administrator Front Panel Optional USB2 0 Type A port s Users may insert a USB thumb drive to print from or store...

Страница 38: ...hardware ID system settings realtime control parameters print job control state performance log information usage counters No Content can be initialized to factory default values Yes Additional Inform...

Страница 39: ...ues No Additional Information The controller operating system memory manager allocates memory dynamically between OS running processes and temporary data which includes jobs in process When a job is c...

Страница 40: ...ta Contains machine specific data hardware ID system settings real time control parameters print job control state performance log information usage counters Contains machine specific data System Admi...

Страница 41: ...to KO authentication failures Detection of unauthorized access 0x0301 Change of Audit Policy Enabling of audit log management function Disabling of audit log management function 0x0401 Job Completion...

Страница 42: ...ess deletion Address change Uploading from remote client Whole address book Downloading to remote client Whole address book Deletion of all addresses Downloading to remote client Whole address book 0x...

Страница 43: ...ement function 0x0401 Job Completion Print Copy Scan Fax Mailbox Report Flow Service Jobs other than the above 0x0501 Change view of Device Setting Change of date time setting local time User registra...

Страница 44: ...ion Color Class Products March 2019 Page 7 42 0x0701 Change Restoration of Device Configuration Replacement of important parts Detection of HDD replacement Change of ROM version 0x0801 Communication R...

Страница 45: ...Xerox Security Guide for Entry Production Color Class Products March 2019 Page 7 43 ColorPress Security Events ColorPress utilizes Windows Event Logging which is outside the scope of this document...

Отзывы:

Нет отзывов

Похожие инструкции для Versant 3100 Press

Бренд: Canon Страницы: 29

PIXMA MX410 Series

Бренд: Canon Страницы: 46

Бренд: Canon Страницы: 65

Бренд: Canon Страницы: 4

Бренд: Canon Страницы: 2

Бренд: Canon Страницы: 2

Sure shot 80 tele

Бренд: Canon Страницы: 39

BJC6500 - BJC 6500 Color Inkjet Printer

Бренд: Canon Страницы: 6

Бренд: Canon Страницы: 20

imagePROGRAF iPF6450

Бренд: Canon Страницы: 35

PIXMA MX340 Series

Бренд: Canon Страницы: 11

PIXMA MX340 Series

Бренд: Canon Страницы: 16

imagePROGRAF iPF6300S

Бренд: Canon Страницы: 12

Бренд: Canon Страницы: 19

Бренд: Canon Страницы: 101

iP4700 - PIXMA Color Inkjet Printer

Бренд: Canon Страницы: 28

Бренд: Canon Страницы: 2

Бренд: Canon Страницы: 35

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды