o Kerberos and TLS support are available for protecting
communication with a remote authentication server.
Authentication & access control. In the evaluated configuration, the
TOE requires users and system administrators to authenticate before
granting access to user (copy, print, fax etc) or system administration
functions via the Web User Interface (Web UI) or the Local User
Interface (LUI). The user or system administrator must enter a
username and password at either the Web UI or the LUI. The
password is obscured as it is being entered. The TOE provides role
based access control as configured by the system administrator.
Network authentication. The TOE supports smart card, Kerberos and
The TOE is an MFD that provides copy and print, document scanning and
optional fax services.
Required Non-TOE Hardware, Software and
The TOE does not require any additional hardware, software or firmware in
order to function as a multi-function device. Additional features require non-
TOE support as follows:
Network security and fax flow features are only useful in environments
where the TOE is connected to a network or PSTN.
Network identification is only available when LDAP or Kerberos remote
authentication services are present in the environment.
Smart card authentication requires Federal Information Processing
Standard (FIPS) 201 Personal Identity Verification Common Access
Card (PIV-CAC) compliant smart cards and readers or equivalent. In
support of smart card authentication, a Windows Domain Controller
must also be present in the environment.
Xerox Multi-Function Device Security Target
2013 Xerox Corporation. All rights reserved.