Canon imageRUNNER ADVANCE C5560i III User Manual page 687

[Lockout Policy]
Block users from logging in for a specified period of time after a certain number of consecutive invalid login attempts.
[Enable lockout]
◼
[Key/Certificate]
Protect important data by preventing the use of weak encryption, or by saving encrypted user passwords and keys in a
designated hardware component.
[Prohibit use of weak encryption]
[Prohibit use of key/certificate with
weak encryption]
[Use TPM to store password and key]
When TPM settings are enabled
● Make sure to change the "Administrator" password from the default value, to prevent a third party other
than the administrator from being able to back up the TPM key. If a third party takes the TPM backup key,
you will not be able to restore the TPM key.
● For the purpose of enhanced security, the TPM key can only be backed up once. If the TPM settings are
enabled, make sure to back up the TPM key on to a USB memory device, and store it in a secure place to
prevent loss or theft.
● The security functions provided by TPM do not guarantee complete protection of the data and hardware.
◼
[Log]
You can periodically survey how the machine is used, by requiring logs to be recorded.
[Force recording of audit log] <Save Operation Log> is set to <On>, <Display Job Log> is set
[Force SNTP settings]
Managing the Machine
In <Lockout Settings>, <Enable Lockout> is set to <On>. Specify the
values for [Lockout Threshold] and [Lockout Period] on the Remote
UI setting screen.
<Prohibit Use of Weak Encryption> is set to <On>. It is
not possible to use weak encryption. When the check
box is selected, [Prohibit use of key/certificate with weak
encryption] can be selected.
In <Prohibit Use of Weak Encryption>, <Prohibit Use of
Key/Certificate with Weak Encryption> is set to <On>. It
is not possible to use a key or certificate with weak
encryption.
<TPM Settings> is set to <On>. Passwords and keys are
encrypted and saved in a designated hardware
component.
to <On>, <Retrieve Job Log with Management Software> in
<Display Job Log> is set to <Allow>, <Save Audit Log> is set to
<On>, <Retrieve Network Authentication Log> is set to <On>,
and <Use Login Name as User Name for Print Jobs> is set to
<On>. Audit logs are always recorded.
In <SNTP Settings>, <Use SNTP> is set to <On>. Time
synchronization via SNTP is required. Enter a value for
[Server Name] on the Remote UI setting screen.
673
<Lockout
Settings>(P. 1146)
<Prohibit Use of Weak
Encryption>(P. 1149)
<Prohibit Use of Weak
Encryption>(P. 1149)
<TPM Settings>(P. 1145)
<Save Operation Log>(P. 1121)
<Display Job Log>(P. 1137)
<Save Audit Log>(P. 1137)
<Retrieve Network
Authentication Log>(P. 1137)
<Use Login Name as User Name
for Print Jobs>(P. 1063)
<SNTP Settings>(P. 1055)