Xerox D95 Supplementary Manual page 14

The settings described below are required for both the machine's configuration and the
•
client's configuration.
1) SSL/TLS
For the SSL client (Web browser) and the SSL server that communicate with the
machine, select a data encryption suite from the following:
- SSL_RSA_WITH_RC4_128_SHA
- SSL_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_256_CBC_SHA
(The recommended browser is Microsoft
2) S/MIME
For the machine and E-mail clients, select an Encryption Method/Message Digest
Algorithm from the following:
- RC2 (128bit)/SHA1
- 3Key Triple-DES (168bit)/SHA1
3) IPSec
For the IPSec host that communicates with the machine, select an Encryption
Method/Message Digest Algorithm from the following:
- AES (128bit)/SHA1
- 3Key Triple-DES (168bit)/SHA1
4) SNMPv3
The encryption method of SNMPv3 is fixed to DES. Set [Message Digest Algorithm] to
[SHA1].
Important:
For secure operation, while you are using the Xerox
•
not access other web sites.
For secure operation, when you change [Authentication Type], initialize the hard disk by
•
resetting [Data Encryption] and changing [encryption key].
For preventing SSL vulnerability, you should set the machine address in the proxy
•
exclusion list of browser.
With this setting, secure communication will be ensured because the machine and the
•
remote browser communicate directly without proxy server, and thus you can prevent
man-in-the-middle attacks.
Do not use Backup Restore function, because they have not been evaluated.
•
6
®
®
Xerox D95/D110/D125 Copier/Printer Security Function Supplementary Guide
Internet Explorer 6/7/8)
® ®
CentreWare Internet Services, do