Section 4 — Network Security
There are three possible scenarios that are explored:
• Data with a virus attached in the e-mail:
All file attachments except for 'TIFF" files received in the e-mail are discarded immediately after
• Viruses pretending to be TIFF files:
TIFF image files are compressed with formats such as MH, MR, and MMR. The imageRUNNER
ADVANCE system compresses the 'TIFF' format at reception and after regenerating the image encodes
the image again. When processed correctly, the original image is discarded and a new image is created,
printed, and transferred. If an error occurs during the process, the data from the 'TIFF' file is not
transferred but is discarded, and a message notifying the user of the error is added to the e-mail text and is
• Text within e-mail is a virus:
E-mail text data gives the Date, From, Message-Id, To, or Subject data written at the top of the received e-
mail for printing and transfer. The e-mail text data is comprised of character strings. If binary data such as
data with a virus is used in the e-mail text, the data will be damaged and data with a virus will be
discarded. Even if the data with a virus is visible data with a script format, it is not possible to recognize it
as a script because Date, From, Message-Id, To, or Subject data is attached at the top.
4.2 – Mail Server Security
When the Scan and Send on imageRUNNER ADVANCE devices is enabled, the internal mail service is
enabled and supports the POP and SMTP protocols. To protect the service against attack or improper use,
administrators can enable additional security features such as SMTP Authentication and POP
Authentication before SMTP.
To prevent unauthorized users from making use of the device's internal SMTP server, administrators can
enable SMTP Authentication and designate a username and password to connect to the server.
In addition, administrators can enable SSL for all SMTP send and receive operations.
POP Authentication Before SMTP
As an additional layer of security, imageRUNNER ADVANCE systems support the ability for
administrators to enable or disable the POP Authentication before SMTP feature. POP Authentication
before SMTP forces a successful login to a POP server prior to being able to send mail via SMTP.
Section 5 — Security Monitoring & Management Tools
Canon provides a number of tools to help organizations enforce their internal company policies and meet
regulatory requirements. Whether a single imageRUNNER ADVANCE system is deployed, or a fleet of
them, these solutions provide the ability to audit usage and limit access to features and functions enterprise-
wide—at the group and user-level.
5.1 – imageWARE Enterprise Management Console
imageWARE Enterprise Management Console (EMC) is a highly scalable web-based management utility
for administrators that delivers a streamlined, centralized point of control for all devices installed across
enterprises. The software makes it easier for organizations to securely manage one or more imageRUNNER
ADVANCE systems remotely across a network. To aid in implementing and managing an MFP
infrastructure, imageWARE Enterprise Management Console facilitates the secure distribution of device
White Paper: Canon imageRUNNER ADVANCE Security