Section 2 — Device Security
Authorized Send for CAC/PIV supports two-factor authentication by prompting users to insert
their card into the device's card reader and requiring them to enter their PIN. ASEND for
CAC/PIV supports the Online Certificate Status Protocol (OCSP) to check the revocation status of
the user's card, and then authenticates the user against the Public Key Infrastructure (PKI) and
Active Directory. Once authenticated, users can access the document distribution features of
Authorized Send for CAC/PIV supports enhanced e-mail security features such as non-
repudiation, digital signing of e-mail, and encryption of e-mail and file attachments. The
cryptographic engine used by Authorized Send for CAC/PIV is based on the industry leading RSA
BSAFE security software and has undergone the stringent testing and validation requirements of
the FIPS 140 standard.
Control Cards/Card Reader System
Canon imageRUNNER ADVANCE systems offer support for an optional Control Card/Card
Reader system for device access and to manage usage. The Control Card/Card Reader system
option requires the use of intelligent cards that must be inserted in the system before granting
access to functions, which automates the process of Department ID authentication. The optional
Control Card/Card Reader system manages populations of up to 300 departments or users.
2.3 – Access Control
Canon imageRUNNER ADVANCE systems support a number of access control options to help you
manage the use of device settings and functions in addition to specific capabilities of certain functions.
Access control solutions for the imageRUNNER ADVANCE can help Authentication, Authorization, and
Auditing. Canon offers solutions that can lock down the entire device, or simply lock down specific
functions (e.g. Send-to-Email), while leaving other applications available for general use. With the power
and flexibility of MEAP, some solutions can be customized to meet your specific requirements.
Password-Protected System Settings
As a standard feature, imageRUNNER ADVANCE systems setup screens support password protection to
restrict device setting changes from the control panel and Remote UI tool. System Administrators can set
network information, system configuration, enable, and disable network and printing protocols among
many other options. Canon highly recommends setting an administrator password at time of installation
since it controls critical device settings.
System Manager Screen
Store ID and Password Screen
White Paper: Canon imageRUNNER ADVANCE Security