Xerox 550 Supplementary Manual
Security function supplementary guide
Hide thumbs
Also See for 550:
- User manual (166 pages) ,
- Specification sheet (2 pages) ,
- Reference manual (188 pages)
Subscribe to Our Youtube Channel
Related Manuals for Xerox 550
Summary of Contents for Xerox 550
- Page 1 Xerox Color 550/560 Printer Security Function Supplementary Guide Version 1.0, April 2011...
-
Page 2: Table Of Contents
Table of Contents Before Using the Security Function ..............5 Preface ................................ 5 Security Features ............................ 6 Settings for the Secure Operation ....................6 Data Restoration ............................ 7 Starting use of the data encryption feature and changing the settings ....... 7 Use of the Overwrite Hard Disk ...................... - Page 3 Set IPSec Address..........................22 Set SNMPv3 ............................22 Set S/MIME ............................23 Set Browser Refresh ........................... 23 Set Job Deletion........................... 23 Regular Review by Audit Log ................25 Set Audit Log ............................25 Import the Audit Log File ........................ 25 Self Testing ........................
- Page 4 Change User Passcode by System Administrator (Using CentreWare Internet Services ) Problem Solving ....................... 52 Fault Clearance Procedure ......................52 Fault Codes ............................53 Security @ Xerox ..................... 61 Appendix........................62 Copyright 2011 by Fuji Xerox Co., Ltd. All rights reserved.
-
Page 5: Before Using The Security Function
: Version 1.0: August 2010 (701P50980_en) Xerox Color 550/560 Printer User Guide : Version 1.0: August 2010 (701P50979_en) The security features of the Xerox Color 550/560 Printer is supported by the following ROM versions. Controller ROM Ver. 1.203.1 IOT ROM Ver. -
Page 6: Security Features
Security Features Xerox Color 550/560 Printer has the following security features: Hard Disk Data Overwrite • Hard Disk Data Encryption • User Authentication • System Administrator’s Security Management • Customer Engineer Operation Restriction • Security Audit Log • Internal Network data protection •... -
Page 7: Data Restoration
Software Download Set to [Disabled] • Set to [Disabled] for [NetBEUI] • WebDAV Set to [Disabled] • Receive E-mail Default [Disabled] • Default [Enabled] • SSL/TLS Set to [Enabled] • IPSec Set to [Enabled] • SNMP v1/v2c Set to [Disabled] •... - Page 8 The recording area stores the following data. Spooled print data • Print data including the secure print and sample print • Forms for the form overlay feature • Folder and job flow sheet settings (Folder name, passcode, etc. ) • Files in Folder •...
-
Page 9: Use Of The Overwrite Hard Disk
Specifies whether the Service Representative has full access to the security features of the machine, including the ability to change System Administrator settings. For the Color 550/560 Printer, select [On] and then set [Maintenance Passcode] to restrict the Service Representative from entering the System Administration mode. -
Page 10: For Optimal Performance Of The Security Features
For Optimal Performance of the Security features The manager (of the organization that the machine is used for) needs to follow the instructions below: Assign appropriate persons as system and machine administrators, and manage and train them properly. • The manager and system administrators have to train users about the security policies and procedures of their •... -
Page 11: Confirm The Machine Rom Version And The System Clock
3.) IPSec Set the IPSec host that communicates with the machine as following Encryption Method/Message Digest Algorithm. A ES (128bit )/SHA1 ・ 3 Key Triple-DES (168bit )/SHA1 ・ 4.) SNMPv3 The encryption Method of SNMPv3 is DES fixed. Set [Message Digest Algorithm] to [SHA1]. Important: For secure operation, while you are using the CentreWare Internet Services, please do not access other web •... -
Page 12: How To Check The System Clock
How to check the System Clock Press the <Log In / Out> button on the control panel. Enter the System Administrator’s Login ID and Passcode if prompted (default admin, 1111 ). Select [Enter] on the touch screen. Press the <Machine Status> button on the control panel. Select [Tools] on the touch screen. -
Page 13: Initial Settings Procedures Using Control Panel
Initial Settings Procedures Using Control Panel This section describes the initial settings related to Security Features, and how to set them on the machine’s control panel. Authentication for entering the System Administration mode Press the <Log In/Out> button on the control panel. Enter "admin"... -
Page 14: Set Maximum Login Attempts
Enter the same passcode, and then select [Save]. Select [Save]. A confirmation window appears. Select [Yes] to confirm your entry. Set Maximum Login Attempts Select [Authentication/Security Settings] on the [Tools] screen. Select [Authentication]. Select [Maximum Login Attempts By System Administrator]. On the [Maximum Login Attempts] screen, select [Limit Attempts]. -
Page 15: Set Data Encryption
Select [Authentication/Security Settings] on the [Tools] screen.. Select [Overwrite Hard Disk]. Select [Scheduled Image Overwrite]. On the [Scheduled Image Overwrite] screen, Select [Daily] or [Weekly] or [Monthly]. Set [Day], [Hour], [minutes], Select [Save]. Set Data Encryption Select [System Settings] on the [Tools] screen. Select [Common Service Settings]. -
Page 16: Set Private Print
Select [Authentication/Security Settings] on the [Tools] screen. Select [Authentication]. Select [Access Control]. Select [Device Access]. On the [Device Access] screen, select [Locked] for [All Services Pathway]. Select [Save]. Select [Service Access]. On the [Service Access] screen, select an item and then select [Change Settings]. Select [Locked]. -
Page 17: Set User Passcode Minimum Length
Set User Passcode Minimum Length Note: This feature is only available in Local Authentication mode. Select [Authentication/Security Settings] on the [Tools] screen. Select [Authentication]. Select [Passcode Policy]. On the [Passcode Policy] screen, select [Minimum Passcode Length]. Select [Change Settings]. On the [Minimum Passcode Length] screen, select [Set]. With [▲] and [▼], set [9]. -
Page 18: Set Self Test
Select [Common Service Settings]. Select [Reports]. Select [Print Reports Button]. Select [Disabled]. Select [Save]. To exit the [Reports] screen, select [Close]. Set Self Test Select [System Settings] on the [Tools] screen.. Select [Common Service Settings]. Select [Maintenance]. Select [Power on Self Test]. Select [On ]... -
Page 19: Initial Settings Procedures Using Centreware Internet Services
Initial Settings Procedures Using CentreWare Internet Services This section describes the initial settings related to Security Features, and how to set them on CentreWare Internet Services. Preparations for settings on the CentreWare Internet Services Prepare a computer supporting the TCP/IP protocol to use CentreWare Internet Services. CentreWare Internet Services supports the browsers satisfied "SSL/TLS"... -
Page 20: Set Ipp
In [System Administrator Access Group] boxes, enter a name for the group. Entries should be in base DN format (for instance, cn=admin, cn=users, dc=xerox, dc=com ). You can also place restrictions on the use of the Copy, Fax, Scan, Print, and other features, by enter a name for the... -
Page 21: Configuring Machine Certificates
Set the size of the Public Key as necessary. Set Issuer as necessary. Click the [Apply] . Click [SSL/TLS Settings]. Select [Enabled] check box for [HTTP - SSL / TLS Communication] and [LDAP- SSL / TLS Communication]. Click the [Apply] . 10. -
Page 22: Set Ipsec Address
Set IPSec Address Enter the IP Address in the [Specify Destination IPv4 Address] box on the [IPSec] screen. Enter the IP Address in the [Specify Destination Ipv6 Address] box. Select [Enabled] or [Disabled] from the [Communicate with Non-IPSec Device] dropdown list. Click the [Apply] . -
Page 23: Set S/Mime
Set S/MIME Note: To use E-mail with this machine, E-mail function has to be enabled and configured as stated in the System Administrator Guide’s "Scan to E-mail". Before S/MIME setting, you will have to Import an S/MIME certificate according to same procedure as "Configuring Machine Certificates". - Page 24 Select [Administrators Only] for [Job Deletion]. Click the [Apply] . Click the [Reboot Machine] . Important: Allows the user to pause an active copy, print, scan or Embedded Fax job while it is being processed by the machine. But only system administrators can cancel the paused job. For secure operation, please delete the job certainly.
-
Page 25: Regular Review By Audit Log
Regular Review by Audit Log This section describes the setting and importing method for the Audit Log from the System Administrator client via CentreWare Internet Services. The Audit Log, regularly reviewed by the Security Administrator, often with the aid of third party analyzing tools, helps to assess attempted security breaches, identify actual breaches, and prevent future breaches. - Page 26 Supply the Administrator ID and Password, when prompted. Click the [Properties] tab. Click [Audit Log]. Click [Export as text file].
-
Page 27: Self Testing
Self Testing This section describes the Self Test function and its setting procedure from the Control Panel. The machine can execute a Self Test function to verify the integrity of executable code and setting data. The machine verifies the area of NVRAM and SEEPROM including setting data at initiation, and displays an error on the control panel at error occurrence. -
Page 28: Authentication For The Secure Operation
Authentication for the Secure Operation The machine has a unique Authentication feature that restricts the ability to use functions. This section contains information for System Administrators and general users on the features used to change the settings and on the setting procedures. Overview of Authentication Users Controlled by Authentication The following is an explanation about the different user types that are controlled by the Authentication feature. -
Page 29: Authenticated Users (With System Administrator Privileges )
Authenticated Users (with System Administrator Privileges ) These are users who are assigned the System Administrator privileges. When a restricted service is used, this type of user must enter a user ID on the authentication screen. This type of user has the same privileges as the Machine Administrator for machine operations, except: Operating Folder and job flow sheets •... -
Page 30: Functions Controlled By Authentication
Functions Controlled by Authentication The following explains the functions that are restricted by the Authentication feature. Restriction depends on which of the following two ways the machine is used. Local Access • Remote Access • For more information on the restrictions to Folder and job flow sheets using the Authentication feature, refer to Authentication for Job Flow Sheets and Folder. - Page 31 Retrieve File from Folder • Service Access control per user Service access and print & copy quota control can be set per user. • The system administrator sets copy & quota limitation per user via the control panel and CWIS. When print or copy volume exceed the registered number, the user can not use the function.
-
Page 32: Authentication For Folder
Authentication for Folder The following explains the restrictions for job flow sheets and Folder when the Authentication feature is enabled. NOTE: When a user account is deleted, the Folder and job flow sheets associated with the account are also deleted. Any files stored in the Folder will also be deleted. NOTE: When the Authentication feature is used with a remote account server, the user information stored in the machine may be temporarily deleted to restrict user access. - Page 33 Operations available for Folder. The following table shows the relationship with the Folder for each user type when the Authentication feature is enabled. Folder Operation System Administrator and Authenticated Users Shared by Machine Personal (owner ) Personal Administrator (other ) Create Display Delete...
- Page 34 NOTE: When job flow sheets not available for operation, depending on changes made to the authentication status, are linked to a Folder, you can still use them except for changing/copying them. If you release the link, the job flow sheet will no longer be displayed and will be disabled.
-
Page 35: Operation Using Control Panel
Operation Using Control Panel This section contains information on the operation of using control panel to use security features for System Administrator and authenticated users. User Authentication Before the use of all services and settings, a user must be authenticated with an ID and passcode. Press the <Log In/Out>... -
Page 36: User Name
Press [Create/Delete]. When a new user account is to be created, a keyboard screen is displayed. Enter a user ID, and then select [Save]. Configure the required settings. Select [Close]. User ID Allows you to enter a User ID using the screen keyboard. You can enter up to 32 alphanumeric characters including spaces as a User ID. -
Page 37: Change User Passcode By General User
User Role Allows you to select the privileges to give to the user. Select from [User], [System Administrator]. NOTE: The [User Role] button appears when you have enabled [Local Accounts] in [Authentication/Security Settings]. Reset Total Impressions Deletes all data tracked for the selected account. Reset Account Clears all settings and data for the selected account. - Page 38 Touch the desired job, then press the Delete from the pop up menu. A confirmation window appears. Select [Delete job] to cancel the job completely. Deleting the sending Job(Scan, Fax) and receiving job(Fax). On the control panel, press [Job Status] button. The Active Jobs tab displays. Touch the desired job, then press the [Delete] from the pop up menu.
-
Page 39: Folder / Stored File Settings
Folder / Stored File Settings This section describes the features that allow a System Administrator to configure various settings for Folder created for saving confidential incoming fax files or scanned files. Folder Service Settings This feature allows you to specify whether to discard files once received from a client and whether received Internet Fax files can be forwarded. -
Page 40: Create Folder
Expiration Date for Files in Folder Specifies whether to delete files from Folder when the specified period of time elapses. Enter the number of days to store files in the range from 1 to 14 days, and enter the time files are to be deleted using the scroll buttons or the numeric keypad. -
Page 41: Send From Folder
Select [Close]. NOTE: By selecting [Delete Folder], you can delete all files in the Folder and all job flow sheets created through the Folder. Folder Name Specifies the Folder name. Enter a name (up to 20 characters ) to be assigned to the Folder. Delete Files After Retrieval Specifies whether to delete files in the Folder after they are printed out or retrieved, or after they are transferred and printed out through a job flow sheet. - Page 42 Select All Selects all the files in the Folder, so that you can print or delete them all at once. Print Prints the selected file (s ). Delete Deletes the selected file (s ).
-
Page 43: Private Charge Print
Private Charge Print The Private Charge Print feature temporarily stores files per user ID, until a user logs in and manually prints them from the machine’s control panel. This feature only displays files of a logged-in user, and thus provides security and privacy to files stored in the machine. -
Page 44: Operation Using Centreware Internet Services
Operation Using CentreWare Internet Services This Section contains information on the operation of using CentreWare Internet Services, to use security features for System Administrator and authenticated users. The CentreWare Internet Services program uses the embedded Web User Interface which enables communication between a networked computer and the machine via HTTP. -
Page 45: Accessing Centreware Internet Services
Accessing CentreWare Internet Services Follow the steps below to access CentreWare Internet Services. At a client workstation on the network, launch an internet browser. In the URL field, enter “http://” followed by the IP address or Internet address of the machine. Then press the <Enter>... -
Page 46: Print
Print This page allows you to specify printing and paper parameters, enter accounting information, and select the delivery method for your print job. Follow the steps below to select the features available on the [Print] tab. Click [Print] on the Main Panel of the home page. The [Job Submission] page is displayed. -
Page 47: Scan (Folder Operation)
Scan (Folder Operation) This page allows you to configure Folder. Follow the steps below to select the features available on the [Scan] tab. Click [Scan] on the Main Panel of the home page. Select the Folder hot link. The [Folder] page is displayed. Folder icons Clicking the icon of a registered Folder displays [Folder: List of Files] page for the Folder. -
Page 48: Folder: List Of Files
Create Displays the [Folder Setup] page for the selected Folder. Folder: List of Files The following table shows the setting items available on the [Folder: List of Files] page. Folder Number Displays the Folder number of the selected Folder. Folder Name Displays the name of the selected Folder. -
Page 49: Folder Setup
Delete Files after Allows you to set whether to automatically delete files Print or Retrieve after they are printed . Note: Retrieved files are not deleted . Delete Expired Allows you to set whether to automatically delete files Files when they reach the specified expiration dates. Number of Files in Displays the number of files stored in the Folder. -
Page 50: Printing Job Deletion
Printing Job Deletion This page allows only System Administrators to delete the active print jobs. Click [Jobs] tab on the Main Panel of the home page. Select the desired job on the [Active Jobs] screen. Click the [Delete] button. A confirmation window appears. Select [OK] to cancel the job completely. -
Page 51: Change User Passcode By System Administrator (Using Centreware Internet Services )
Change User Passcode by System Administrator (Using CentreWare Internet Services ) Note: This feature is only applicable to Local Authentication mode. Open your Web browser and enter the TCP/IP address of the machine in the Address or Location field Press the <Enter>... -
Page 52: Problem Solving
Problem Solving This section describes solutions to problems that you may come across while using the machine and CentreWare Internet Services. The machine has certain built-in diagnostic capabilities to help identify problems and faults, and displays error messages on the control panel and web browser, whenever problems or conflicts occur. Fault Clearance Procedure If a fault or problem occurs, there are several ways in which you can identify the type of fault. -
Page 53: Fault Codes
Fault Codes This section explains error codes. If an error caused printing to end abnormally, or a malfunction occurred in the machine, then an error message code (***-*** ) is displayed. For faxing, an error code is also displayed on [Activity Reports] and [Transmission Report - Job Undelivered]. Refer to the following table for error codes to rectify problems. - Page 54 016-503 [Cause] Unable to resolve the SMTP server name when sending email. [Remedy] Check on the CentreWare Internet Services if the SMTP server settings are correct. Also, check the DNS server settings. 016-504 [Cause] Unable to resolve the POP3 server name when sending email. [Remedy] Check on CentreWare Internet Services if the POP3 server settings are correct.
- Page 55 016-534 [Cause] Kerberos server authentication protocol error [Remedy] The domain set on the machine does not exist on the Kerberos server, or the Kerberos server address set on the machine is invalid for connection. Check whether the domain name and the server address have been correctly set on the machine.
- Page 56 016-583 [Cause] The machine failed to transfer data using [FTP] of the [Scan to PC] feature because lock folder creation was not successful on the FTP server after connection. [Remedy] Take one of the following actions: If any lock directory (.LCK ) exists in the forwarding destination, delete it manually, then try executing the job again.
- Page 57 016-704 [Cause] The folder is full, and hard disk capacity is insufficient. [Remedy] Delete unnecessary files from the folder, and save the file. 016-705 [Cause] Secure print documents cannot be registered because of hard disk malfunction. [Remedy]Contact the Customer Support Center. Refer to Secure Print.
- Page 58 016-781 [Cause] Unable to connect to the SMTP server. Unable to establish a connection between the machine and the server. Although the connection between the machine and the server has been established, ASCII characters are not used for the host name specified on the machine.
- Page 59 018-547 [Cause] The machine failed to transfer data using SMB of the Scan to PC service because the number of users logging into the SMB server exceeded the limit when logging in to the SMB server. [Remedy] Take one of the following measures: Confirm how many users can access the shared folder.
- Page 60 027-707 [Cause] The S/MIME certificate associated with the machine’s email address has expired. [Remedy] Ask the sender to issue a new S/MIME certificate and import the certificate to the machine. 027-708 [Cause] The S/MIME certificate associated with the machine’s email address is not reliable.
-
Page 61: Security @ Xerox
Security @ Xerox For the latest information on security and operation concerning your device, see the Xerox Security Information website located at www.xerox.com/security. -
Page 62: Appendix
Appendix List of Operation Procedures Item Using Control Panel Using CentreWare Internet Default Services Check the Clock [System Settings] > [Common Service Settings] > [Machine Clock/Timers]. Use Passcode [Authentication/Security] > [Authentication] > Entry from [Passcode Policy] > [Passcode Entry from Control Panel Control Panel] Change the... - Page 63 Set Auto Clear [System Settings] > [Common Service Settings] > [Machine Clock/Timers] > [Auto Clear] Set Report Print [System Settings] > [Common Service Settings] > [Reports] > [Print Reports] Set Self Test [System Settings] > [Common Service Settings] > [Maintenance] > [Power on Self Test] Set Software [System Settings] >...
- Page 64 General User Folder Service [System Settings] > [Folder Service Setting] Setting Stored File [System Settings] > [Stored File Setting ] Setting Create Folder [Setup Menu] > [Create Folder] Scan Tab > [Folder] > [Create] - Change User [Authentication/Security Settings] > [Security] >...
Need help?
Do you have a question about the 550 and is the answer not in the manual?
Questions and answers