Xerox® Security Guide for Office Class Products: AltaLink® VersaLink®
Each AltaLink® device comes with McAfee Embedded Control built-in and enabled by default. McAfee
Embedded Control is used to protect a variety of endpoints that range from wearable devices to critical
systems controlling electrical generation.
Executable control prevents unauthorized code from executing. Xerox has defined a whitelist of
executable programs; software that is not on the secure whitelist is not allowed to execute.
Memory control monitors memory and running processes. If unauthorized code is injected into a running
process, it is detected and prevented.
When an anomaly is detected it is logged to the device audit log and optional alerts are immediately sent
via email. Events are also reportable through CentreWare® Web or Xerox Device Manager, and
McAfee® ePolicy Orchestrator® (ePO).
Event Monitoring & Logging
The Audit Log feature records security-related events. The Audit Log contains the following information:
A unique value that identifies the event.
The date that the event happened in mm/dd/yy format.
The time that the event happened in hh:mm:ss format.
The type of event. The number corresponds to a unique description.
Description An abbreviated description of the type of event.
Columns 6–10 list other information about the event, such as:
Identity: User Name, Job Name, Computer Name, Printer Name, Folder Name, or
Accounting Account ID display when Network Accounting is enabled.
Image Overwrite Status: The status of overwrites completed on each job. Immediate
Image must be enabled.
AltaLink® products currently support 159 unique security events. VersaLink® products currently support
52 unique events.
A maximum of 15,000 events can be stored on the device. When the number of events exceeds 15,000,
audit log events will be deleted in order of timestamp, and then new events will be recorded. The audit
log be exported at any time by a user with administrative privileges. Note that as a security precaution,
audit log settings and data can only be accessed via HTTPS.
The list below describes supported firmware delivery methods and applicable access controls.
Local Firmware Upgrade via USB port:
Xerox service technicians can update product firmware using a USB port and specially configured USB