Xerox WorkCentre 5735 Secure Installation And Operation page 7

ff). In the evaluated configuration the domain filtering option for E-mail was set to limit the domains to which Scan to E-mail
jobs can be sent. To enable the domain filtering option perform the following from the WebUI:
•
Select the Properties tab.
•
Select the following entries from the Properties 'Content menu':
•
Services
•
Select the [Edit] button under "Network Policies".
•
The Security:Distribution Restriction Web UI page will be displayed. Select one of the two desired options under
"Domain Filter Settings" other than 'Off' to enable the Email domain filtering feature. Add the desired domains to filter
Email and Internet Fax jobs to and set the other settings on this page as desired.
•
Select the [Save] button. This will ensure Email domain filtering is enabled.
gg). In the evaluated configuration the Hold All Jobs function should be configured so that Enablement is set to 'Hold All Jobs in
a Private Queue' and the Unidentified Jobs Policies is set to 'Hold Jobs; Only Administrators can Manage Jobs'. Follow the
instructions on page 32 of the SAG to access and configure the Hold All Jobs function.
hh). The following features and protocols are not included in the evaluation:
• Reprint from Saved Job
• SMart eSolutions
• Custom Services (Extensible Interface Platform or EIP)
• Network Accounting and Auxiliary Access
• NTP
• Use of Embedded Fax mailboxes.
• Direct USB Printing
• Web Services
ii). To enable and configure SNMPv3 follow the instructions in the "To Configure SNMP v3" section starting on page 103 of
the SAG. SNMPv3 cannot be enabled until SSL (Secure Sockets Layer) and HTTPS (SSL) are enabled on the machine. Once
SNMPv3 is enabled, however, SSL can be disabled and SNMPv3 will still function properly.
The System Administrator should be aware that in configuring SNMPv3 there is the option of resetting both the Privacy and
Authentication passwords back to their default values. This option should only be used if necessary since if the default
passwords are not known no one will be able to access the SNMP administrator account
2. Although not part of the evaluated configuration, Xerox recommends that if the use of SNMP v1/v2c is desired the System
Administrator change the SNMP v1/v2c public/private community strings from their default string names to random string
names.
3. Customers should sign up for the RSS
www.xerox.com/security that permits customers to view the latest Xerox Product Security Information and receive timely
reporting of security information about Xerox products, including the latest security patches.
4. The device should be installed in a standard office environment. Office personnel should be made aware of authorized service
calls (for example through appropriate signage) in order to discourage unauthorized physical attacks such as attempts to
remove the internal hard disk. The System Administrator should also ensure that office personnel are made aware to pick up the
outputs of print and copy jobs in a timely manner.
5. Customers who encounter or suspect software problems should immediately contact the Xerox Customer Support Center to
report the suspected problem and initiate the SPAR (Software Problem Action Request)
by Xerox customers.
5
The SNMP administrator account is strictly for the purposes of accessing and modifying the MIB objects via SNMP; it is separate from the System
Administrator "admin" user account or user accounts given SA privileges by the System Administrator "admin" user. The administrator account can
not perform any System Administrator functions.
6
RDF Site Summary, or Rich Site Summary, or Really Simple Syndication – A lightweight XML format for distributing news headlines and other
content on the Web. Details for signing up for this RSS Service are provided in the Security@Xerox RSS Subscription Service guide posted on the
Security@Xerox site at
http://www.xerox.com/go/xrx/template/009.jsp?view=Feature&ed_name=RSS_Security_at_Xerox&Xcntry=USA&Xlang=en_US.
7
A SPAR is the software problem report form used internally within Xerox to document customer-reported software problems found in products in
the field.
Email Setup. Select the Security tab
6
subscription service available via the Xerox Security Web Site (Security@Xerox) at
5
.
7
process for addressing problems found
6