DL manuals
Xerox
Printer
WORKCENTRE 5735
Information Manual

Xerox WORKCENTRE 5735 Information Manual

Other manuals for WORKCENTRE 5735: User Manual, System Administrator Manual, Datasheet, Brochure & Specs, Getting Started Manual, Secure Installation And Operation, System Administrator Manual, User Manual, User Instructions, How To Make A Copy

Page of 50

Download

Print this page

Bookmark us

Xerox WorkCentre

5735/5740/5745/5755/5765/5775/5790

Information Assurance Disclosure Paper

Version 2.0

Prepared by:

Larry Kovnat

Xerox Corporation

1350 Jefferson Road

Rochester, New York 14623

1 2 3 4 5 6 7 Next › »

Summary of WORKCENTRE 5735

Page 1
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper version 2.0 prepared by: larry kovnat xerox corporation 1350 jefferson road rochester, new york 14623.
Page 2
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 2 of 50 ©2010 xerox corporation. All rights reserved. Xerox and the sphere of connectivity design are trademarks of xerox corporation in the united states and/or other counties. Othe...
Page 3
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 3 of 50 1. Introduction ..................................................................................................................................5 1.1. Purpose ................
Page 4
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 4 of 50 3.2. Login and authentication methods ........................................................................................................................... 24 3.2.1. Sy...
Page 5
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 5 of 50 1. Introduction the workcentre 5735/5740/5745/5755/5765/5775/5790 multifunction systems are among the latest versions of xerox copier and multifunction devices for the genera...
Page 6
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 6 of 50 2. Device description this product consists of an in put document handler and scanner, marking engine including paper path, controller, and user interface. Figure 2-1 workcen...
Page 7
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 7 of 50 p c i b u s o p tic a l in te rfa c e b ut to ns a nd d is pl ay p h y s ic a l e x te rn a l in te rf a c e b u tt o n a n d t o e i n te rn a l w ir in g (p ro p ri e ta ry...
Page 8
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 8 of 50 security function subsystem security management controller graphical user interface table 1 security functions allocated to subsystems 2.2. Controller 2.2.1. Purpose the cont...
Page 9
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 9 of 50 non-volatile memory type (flash, eeprom, etc) size user modifiable (y/n) function or use process to sanitize flash rom 128mb n single board controller (boot code and system f...
Page 10
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 10 of 50 2.2.3. External connections figure 2-3 back panel connections interface description / usage fax line 1, rj-11 supports fax modem t.30 protocol only fax line 2, rj-11 support...
Page 11
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 11 of 50 usb target port direct-connect printing; xerox diagnostic tools (psw and cat) and xerox copier assistant table 5 usb ports 2.2. Fax module 2.3.1. Purpose the embedded fax se...
Page 12
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 12 of 50 volatile memory description type (sram, dram, etc) size user modifiable (y/n) function or use process to clear: sram 6kb n scanner volatile memory; no user image data stored...
Page 13
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 13 of 50 table 8 user interface memory components 2.6. Marking engine (also known as the image output terminal or iot) 2.6.1. Purpose the marking engine performs copy/print paper fee...
Page 14
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 14 of 50 figure 2-4 controller operating system layer components.
Page 15
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 15 of 50 2.7.3. Network protocols figure 2-5 is an interface diagram depicting the protocol stacks supported by the device, annotated according to the darpa model. Figure 2-5 ipv4 ne...
Page 16
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 16 of 50 figure 2-6 ipv6 network protocol stack 2.8. Logical access 2.8.1. Network protocols the supported network protocols are listed in appendix d and are implemented to industry ...
Page 17
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 17 of 50 device-initiated operations (like scanning) cannot assume the existence of the tunnel unless a print job (or other client initiated action) has been previously run since the...
Page 18
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 18 of 50 2.8.2.4. Port 80, http the embedded web pages communicate to the machine through a set of unique apis and do not have direct access to machine information: the http port can...
Page 19
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 19 of 50 2.8.2.5. Port 88, kerberos this port is only open when the device is communicating with the kerberos server to authenticate a user, and is only used only to authenticate use...
Page 20
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 20 of 50 2.8.2.7. Ports 137, 138, 139, netbios for print jobs, these ports support the submission of files for printing as well as support network authentication through smb. Port 13...
Page 21
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 21 of 50 2.8.2.13. Port 515, lpr this is the standard lpr printing port, which only supports ip printing. It is a configurable port, and may be explicitly enabled or disabled in the ...
Page 22
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 22 of 50 3. System access 3.1. Authentication model the authentication model allows for both local and network authentication and authorization. In the local and network cases, authe...
Page 23
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 23 of 50 figure 3-1 authentication and authorization schematic.
Page 24
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 24 of 50 3.2. Login and authentication methods there are a number of methods for different types of users to be authenticated. In addition, the connected versions of the product also...
Page 25
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 25 of 50 2) the domain controller responds back to the device whether or not the user was successfully authenticated. If (2) is successful, steps 3 – 5 proceed as described in steps ...
Page 26
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 26 of 50 3) the device sends an authentication request directly to the domain controller through the router using the ip address of the domain controller. 4) the domain controller re...
Page 27
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 27 of 50 3.4. Diagnostics 3.4.1. Service [all product configurations] to access onboard diagnostics from the local user interface, xerox service representatives must enter a unique 4...
Page 28
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 28 of 50 3.4.4.1. Access the xerox service technician must be authenticated twice: 1. The first password, called the psw lock facility, is obtained by calling a xerox service locatio...
Page 29
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 29 of 50 3) the psw will send a request for diagnostic service and a password. 4) assuming the password is authentic, the marking engine will either execute a marking engine diagnost...
Page 30
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 30 of 50 3.4.5. Summary as stated above, accessibility of customer documents, files or network resources is impossible via the psw. In the extremely unlikely event that someone did s...
Page 31
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 31 of 50 4. Security aspects of selected features 4.1. Audit log the device maintains a security audit log. Recording of security audit log data can be enabled or disabled by the sa....
Page 32
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 32 of 50 event id event description entry data 8 ifax job name user name completion status iio status accounting user id accounting account id total-number-of-smtp-recipients smtp-re...
Page 33
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 33 of 50 event id event description entry data 22 usb thumbdrive username device name device serial number usb port completion status (enabled/disabled) 23 scan to home username devi...
Page 34
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 34 of 50 event id event description entry data 37 ssl username device name device serial number completion status (enabled/disabled). 38 x509 certificate username device name device ...
Page 35
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 35 of 50 event id event description entry data 53 cpsr backup file name user name completion status (normal / error) iio status 54 cpsr restore file name user name completion status ...
Page 36
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 36 of 50 event id event description entry data 2 system shutdown device name device serial number 3 manual odio standard started device name device serial number 4 manual odio standa...
Page 37
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 37 of 50 event id event description entry data 13 efax job name user name completion status iio status accounting user id accounting account id total-fax-recipient-phone-numbers fax-...
Page 38
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 38 of 50 event id event description entry data 29 network user login userename device name device serial number completion status (success, failed) 30 sa login device name device ser...
Page 39
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 39 of 50 event id event description entry data 44 sw upgrade device name device serial number completion status (success, failed) 45 cloning device name device serial number completi...
Page 40
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 40 of 50 on demand, the sa will be able to download a report that shows activity for all of the users. The sa can add, modify or remove users and their allocations at any point. An e...
Page 41
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 41 of 50 4.5.1. Algorithm the overwrite mechanism for both iio and odio conforms to the u.S. Department of defense directive 5200.28-m (section 7, part 2, paragraph 7-202 2 . The alg...
Page 42
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 42 of 50 5. Responses to known vulnerabilities 5.1. Security @ xerox (www.Xerox.Com/security) xerox maintains an evergreen public web page that contains the latest security informati...
Page 43
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 43 of 50 6. Appendices 6.1. Appendix a – abbreviations api application programming interface amr automatic meter reads asic application-specific integrated circuit. This is a custom ...
Page 44
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 44 of 50 nvram non-volatile random access memory nvm non-volatile memory odio on-demand image overwrite pcl printer control language pdl page description language pin personal identi...
Page 45
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 45 of 50 6.2. Appendix b – supported mib objects notes : (1) the number of objects shown per mib group represents the number of objects defined by the ietf standard for that mib grou...
Page 46
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 46 of 50 rfc 1759 - printer mib group workcentre rfc 1213 - system group supported rfc 1213 - interface group supported rfc 1514 - storage group supported rfc 1514 - device group sup...
Page 47
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 47 of 50 rfc 1213 - mib-ii for tcp/ip group workcentre transmission group [0 objects] not applicable because the group has not yet been defined by the ietf snmp group [28 objects] su...
Page 48
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 48 of 50 6.3. Appendix c –standards controller hardware pci specification (pci local bus specification revision 2.1) 100 megabit ethernet (ieee 802.3) universal serial bus 1.1 parall...
Page 49
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 49 of 50 function rfc/standard document printing application (dpa) 10175 appletalk inside appletalk, second edition printing description languages postscript language reference, thir...
Page 50
Xerox workcentre 5735/5740/5745/5755/5765/5775/5790 information assurance disclosure paper ver. 2.00, march 2011 page 50 of 50 6.4. Appendix e – references kerberos faq http://www.Nrl.Navy.Mil/ccs/people/kenh/kerberos- faq.Html ip port numbers http://www.Iana.Org/assignments/port-numbers.