13. If Embedded Fax is enabled and then subsequently disabled before there is a power failure or system crash and
Embedded Fax is then re-enabled after the device is restored to operational mode, the first ODIO that is
subsequently initiated may fail. If that situation occurs reinitiate the ODIO.
Note: When an ODIO fails under this scenario no Fax ODIO report may be printed, the WebUI may indicate that the
ODIO was successful, the Confirmation Report may indicate that the ODIO was 'Not Completed' because the device
lost power and the Audit Log may indicate that the ODIO was 'Cancelled'.
14. If there is a failure in the hard disk drive(s) a message recommending that an On Demand Image Overwrite be run
will appear on the Control Panel screen. An Immediate Image Overwrite Error Sheet will also be printed or may
contain incomplete status information. Immediately perform the requested On Demand Image Overwrite.
15. The time shown on the On Demand Overwrite progress screen displayed on the Control Panel may not reflect
Daylight Savings Time.
16. If an ODIO is successfully completed, the completion (finish) time shown on the printed On Demand Overwrite
Confirmation Report will be the time that the system shuts down.
17. Perform a Full ODIO immediately before the device is decommissioned, returned, sold or disposed of.
The device supports the use of SSLv2.0, SSLv3.0, RC4 and MD5. However, customers are advised to set the crypto policy
of their clients to request either SSLv3.1 or TLSv1.0 and to disallow the use of RC4 and MD5. The cryptographic module
supports additional ciphers that may be called by other unevaluated functions.
Using the device in FIPS mode will automatically restrict the device to using SSLv3/TLSv1 only.
When utilizing SSL for secure scanning:
SSL should be enabled and used for secure transmission of scan jobs.
When storing scanned images to a remote repository using an https: connection, a Trusted Certificate Authority
certificate should be uploaded to the device so the device can verify the certificate provided by the remote
When an SSL certificate for a remote SSL repository fails its validation checks the associated scan job will be deleted
and not transferred to the remote SSL repository. In this case the job status reported in the Completed Job Log for
this job will read: "Job could not be sent as a connection to the server could not be established".
The HTTPS protocol should be used to send scan jobs to a remote IT product.
Audit Log Notes:
In viewing the Audit Log the System Administrator should note the following:
Deletion of a file from Reprint Saved Job folders or deletion of a Reprint Saved Job folder itself is recorded in the
Deletion of a print or scan job or deletion of a scan-to-mailbox job from its scan-to-mailbox folder may not be
recorded in the Audit Log.
Extraneous process termination events (Event 50) may be recorded in the Audit Log when the device is rebooted
(Created/Uploaded/Downloaded) events (Event 38) may also be recorded.
Download and review the Audit Log on a daily basis. In downloading the Audit Log the System Administrator should
ensure that Audit Log records are protected after they have been exported to an external trusted IT product and
that the exported records are only accessible by authorized individuals.
If a system interruption such as power loss occurs a job in process may not be fully written to the hard disk
drive(s). In that case any temporary data created will be overwritten during job recovery but a corresponding record
for the job may not be recorded in the completed job log or audit log.
Once Embedded Device Security is enabled on the device, any attempts to read from read-protected files and
directories or to change write protected files and directories will result in a Security Alert being recorded in the Audit
Log. If configured, an email alert will also be sent.
Be careful not to create an IP Filtering rule that rejects incoming TCP traffic from all addresses with source port set to
80; this will disable the Web UI. Also, configure IP filtering so that traffic to open ports from external users (specified by
subnet mask) is dropped and so that following ports for web services are closed: tcp ports 53202, 53303, 53404 and
tcp/udp port 3702.
SNMPv3 cannot be enabled until SSL and HTTPS (SSL) are enabled on the machine. To enable SNMPv3 follow the
instructions for "Configuring SNMPv3" under "SNMP" in Section 3 of the SAG.