Xerox WORKCENTRE 7755 Скачать руководство пользователя | Manualshive

Страница: 14 / 40

background image

XEROX WorkCentre 7755/7765/7775 Information Assurance Disclosure Paper

14

Ver. 1.01, April 2010

Page

14 of 40

otherwise insecure protocol. SNMP Traps may not be secure if either the client or the device has just been
rebooted. IP Filtering can be useful to prevent SNMP calls from non-IPSec clients.

Once an IPSec channel is established between two points, it stays open until one end reboots or goes into
power saver,. Only network clients and servers will have the ability to establish an IPSec tunnel with the
machine. Thus device-initiated operations (like scanning) cannot assume the existence of the tunnel unless
a print job (or other client initiated action) has been previously run since the last boot at either end of the
connection.

2.8.2.

Ports

The following table summarizes all potential open ports and subsequent sections discuss each port in more detail.

Default

Port #

Type

Service name

25 TCP SMTP
53 UDP DNS
68 UDP BOOTP/DHCP
80 TCP HTTP
88 UDP Kerberos

110 TCP POP-3

client

137

UDP

NETBIOS- Name Service

138

UDP

NETBIOS-Datagram Service; SMB filing and Scan template retrieval

139

TCP

NETBIOS; SMB filing and Scan template retrieval

161 UDP SNMP
162 UDP SNMP

trap

389 UDP LDAP
396 TCP Netware
427 UDP SLP
443 TCP SSL
515 TCP LPR
631 TCP IPP

1900 UDP SSDP
3003 TCP http/SNMP

reply

9100 TCP raw

IP

Please note that there is no ftp port in this list. ftp is only used to export scanned images and to retrieve Scan Job
Templates, and will open port 21 on the remote device. An ftp port is never open on the Network Controller itself.

2.8.2.1.

Port 25, SMTP

This unidirectional port is open only when Scan to E-mail or Internet Fax (I-Fax) is exporting images to an SMTP server.
SMTP messages & images are transmitted to the SMTP server from the device.

2.8.2.2.

Port 53, DNS

Designating a DNS server will allow the device to resolve domain names. This can be configured via the WebUI.

2.8.2.3.

Port 68, DHCP

This port is used only when performing DHCP, and is not open all of the time. To permanently close this port, DHCP must be
explicitly disabled. This is done in User Tools via the Local User Interface or via the TCP/IP page in the Properties tab on the
WebUI.

2.8.2.4.

Port 80, HTTP

«
...
12
13
14
15
16
...
»

Содержание WORKCENTRE 7755

Страница 1: ...Information Assurance Disclosure Paper Xerox WorkCentre 7755 7765 7775 Multifunction Systems Information Assurance Disclosure Paper Version 1 0 Prepared by Larry Kovnat Xerox Corporation 1350 Jefferso...

Страница 2: ...1 01 April 2010 Page 2 of 40 2010 Xerox Corporation All rights reserved Xerox and the sphere of connectivity design are trademarks of Xerox Corporation in the United States and or other counties Othe...

Страница 3: ...of this document is to inform Xerox customers of the design functions and features of the WorkCentre products relative to Information Assurance IA This document does NOT provide tutorial level inform...

Страница 4: ...y to connect the copier to a LAN CopyCentre models of these products are available which provide copy only features and do not include a Network Controller Figure 2 1 WorkCentre Multifunction System 2...

Страница 5: ...rget Port Foreign Device Interface Scanner Interface UI Physical external Interfaces Power Button Button and TOE internal wiring proprietary Physical external Interface Figure 2 2 TOE System Partition...

Страница 6: ...nctions the CC works with the EPC DRAM to enable electronic pre collation sometimes referred to as scan once print many When producing multiple copies of a document the scanned image is processed and...

Страница 7: ...e spooling space is dynamically allocated to each job at the job completion this space is de allocated to be available for new images All residual customer data in de allocated space can be overwritte...

Страница 8: ...odem T 30 protocol only Foreign Device Interface FDI Allows connection of optional access control hardware accessory not present in evaluated TOE Scanner Proprietary connection between the Scan Module...

Страница 9: ...mory and fax modem It connects to the CC via PCI bus The Fax Card is responsible for implementing the T 30 fax protocol and for managing all of the fax specific features of the product The fax telepho...

Страница 10: ...ne is comprised of paper supply trays and feeders paper transport laser scanner xerographics and paper output and finishing 2 6 3 Control and Data Interfaces Images and control signals are transmitted...

Страница 11: ...pril 2010 Page 11 of 40 IP Filtering is also provided by the kernel Figure 2 7 Network Controller Operating System layer components 2 7 3 Network Protocols Figure 2 3 is an interface diagram depicting...

Страница 12: ...XEROX WorkCentre 7755 7765 7775 Information Assurance Disclosure Paper 12 Ver 1 01 April 2010 Page 12 of 40 Figure 2 3 IPv4 Network Protocol Stack...

Страница 13: ...and are well behaved protocols There are no Xerox unique additions to these protocols 2 8 1 1 IPSec The device supports IPSec tunnel mode The print channel can be secured by establishing an IPSec asso...

Страница 14: ...UDP NETBIOS Name Service 138 UDP NETBIOS Datagram Service SMB filing and Scan template retrieval 139 TCP NETBIOS SMB filing and Scan template retrieval 161 UDP SNMP 162 UDP SNMP trap 389 UDP LDAP 396...

Страница 15: ...a proxy server Features that can make use of a proxy server include the Automatic Meter Read feature scanning to a remote repository or retrieving scan templates from a remote template pool 2 8 2 5 P...

Страница 16: ...t supporting states Cuba Iran Libya North Korea Sudan and Syria their nationals and other sanctioned entities such as persons listed on the Denied Parties List Xerox provides this information for the...

Страница 17: ...figurable port and may be explicitly enabled or disabled in User Tools via the Local User Interface or in the Properties tab of the device s web pages 2 8 2 14 Port 631 IPP This port supports the Inte...

Страница 18: ...nts database When the device is set for network authentication the user s network credentials will be used to authenticate the user at the network domain controller User s can be entered into groups c...

Страница 19: ...XEROX WorkCentre 7755 7765 7775 Information Assurance Disclosure Paper 19 Ver 1 01 April 2010 Page 19 of 40 Figure 3 1 Authentication and Authorization schematic...

Страница 20: ...E mail and Scan to Fax Server The authentication steps are 1 A User enters a user name and password at the device in the Local UI The device sends an authentication request to the Kerberos Server 2 T...

Страница 21: ...rver returns the IP Address of the Domain Controller 3 The device sends an authentication request directly to the Domain Controller through the router using the IP address of the Domain Controller 4 T...

Страница 22: ...normal user with read only privileges User credentials are not used for this authentication step and are never transmitted over the network Scan to Fax Server The device logs in to the Fax Server as s...

Страница 23: ...Network Controller DRAM or Network Controller hard disk However this mode is only used by a CSE if directed by a Field Engineer when all other diagnostics fail to solve a problem The written repair pr...

Страница 24: ...the PSW must send the expected synchronization message to the machine 2 The Marking Engine will respond with an acknowledge message containing its serial number 3 The PSW will send a request for Diagn...

Страница 25: ...Interface where host discovered Ethernet Token Ring etc Device subnet mask Device IP address Device Media Access Control MAC address The Novell test will NOT collect Print Queue Name Attached to File...

Страница 26: ...parated file format The log does not clear when it is disabled and will persist through power cycles The following table lists the events that are recorded in the log Tagged index Event ID Event descr...

Страница 27: ...ob Job name User Name Completion Status IIO status Accounting User ID Accounting Account ID Total fax recipient phone numbers fax recipient phone numbers 16 16 ODIO Full started Device name Device ser...

Страница 28: ...Status Configured enabled disabled 34 40 SNMPv3 UserName Device name Device serial number Completion Status Configured enabled disabled 35 41 IP Filtering Rules UserName Device name Device serial num...

Страница 29: ...he print driver or on the Web UI before a print job is submitted an XSA ID must also be entered The ID is sent to the Network controller for validation If the submitted ID is valid the job will print...

Страница 30: ...s common to all WorkCentre models The algorithm for the Image Overwrite feature is Step 1 Pattern 1 is written to the sectors containing temporary files IIO or to the entire spooling area of the disks...

Страница 31: ...he user should insure that all scan jobs have been completed before invoking ODIO Please refer to the customer documentation for a description on how failures are logged 4 5 3 Overwrite Timing The ODI...

Страница 32: ...r 32 Ver 1 01 April 2010 Page 32 of 40 5 Responses to Known Vulnerabilities 5 1 Security Xerox www xerox com security Xerox maintains an evergreen public web page that contains the latest security inf...

Страница 33: ...NS Dynamic Domain Name Server Maps host names to dynamic static IP addresses DRAM Dynamic Random Access Memory EGP Exterior Gateway Protocol EPC Electronic PreCollation GB Gigabyte HP Hewlett Packard...

Страница 34: ...re Board Assembly PSW Portable Service Workstation PWS alternative acronym for Portable Service Workstation RFC Required Functional Capability ROM Read Only Memory ROS Raster Output Scanner SA System...

Страница 35: ...nce can only support 0 or 3 for more than 1 sheet for prtInputCurrentLevel will be considered a caveat denoted as C 6 The Printer MIB requires a few groups from RFC 1213 and RFC 1514 to be supported T...

Страница 36: ...y Buffer group 2 objects supported w caveats limited local UI messaging captured within table C local UI button selection messages are not captured within table Console Display Light group 5 objects s...

Страница 37: ...View etc shareware program supported New type 2 enumerations from next generation Host Resources MIB supported optional not support because Host Resources MIBv2 has NOT entered the standards track New...

Страница 38: ...works 894 Standard for the transmission of IP datagrams over IEEE802 networks 1042 ICMP ICMP Echo ICMP Time ICMP Echo Reply and ICMP Destination Unreachable message 792 Reverse Address Resolution Prot...

Страница 39: ...of 40 Function RFC Standard Document Printing Application DPA 10175 Appletalk Inside Appletalk Second Edition Printing Description Languages Postscript Language Reference Third Edition PCL6 PCL5E 5SI...

Страница 40: ...Information Assurance Disclosure Paper 40 Ver 1 01 April 2010 Page 40 of 40 6 4 Appendix E References Kerberos FAQ http www nrl navy mil CCS people kenh kerber os faq html IP port numbers http www ia...

Отзывы:

Нет отзывов

Похожие инструкции для WORKCENTRE 7755

Бренд: IBM Страницы: 102

Бренд: Canon Страницы: 198

DocuPrint 4850 NPS

Бренд: Xerox Страницы: 276

Бренд: GCC Technologies Страницы: 8

Бренд: Minolta Страницы: 227

VersaUV LEJ-640

Бренд: Roland Страницы: 321

Бренд: Ricoh Страницы: 130

Бренд: Tally Страницы: 14

Бренд: Xerox Страницы: 48

Бренд: Canon Страницы: 342

Бренд: Canon Страницы: 454

Бренд: Canon Страницы: 498

Бренд: Canon Страницы: 563

Бренд: Canon Страницы: 20

WorkForce 610 Series

Бренд: Epson Страницы: 52

Бренд: Epson Страницы: 4

WorkForce 545 Series

Бренд: Epson Страницы: 4

Бренд: Epson Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды