Security Aspects Of Selected Features; Mcafee Enhanced Security / Integrity Control; Enhanced Security; Integrity Control (Optional Feature) - Xerox WorkCentre 7220 Information

WorkCentre 7220-7225 Information Assurance Disclosure Paper
4. Security Aspects of Selected
Features
4.1. McAfee Enhanced Security / Integrity
Control
Xerox has partnered with industry leader McAfee to include the Enhanced Security feature which uses McAfee
Embedded Control, the same technology you can purchase for your computer. The McAfee agent is included with
the device software which enables communication with McAfee tools such as the ePolicy Orchestrator.
The McAfee Enhanced Security and optional Integrity Control features use "whitelisting" technology to protect your
Xerox devices from attack. On the Xerox device, there are critical files and directories designated read-only and some
designated write-only. If attempts are made to write to a read-only or read from a write-only file or directory, in
addition to being prevented, this creates an event which will be recorded in the device Audit Log. Further, if e-mail
alerts are configured on the Xerox device, an e-mail would be sent to the configured address with details of the event.
Software upgrades are handled by designating the software upgrade process as a trusted updater. Once the digital
signature is verified, the new software is installed and with it, a new whitelist for the new version. The digital
signature prevents corrupted files from being installed by verification that the file is genuine Xerox software and has
not been modified.
The use of digital signatures and the whitelisting technique, to stop unauthorized reads, writes, and optionally
execution, prevents malicious code from harming your device, regardless of where the attack originated.

4.1.1 Enhanced Security

The Xerox Embedded Control feature is installed and enabled by default. This feature prohibits unauthorized reads,
writes and modifications to critical control and configuration files on the device. The system also allows for an e-mail
address to be configured so that alerts may be sent when unauthorized access is attempted. Details for
configuration are contained in the McAfee Embedded Control section of the System Administrators Guide for your
Xerox device.

4.1.2 Integrity Control (Optional Feature)

Integrity Control is a purchasable software option that combines the standard Enhanced Security features with the
ability to monitor and prevent unauthorized execution of files that were not part of the standard Xerox device
software.

4.1.3 ePolicy Orchestrator

To enable ePolicy Orchestrator, download and install the Xerox extensions for McAfee ePO. Details for this are
available in the System Admin Guide in the section entitled Configuring for McAfee ePO Server Alerts.
Ver. 1.0, January 2013 Page 36 of 61