1. Manuals
  2. Brands
  3. Konica Minolta Manuals
  4. All in One Printer
  5. bizhub 223
  6. User manual

Konica Minolta bizhub 223 User Manual

Pki card system security operations
Hide thumbs Also See for bizhub 223:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual, Installation Manual
User's Guide [Security Operations]
2010. 6
Ver. 1.01

Advertisement

Table of Contents
loading

Related Manuals for Konica Minolta bizhub 223

Summary of Contents for Konica Minolta bizhub 223

  • Page 1 User’s Guide [Security Operations] 2010. 6 Ver. 1.01...

  • Page 2: Table Of Contents

    Contents Security Introduction ............................. 1-2 Compliance with the ISO15408 Standard ..................1-2 Operating Precautions ........................1-2 INSTALLATION CHECKLIST......................1-3 Security Functions .......................... 1-4 Check Count Clear Conditions ......................1-4 Data to be Protected ........................1-5 Precautions for Operation Control ....................1-6 Roles and Requirements of the Administrator ...................
  • Page 3 Setting the NetBIOS Name ......................2-35 2.14 E-Mail Setting Function ........................ 2-36 Setting the SMTP Server (E-Mail Server) ..................2-36 User Operations User Authentication Function ......................3-2 User authentication using the IC card ....................3-2 Encrypted Document Function ...................... 3-4 Accessing the Encrypted document....................

  • Page 4: Security

    Security...

  • Page 5: Introduction

    The manual should be of great help in finding solutions to operating problems and questions. This User’s Guide (Ver. 1.01) describes bizhub 423/bizhub 363/bizhub 283/bizhub 223 PKI Card System Con- trol Software (MFP Controller:A1UD0Y0-0100-G00-20).

  • Page 6: Installation Checklist

    Introduction INSTALLATION CHECKLIST This Installation Checklist contains items that are to be check by the Service Engineer installing this machine. The Service Engineer should check the following items, then explain each checked item to the Administrator of the machine. To Service Engineer Make sure that each of these items is properly carried out by checking the box on the right of each item.

  • Page 7: Security Functions

    Security Functions Security Functions A password that can be set must meet the requirements of the Password Rules. The machine does not ac- cept setting of an easily decipherable password. For details of the Password Rules, see page 1-8. If a wrong password is entered, during password authentication, a predetermined number of times (once to five times) or more set by the Administrator of the machine, the machine determines that it is unauthorized access through Prohibited Functions When Authentication Error, prohibiting any further entry of the pass- word.

  • Page 8: Data To Be Protected

    Data to be Protected Data to be Protected The underlying concept of this machine toward security is "to protect data that can be disclosed against the intention of users." The following types of image files that have been saved in the machine and made available for use by its users are protected while the machine is being used.

  • Page 9: Precautions For Operation Control

    Precautions for Operation Control Precautions for Operation Control This machine and the data handled by this machine should be used in an office environment that meets the following conditions. The machine must be controlled for its operation under the following conditions to pro- tect the data that should be protected.

  • Page 10: Network Connection Requirements For The Machine

    Precautions for Operation Control The Administrator should disable Write Setting of SNMP v1/v2c and control the operation of the ma- chine for use in the disable state. – To disable Write Setting of SNMP v1/v2c, press the [Utility/Counter] key, and then [Administrator Set- tings] - [Network Settings] - [SNMP Settings] - [Forward] - [SNMP v1/v2c Settings] - [Forward] on the MFP control panel, and set "Write Setting"...

  • Page 11: Miscellaneous

    Miscellaneous Miscellaneous Password Rules According to certain Password Rules, registration of a password consisting of a string of a single character or change of a password to one consisting of a string of a single character is rejected for the Encryption Key. For the Encryption Key, the same password as that currently set is not accepted.

  • Page 12: Fax Functions

    Miscellaneous NOTICE Performing HDD Format deletes the loadable driver installed in the machine, which calls for setting made by the Service Engineer. For details, contact your Service Representative. Fax functions An optional Fax Kit is required for using fax functions. Contact your Service Representative. bizhub 423/363/283/223...

  • Page 13: Administrator Operations

    Administrator Operations...

  • Page 14: Accessing The Administrator Settings

    Accessing the Administrator Settings Administrator Operations Accessing the Administrator Settings In Administrator Settings, the settings for the machine system and network can be registered or changed. This machine implements authentication of the user of the Administrator Settings function through the Ad- ministrator Password that verifies the identity as the Administrator of the person who accesses the function.
  • Page 15 Accessing the Administrator Settings Enter the 8-to-16-digit Administrator Password from the keyboard or keypad. % Press the [C] key to clear all characters. % Touch [Delete] to delete the last character entered. % Touch [Shift] to show the upper case/symbol screen. % Touch [Cancel] to go back to the screen shown in step 2.

  • Page 16: Accessing The User Mode

    Accessing the Administrator Settings 2.1.2 Accessing the User Mode You can log on to the User Mode as an Administrator. In the User Mode, you can check or delete a job, which is disabled in Administrator Settings. Reference The authority relating to box settings is the same as that of Administrator Settings. Do not leave the machine with the User Mode setting screen left shown on the display.
  • Page 17 Accessing the Administrator Settings Touch [OK]. Press [Access] or touch [Login]. % If a wrong Administrator Password is entered, a message that tells that the authentication has failed appears. Enter the correct Administrator Password. % If Prohibited Functions When Authentication Error is set to [Mode 2], entry of a wrong password is counted as unauthorized access.

  • Page 18: Preventing Unauthorized Access

    Preventing Unauthorized Access Preventing Unauthorized Access When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables setting of the operation of Prohibited Functions When Authentication Error. The machine then takes a count of the number of unsuccessful accesses to the Administrator Settings to prohibit the authentication operation.
  • Page 19 Preventing Unauthorized Access Touch [Security Details]. Touch [Prohibited Functions When Authentication Error]. Touch [Mode 2]. % To change the check count, touch [+] to increase the count or [-] to decrease it. Touch [Release Time Settings]. bizhub 423/363/283/223...
  • Page 20 Preventing Unauthorized Access Press the [C] key and, from the keypad, enter the time, after the lapse of which the access lock state of the Administrator Settings is canceled. % Release Time can be set to any value between 1 min. and 60 min. in 1-min. increments. An input data error message appears when any value falling outside the range of 1 to 60 min.

  • Page 21: Setting The External Server

    Setting the External Server Setting the External Server When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables setting of the External Server. The External Server that can be used for authentication is Active Directory only. Operate the machine in Ac- tive Directory.
  • Page 22 Setting the External Server Touch [Server Type]. Touch [Active Directory]. From the keyboard or keypad, enter the Domain Name and touch [OK]. Touch [OK]. bizhub 423/363/283/223 2-10...
  • Page 23 Setting the External Server Make the necessary settings. % If the Sever Name is yet to be entered, [OK] cannot be touched. Be sure to enter the Sever Name. % A Sever Name that already exists cannot be redundantly registered. Touch [OK].

  • Page 24: System Auto Reset Function

    System Auto Reset Function System Auto Reset Function When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables setting of the operation of the System Auto Reset function. If no operations are performed for a predetermined period of time during access to the Administrator Settings or user mode (during setting of User Authentication) from the control panel, the System Auto Reset function automatically causes the user to log off from the mode.
  • Page 25 System Auto Reset Function Touch [System Auto Reset]. Press the [C] key and enter the period of time (1 min. to 9 min.) after which System Auto Reset is acti- vated from the keypad. % The time for System Auto Reset can be set to a value between 1 min. and 9 min., variable in 1-min. increments.

  • Page 26: Changing The Administrator Password

    Changing the Administrator Password Changing the Administrator Password When access to the machine by the Administrator of the machine through the Administrator Settings panel is authenticated, the machine enables the operation of changing the Administrator Password required for ac- cessing the Administrator Settings. The Administrator Password entered for the authentication purpose appears as "*"...
  • Page 27 Changing the Administrator Password neer; or, turn off, and then turn on, the main power switch of the machine. If the main power switch is turned off and on, the access lock state is canceled after the lapse of time set for [Release Time Settings].

  • Page 28: Protecting Data In The Hdd

    Protecting Data in the HDD Protecting Data in the HDD When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables the operation for setting and changing the Encryption Key. By setting the Encryption Key, the data saved in the HDD is encrypted, thereby protecting the data in the HDD.
  • Page 29 Protecting Data in the HDD A confirmation message appears. Select [Yes] and touch [OK]. % Executing HDD Format erases data in the HDD. It is recommended that important data should be saved in a backup medium in advance. Execution of HDD Format will also reset the setting values of different functions to the default values.
  • Page 30 Protecting Data in the HDD Make sure that a message appears prompting you to turn OFF and then ON the main power switch. Now, turn OFF and then turn ON the main power switch. % When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off.
  • Page 31 Protecting Data in the HDD A confirmation message appears. Select [Yes] and touch [OK]. Make sure that a message appears prompting you to turn OFF and then ON the main power switch. Now, turn OFF and then turn ON the main power switch. % When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off.
  • Page 32 Protecting Data in the HDD Touch [Encryption Priority] or [Overwrite Priority]. Item Description [Encryption Priority] A different data overwrite method applies from [Mode 1] or [Mode 2]. To set [Overwrite HDD Data], select [Encryption Priority]. [Overwrite Priority] The data overwrite method can be [Mode 1] Overwritten with specified.
  • Page 33 Protecting Data in the HDD Make sure that a message appears prompting you to turn OFF and then ON the main power switch. Now, turn OFF and then turn ON the main power switch. % When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off.

  • Page 34: Changing The Encryption Key

    Protecting Data in the HDD 2.6.2 Changing the Encryption Key For the procedure to call the Encryption Key entry screen on the display, see steps 1 through 4 of page 2-16. Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.
  • Page 35 Protecting Data in the HDD Make sure that a message appears prompting you to turn OFF and then ON the main power switch. Now, turn OFF and then turn ON the main power switch. % When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off.

  • Page 36: Overwrite All Data Function

    Overwrite All Data Function Overwrite All Data Function When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables setting of the operation of the Overwrite All Data function. When the machine is to be discarded, or use of a leased machine is terminated at the end of the leasing con- tract, the Overwrite All Data function overwrites and erases all data saved in all spaces of the HDD.
  • Page 37 Overwrite All Data Function Select the desired mode and touch [Delete]. A confirmation message appears. Select [Yes] and touch [OK]. Make sure that a message appears prompting you to turn OFF and then ON the main power switch. Now, turn OFF and then turn ON the main power switch. % Check that all data has been overwritten and erased properly.

  • Page 38: S/Mime Communication Setting Function

    S/MIME Communication Setting Function S/MIME Communication Setting Function When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables the setting of encryption of text of e-mail transmitted and received between the PC and the machine.
  • Page 39 S/MIME Communication Setting Function Select [ON] and [E-Mail Text Encryption Method]. Select encryption method and touch [OK]. % For encryption method, select the strong "3DES," "AES-128," "AES-192," or "AES-256." If the mail software being used does not support AES, encrypted mail messages may be received, but they cannot be decrypted.
  • Page 40 S/MIME Communication Setting Function Select [NO] and touch [OK]. Select [Digital Signature]. Select [Always add signature] or [Select when sending] and touch [OK]. Touch [OK]. bizhub 423/363/283/223 2-28...

  • Page 41: Pc-Fax Rx Setting Function

    PC-Fax RX Setting Function PC-Fax RX Setting Function When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables setting of the operation of the PC-Fax RX Setting Function. This function enables received fax documents to be saved in user boxes on the hard disk installed in the machine.
  • Page 42 PC-Fax RX Setting Function Touch [PC-Fax RX Setting]. Make the necessary settings. % When [Specified User Box] is selected, the data is stored at the box whose number is assigned with F code Sub address. % When Dial-in is set ON, [Dial-In only] appears after [Allow]. PC-FAX receiving setting can be made only when the data is received with dial-in number.

  • Page 43: Tsi User Box Setting Function

    2.10 TSI User Box Setting Function 2.10 TSI User Box Setting Function When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables setting of the operation of the TSI User Box Setting Function. This function automatically sorts documents received with fax IDs (TSIs) of the transmitters into other devices or boxes of the machine set up for each transmitter.
  • Page 44 2.10 TSI User Box Setting Function Select the number to be set and touch [Edit]. % You can register up to 128 where the received data is distributed. % To delete the registered one, select the number and press [Delete]. Make the necessary settings.

  • Page 45: Tcp/Ip Setting Function

    2.11 TCP/IP Setting Function 2.11 TCP/IP Setting Function When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables setting of the IP Address and registration of the DNS Server. 2.11.1 Setting the IP Address For the procedure to call the Network Settings screen on the display, see steps 1 and 2 of page 2-26.

  • Page 46: Netware Setting Function

    2.12 NetWare Setting Function 2.12 NetWare Setting Function When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables registration as the Print Server. Making the NetWare Setting For the procedure to call the Network Settings screen on the display, see steps 1 and 2 of page 2-26. Do not leave the machine with the setting screen of Administrator Settings left shown on the display.

  • Page 47: Smb Setting Function

    2.13 SMB Setting Function 2.13 SMB Setting Function When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables setting of the NetBIOS Name. Setting the NetBIOS Name For the procedure to call the Network Settings screen on the display, see steps 1 and 2 of page 2-26. Do not leave the machine with the setting screen of Administrator Settings left shown on the display.

  • Page 48: E-Mail Setting Function

    2.14 E-Mail Setting Function 2.14 E-Mail Setting Function When access to the machine by the Administrator of the machine through the Administrator Settings is au- thenticated, the machine enables setting of the SMTP Server (E-Mail Server). Setting the SMTP Server (E-Mail Server) For the procedure to call the Network Settings screen on the display, see steps 1 and 2 of page 2-26.

  • Page 49: User Operations

    User Operations...

  • Page 50: User Authentication Function

    User Authentication Function User Operations User Authentication Function To authenticate a user before he or she actually uses the machine, user authentication is performed using the IC card and PIN code. The IC card reader installed in the machine is used to read the IC card. The PIN code entered is displayed as "*"...
  • Page 51 User Authentication Function the PKI Encrypted Document User Box. For the detailed procedure to access the PKI Encrypted document, see page 3-4. Enter the PIN code registered in the IC card from the 10-key pad. If the PIN code includes any character other than numerals, touch [PIN Code].

  • Page 52: Encrypted Document Function

    Encrypted Document Function Encrypted Document Function This function is used when a document encrypted by the dedicated printer driver and IC card from the PC side is saved in the machine. The PKI encrypted document saved in the machine can be decrypted only by an encrypted IC card, which makes this function just right for printing highly confidential documents.

  • Page 53: Scan To Me Function

    Scan to Me Function Scan to Me Function The machine allows all users who have been authenticated with the IC card to operate the Scan to Me func- tion. Scan to Me encrypts the image file scanned by the user on this machine using the IC card and transmits it as a mail data file of S/MIME to the mail address of the IC card user.
  • Page 54 Scan to Me Function Touch [Me]. Touch [START]. % Do not pull out the IC card until the e-mail transmission is completed. The transmission file is dis- carded if the IC card is pulled out during transmission. bizhub 423/363/283/223...
  • Page 55 http://konicaminolta.com Copyright A1UD-9611A-00 2010...

This manual is also suitable for:

Bizhub 283Bizhub 363Bizhub 423

Table of Contents