Secure Installation of Your WorkCentre™ 5030/5050
Purpose and Audience
This
document provides information on the secure installation and operation of a WorkCentre™ 5030/5050 Multifunction
System. All customers, but particularly those concerned with secure installation and operation of these machines, should follow
these guidelines.
Overview
This document lists some important customer information and guidelines that will ensure that your WorkCentre™ 5030/5050
Multifunction System is operated and maintained in a secure manner.
Background
The WorkCentre™ 5030/5050 Multifunction System is currently undergoing Common Criteria evaluation. The information
provided here is consistent with the security functional claims made in the Security Target. Upon completion of the evaluation,
the Security Target will be available from the Common Criteria Consumer’s website
(www.commoncriteriaportal.org/public/consumer) list of evaluated products or from your Xerox representative.
Details
For secure installation, setup and operation of a WorkCentre™ 5030/5050 Multifunction System please follow these guidelines:
1.
Change the Tools password as soon as possible. Reset the Tools password periodically.
Xerox recommends that you (1) set the Tools password to a minimum length of eight digits and (2) change the Tools
password once a month. For directions on how to change the Tools password select either the:
•
Reference
Æ
Machine Tools
Æ
Password
tabs in the System Administration (SA) CD
1
or
•
Tutorials
Æ
Machine Administration
Æ
Accessing Tools Pathway
tabs in the User’s Guide
2
.
The only allowable characters from the machine keyboard that can be used for the Tools password are the following: digits
‘0’ through ‘9’, ‘#’ and ‘*’
2.
For customers concerned about document files on the network controller hard disk drive, the Image Overwrite Security
(IOS) option containing the Immediate Image Overwrite and On Demand Image Overwrite security features must be
purchased and properly configured, installed and enabled. Please follow the applicable instructions in the
Installation
Æ
Options
Æ
Installation
tab in the System Administration (SA) CD
1
for proper installation and enablement of Immediate
Image Overwrite and On Demand Image Overwrite.
Notes:
•
Immediate Image Overwrite, once enabled, automatically overwrites the image data created by a print or scan job on
the Network Controller Hard Disk. The machine will only print jobs with valid print types (Postscript, PCL, TIFF, text of
PDF). An illegal print job of any other type will not be printed. However, Immediate Image Overwrite will attempt to
execute for an illegal print job. This could result in an erroneous ‘unsuccessful’ Immediate Image Overwrite status in
the Complete Job Log for the job in question.
•
The following could result in an erroneous ‘unsuccessful’ Immediate Image Overwrite status reported in the Complete
Job Log for the job in question – (1) canceling of either a legal or illegal print job from a remote client, if done quickly
after submission, (2) closing the connection to Port 9100 without sending any data through the port could result in an
erroneous ‘unsuccessful’ Immediate Image Overwrite status in the Complete Job Log or (3) cancelling at the Local
User Interface (Local UI) a secure print, delayed print or print job held for any other reason.
•
Immediate Image Overwrite of a delayed print job will not occur until after the machine has printed the job.
•
If an Immediate Image Overwrite fails, an informational Immediate Image Overwrite Error screen will appear on the
graphical user interface on the WorkCentre™ 5030/5050 Multifunction System machine. This screen tells the user that
(1) an Immediate Image Overwrite in the network controller has failed for a completed job, (2) the System
Administrator should be notified that this error has occurred, and (3) an On Demand Image Overwrite should be run.
The user closes this informational screen by pressing the Confirm button.
•
If there is a power failure or system crash of the network controller while processing a large print job, residual data
might still reside on the Network Controller hard drive. In that case an error sheet will be printed indicating that there
is an Immediate Overwrite Failure and requesting that an On Demand Image Overwrite be run.
•
On Demand Image Overwrite, once enabled, is manually invoked. Follow the instructions in the
Installation
Æ
Options
Æ
Installation
Æ
On Demand Image Overwrite
tab in the SA CD
1
for invoking an On Demand Image
Overwrite from either the Local User Interface or the Web User Interface (WebUI).
Before invoking On Demand
Image Overwrite verify that (1) there are no active or pending print or scan jobs, (2) after a power on of the machine
all subsystems must be properly synced and the Configuration Report must have printed, (3) for any previously
1
WorkCentre 5030/5050 System Administration CD1, Document Number 538E11390
2
WorkCentre 5030/5050 Training and Information CD2, Document Number 538E11400
