1. DL manuals
  2. Xerox
  3. All in One Printer
  4. WorkCentre 3550
  5. Information Manual

Xerox WorkCentre 3550 Information Manual

Summary of WorkCentre 3550

  • Page 1

    Xerox workcentre 3550 information assurance disclosure paper version 1.2 prepared by: mark bixler xerox corporation 800 phillips road webster, new york 14580

  • Page 2

    Xerox workcentre 3550 information assurance disclosure paper 2 ver. 1.3, march 2011 page 2 of 32 ©2011 xerox corporation. All rights reserved. Xerox and the sphere of connectivity design are trademarks of xerox corporation in the united states and/or other counties. Other company trademarks are also...

  • Page 3

    Xerox workcentre 3550 information assurance disclosure paper 3 ver. 1.3, march 2011 page 3 of 32 1. Introduction ..................................................................................................................................5 1.1. Purpose .............................................

  • Page 4

    Xerox workcentre 3550 information assurance disclosure paper 4 ver. 1.3, march 2011 page 4 of 32 3.2. Login and authentication methods ........................................................................................................................... 21 3.2.1. System administrator login [all...

  • Page 5

    Xerox workcentre 3550 information assurance disclosure paper 5 ver. 1.3, march 2011 page 5 of 32 1. Introduction the workcentre 3550 multifunction systems are among the latest versions of xerox copier and multifunction devices for the general office. 1.1. Purpose the purpose of this document is to d...

  • Page 6

    Xerox workcentre 3550 information assurance disclosure paper 6 ver. 1.3, march 2011 page 6 of 32 2. Device description this product consists of an input document handler and scanner, marking engine including paper path, controller, and user interface. Figure 2-1 workcentre multifunction system docum...

  • Page 7

    Xerox workcentre 3550 information assurance disclosure paper 7 ver. 1.3, march 2011 page 7 of 32 2.1. Security-relevant subsystems 2.1.1. Physical partitioning the security-relevant subsystems of the product are partitioned as shown in figure 2-2. Figure 2-2 system functional block diagram.

  • Page 8

    Xerox workcentre 3550 information assurance disclosure paper 8 ver. 1.3, march 2011 page 8 of 32 2.1.2. Security functions allocated to subsystems security function subsystem system authentication controller graphical user interface network authentication controller graphical user interface cryptogr...

  • Page 9

    Xerox workcentre 3550 information assurance disclosure paper 9 ver. 1.3, march 2011 page 9 of 32 2.2. Controller 2.2.1. Purpose the controller provides both network and direct-connect external interfaces, and enables copy, print, email, network scan and lanfax functionality. Network scanning and lan...

  • Page 10

    Xerox workcentre 3550 information assurance disclosure paper 10 ver. 1.3, march 2011 page 10 of 32 2.2.3. External connections table 3 controller external connections figure 2-3 back panel connections 2.2.4. Usb ports the workcentre 3550 contains a host connector for a usb flash drive, enabling prin...

  • Page 11

    Xerox workcentre 3550 information assurance disclosure paper 11 ver. 1.3, march 2011 page 11 of 32 2.3 fax module 2.3.1. Purpose the embedded fax service uses the installed embedded fax card to send and receive images over the telephone interface. 2.3.2. Hardware the fax card connects directly to th...

  • Page 12

    Xerox workcentre 3550 information assurance disclosure paper 12 ver. 1.3, march 2011 page 12 of 32 2.5. Local user interface (lui) 2.5.1. Purpose the lui detects hard button actuations, and provides text and graphical prompts to the user. Images are not transmitted to or stored in the lui. The start...

  • Page 13

    Xerox workcentre 3550 information assurance disclosure paper 13 ver. 1.3, march 2011 page 13 of 32 2.7. System software structure 2.7.1. Open-source components open-source components in the connectivity layer implement high-level protocol services. The security-relevant connectivity layer components...

  • Page 14

    Xerox workcentre 3550 information assurance disclosure paper 14 ver. 1.3, march 2011 page 14 of 32 2.7.3. Network protocols figure 2- is an interface diagram depicting the protocol stacks supported by the device, annotated according to the darpa model. Figure 2-4 ipv4 network protocol stack.

  • Page 15

    Xerox workcentre 3550 information assurance disclosure paper 15 ver. 1.3, march 2011 page 15 of 32 figure 2-5 ipv6 network protocol stack 2.8. Logical access 2.8.1. Network protocols the supported network protocols are listed in appendix c and are implemented to industry standard specifications (i.E...

  • Page 16

    Xerox workcentre 3550 information assurance disclosure paper 16 ver. 1.3, march 2011 page 16 of 32 device-initiated operations (like scanning) cannot assume the existence of the tunnel unless a print job (or other client initiated action) has been previously run since the last boot at either end of ...

  • Page 17

    Xerox workcentre 3550 information assurance disclosure paper 17 ver. 1.3, march 2011 page 17 of 32 2.8.2.3. Port 68, dhcp this port is used only when performing dhcp, and is not open all of the time. To permanently close this port, dhcp must be explicitly disabled. This is done in user tools via the...

  • Page 18

    Xerox workcentre 3550 information assurance disclosure paper 18 ver. 1.3, march 2011 page 18 of 32 2.8.2.5. Port 88, kerberos this port is only open when the device is communicating with the kerberos server to authenticate a user, and is only used only to authenticate users in conjunction with the n...

  • Page 19

    Xerox workcentre 3550 information assurance disclosure paper 19 ver. 1.3, march 2011 page 19 of 32 2.8.2.7. Ports 161, 162, snmp these ports support the snmpv1, snmpv2c, and snmpv3 protocols. Please note that snmp v1 does not have any password or community string control. Snmpv2 relies on a communit...

  • Page 20

    Xerox workcentre 3550 information assurance disclosure paper 20 ver. 1.3, march 2011 page 20 of 32 2.8.2.15. Port 636, sldap this is the standard ldap port when using ssl for address book queries in the scan to email feature. 2.8.2.16. Port 1124, network scan utility this port supports the xerox net...

  • Page 21

    Xerox workcentre 3550 information assurance disclosure paper 21 ver. 1.3, march 2011 page 21 of 32 3. System access 3.1. Authentication model the authentication model allows for the following: • local authentication: provides access to the scan to network and scan to email services. User account inf...

  • Page 22

    Xerox workcentre 3550 information assurance disclosure paper 22 ver. 1.3, march 2011 page 22 of 32 5) if the ldap query is successful, the user’s email address is placed in the from: field. Otherwise, the default from: is used. 6) the user may then add recipient addresses by accessing the address bo...

  • Page 23

    Xerox workcentre 3550 information assurance disclosure paper 23 ver. 1.3, march 2011 page 23 of 32 1) the device sends the domain controller hostname to the dns server. Figure 3-2 smb authentication with hostname 2) the dns server returns the ip address of the domain controller 3) the device sends a...

  • Page 24

    Xerox workcentre 3550 information assurance disclosure paper 24 ver. 1.3, march 2011 page 24 of 32 3.3. System accounts 3.3.1. Printing [multifunction models only] the device may be set up to connect to a print queue maintained on a remote print server. The login name and password are sent to the pr...

  • Page 25

    Xerox workcentre 3550 information assurance disclosure paper 25 ver. 1.3, march 2011 page 25 of 32 4. Security aspects of selected features 4.1. Smart esolutions smart esolutions provides the ability to automatically send data to xerox to be used for billing (meter assistant) and toner replenishment...

  • Page 26

    Xerox workcentre 3550 information assurance disclosure paper 26 ver. 1.3, march 2011 page 26 of 32 5. Responses to known vulnerabilities 5.1. Security @ xerox (www.Xerox.Com/security) xerox maintains an evergreen public web page that contains the latest security information pertaining to its product...

  • Page 27

    Xerox workcentre 3550 information assurance disclosure paper 27 ver. 1.3, march 2011 page 27 of 32 6. Appendices 6.1. Appendix a – abbreviations api application programming interface amr automatic meter reads asic application-specific integrated circuit. This is a custom integrated circuit that is u...

  • Page 28

    Xerox workcentre 3550 information assurance disclosure paper 28 ver. 1.3, march 2011 page 28 of 32 nvm non-volatile memory pcl printer control language pdl page description language pin personal identification number pwba printed wire board assembly rfc required functional capability sa system admin...

  • Page 29

    Xerox workcentre 3550 information assurance disclosure paper 29 ver. 1.3, march 2011 page 29 of 32 6.2. Appendix b – supported mib objects notes : (1) the number of objects shown per mib group represents the number of objects defined by the ietf standard for that mib group. It does not represent the...

  • Page 30

    Xerox workcentre 3550 information assurance disclosure paper 30 ver. 1.3, march 2011 page 30 of 32 rfc 1514 – host resources mib group workcentre system group [ 7 objects] supported storage group [ 8 objects] supported devices group [ 6 objects] supported processor table [ 2 objects] supported netwo...

  • Page 31

    Xerox workcentre 3550 information assurance disclosure paper 31 ver. 1.3, march 2011 page 31 of 32 6.3. Appendix c –standards controller software function rfc/standard internet protocol 950 internet standard subnetting procedure 919 broadcasting internet datagrams 922 transmission control protocol (...

  • Page 32

    Xerox workcentre 3550 information assurance disclosure paper 32 ver. 1.3, march 2011 page 32 of 32 portable document format reference manual version 1.3 6.4. Appendix e – references kerberos faq http://www.Nrl.Navy.Mil/ccs/people/kenh/kerberos-faq.Html ip port numbers http://www.Iana.Org/assignments...