1. DL manuals
  2. Xerox
  3. Scanner
  4. WorkCentre 6400
  5. Information Manual

Xerox WorkCentre 6400 Information Manual

Manual is about: User Guide

Summary of WorkCentre 6400

  • Page 1

    Xerox workcentre 6400 multifunction system information assurance disclosure paper version 1.0 prepared by: larry kovnat xerox corporation 1350 jefferson road rochester, new york 14623.

  • Page 2

    Xerox workcentre 6400 information assurance disclosure paper 2 ver. 1.00, may 2010 page 2 of 44 ©2010 xerox corporation. All rights reserved. Xerox and the sphere of connectivity design are trademarks of xerox corporation in the united states and/or other counties. Other company trademarks are also ...

  • Page 3

    Xerox workcentre 6400 information assurance disclosure paper 3 ver. 1.00, may 2010 page 3 of 44 1. Introduction ..................................................................................................................................5 1.1. Purpose ..............................................

  • Page 4

    Xerox workcentre 6400 information assurance disclosure paper 4 ver. 1.00, may 2010 page 4 of 44 3.2. Login and authentication methods ........................................................................................................................25 3.2.1. System administrator login [all prod...

  • Page 5

    Xerox workcentre 6400 information assurance disclosure paper 5 ver. 1.00, may 2010 page 5 of 44 1. Introduction the workcentre 6400 multifunction system is among the latest versions of xerox copier and multifunction devices for the general office. 1.1. Purpose the purpose of this document is to disc...

  • Page 6

    Xerox workcentre 6400 information assurance disclosure paper 6 ver. 1.00, may 2010 page 6 of 44 2. Device description this product consists of an in put document handler and scanner, marking engine including paper path, controller, and user interface. Not shown in the picture below are optional addi...

  • Page 7

    Xerox workcentre 6400 information assurance disclosure paper 7 ver. 1.00, may 2010 page 7 of 44 fax module image output terminal (also known as marking engine) controller/gui power supply scanner / document handler po we r i nt er fa ce toe int ernal w iring (pr oprietar y) toe internal wiring (prop...

  • Page 8

    Xerox workcentre 6400 information assurance disclosure paper 8 ver. 1.00, may 2010 page 8 of 44 security function subsystem security management controller graphical user interface table 1 security functions allocated to subsystems 2.2. Controller 2.2.1. Purpose the controller provides both network a...

  • Page 9

    Xerox workcentre 6400 information assurance disclosure paper 9 ver. 1.00, may 2010 page 9 of 44 non-volatile memory description type (flash, eeprom, etc) size user modifiable (y/n) function or use process to clear: flash 16mb via diagnostics & software upgrade u-boot, iotif fpga code, sw upgrade boo...

  • Page 10

    Xerox workcentre 6400 information assurance disclosure paper 10 ver. 1.00, may 2010 page 10 of 44 2.2.3. External connections figure 2-3 back panel connections interface description / usage scanner proprietary connection between the scanner and controller usb host port software upgrade module, netwo...

  • Page 11

    Xerox workcentre 6400 information assurance disclosure paper 11 ver. 1.00, may 2010 page 11 of 44 foreign device interface (fdi) allows connection of optional access control hardware table 4 controller external connections 2.2.4. Usb host port the workcentre 6400 contains a host connector for a usb ...

  • Page 12

    Xerox workcentre 6400 information assurance disclosure paper 12 ver. 1.00, may 2010 page 12 of 44 2.4. Scanner 2.4.1. Purpose the purpose of the scanner is to provide mechanical transport of hardcopy originals and to convert hardcopy originals to electronic data. 2.4.2. Hardware the scanner converts...

  • Page 13

    Xerox workcentre 6400 information assurance disclosure paper 13 ver. 1.00, may 2010 page 13 of 44 volatile memory description type (sram, dram, etc) size user modifiable (y/n) function or use process to clear: sram within the fpga 87kb n display logic, data buffers power off system additional inform...

  • Page 14

    Xerox workcentre 6400 information assurance disclosure paper 14 ver. 1.00, may 2010 page 14 of 44 non-volatile memory description type (flash, eeprom, etc) size user modifiable (y/n) function or use process to clear: eeprom 16kb n control set points, configuration settings none eeprom (crums) 1kb n ...

  • Page 15

    Xerox workcentre 6400 information assurance disclosure paper 15 ver. 1.00, may 2010 page 15 of 44 figure 2-4 controller operating system layer components 2.7.3. Network protocols figure 2-5 is an interface diagram depicting the protocol stacks supported by the device, annotated according to the darp...

  • Page 16

    Xerox workcentre 6400 information assurance disclosure paper 16 ver. 1.00, may 2010 page 16 of 44 figure 2-5 ipv4 network protocol stack.

  • Page 17

    Xerox workcentre 6400 information assurance disclosure paper 17 ver. 1.00, may 2010 page 17 of 44 figure 2-6 ipv6 network protocol stack 2.8. Logical access 2.8.1. Network protocols the supported network protocols are listed in appendix d and are implemented to industry standard specifications (i.E....

  • Page 18

    Xerox workcentre 6400 information assurance disclosure paper 18 ver. 1.00, may 2010 page 18 of 44 device-initiated operations (like scanning) cannot assume the existence of the tunnel unless a print job (or other client initiated action) has been previously run since the last boot at either end of t...

  • Page 19

    Xerox workcentre 6400 information assurance disclosure paper 19 ver. 1.00, may 2010 page 19 of 44 the embedded web pages communicate to the machine through a set of unique apis and do not have direct access to machine information: the http port can only access the http server residing in the control...

  • Page 20

    Xerox workcentre 6400 information assurance disclosure paper 20 ver. 1.00, may 2010 page 20 of 44 software. However, there are a few deviations our version of kerberos takes from the standard kerberos implementation from mit. These deviations are: 1) the device does not keep a user’s initial authent...

  • Page 21

    Xerox workcentre 6400 information assurance disclosure paper 21 ver. 1.00, may 2010 page 21 of 44 the device supports snmpv3, which is an encrypted version of the snmp protocol that uses a shared secret. Secure sockets layer must be enabled before configuring the shared secret needed for snmpv3. 2.8...

  • Page 22

    Xerox workcentre 6400 information assurance disclosure paper 22 ver. 1.00, may 2010 page 22 of 44 2.8.2.17. Port 9100, raw ip this allows downloading a pdl file directly to the interpreter. This port has limited bi-directionality (via pjl back channel) and allows printing only. This is a configurabl...

  • Page 23

    Xerox workcentre 6400 information assurance disclosure paper 23 ver. 1.00, may 2010 page 23 of 44 3. System access 3.1. Authentication model the authentication model allows for both local and network authentication and authorization. In the local and network cases, authentication and authorization t...

  • Page 24

    Xerox workcentre 6400 information assurance disclosure paper 24 ver. 1.00, may 2010 page 24 of 44 figure 3-1 authentication and authorization schematic.

  • Page 25

    Xerox workcentre 6400 information assurance disclosure paper 25 ver. 1.00, may 2010 page 25 of 44 3.2. Login and authentication methods there are a number of methods for different types of users to be authenticated. In addition, the connected versions of the product also log into remote servers. A d...

  • Page 26

    Xerox workcentre 6400 information assurance disclosure paper 26 ver. 1.00, may 2010 page 26 of 44 authentication steps: 1) the device sends an authentication request directly to the domain controller through the router using the ip address of the domain controller. 2) the domain controller responds ...

  • Page 27

    Xerox workcentre 6400 information assurance disclosure paper 27 ver. 1.00, may 2010 page 27 of 44 3.3. System accounts 3.3.1. Printing [multifunction models only] the device may be set up to connect to a print queue maintained on a remote print server. The login name and password are sent to the pri...

  • Page 28

    Xerox workcentre 6400 information assurance disclosure paper 28 ver. 1.00, may 2010 page 28 of 44 3.4.3. Summary as stated above, accessibility of customer documents, files or network resources is impossible via the psw. In the extremely unlikely event that someone did spoof the xerox proprietary pr...

  • Page 29

    Xerox workcentre 6400 information assurance disclosure paper 29 ver. 1.00, may 2010 page 29 of 44 4. Security aspects of selected features 4.1. Audit log the device maintains a security audit log. Recording of security audit log data can be enabled or disabled by the sa. The audit log is implemented...

  • Page 30

    Xerox workcentre 6400 information assurance disclosure paper 30 ver. 1.00, may 2010 page 30 of 44 event id event description entry data 8 ifax job name user name completion status iio status accounting user id accounting account id total-number-of-smtp-recipients smtp-recipients 9 email job job name...

  • Page 31

    Xerox workcentre 6400 information assurance disclosure paper 31 ver. 1.00, may 2010 page 31 of 44 event id event description entry data 22 usb thumbdrive username device name device serial number usb port completion status (enabled/disabled) 23 scan to home username device name device serial number ...

  • Page 32

    Xerox workcentre 6400 information assurance disclosure paper 32 ver. 1.00, may 2010 page 32 of 44 event id event description entry data 37 ssl username device name device serial number completion status (enabled/disabled). 38 x509 certificate username device name device serial number completion stat...

  • Page 33

    Xerox workcentre 6400 information assurance disclosure paper 33 ver. 1.00, may 2010 page 33 of 44 4.2. Xerox standard accounting xerox standard accounting (xsa), intended primarily for use as an accounting service, can be used as an internal authorization service. Xsa tracks copy, scan (including fi...

  • Page 34

    Xerox workcentre 6400 information assurance disclosure paper 34 ver. 1.00, may 2010 page 34 of 44 4.5. Image overwrite the image overwrite security feature provides both immediate image overwrite (iio) and on-demand image overwrite (odio) functions. Immediately before a job is considered complete, i...

  • Page 35

    Xerox workcentre 6400 information assurance disclosure paper 35 ver. 1.00, may 2010 page 35 of 44 4.5.3. Overwrite timing the odio overwrite time is dependent on the type of hard disk in the product. The overwrite and reset average time is 10 minutes, but longer times are possible. Iio is performed ...

  • Page 36

    Xerox workcentre 6400 information assurance disclosure paper 36 ver. 1.00, may 2010 page 36 of 44 5. Responses to known vulnerabilities 5.1. Security @ xerox (www.Xerox.Com/security) xerox maintains an evergreen public web page that contains the latest security information pertaining to its products...

  • Page 37

    Xerox workcentre 6400 information assurance disclosure paper 37 ver. 1.00, may 2010 page 37 of 44 6. Appendices 6.1. Appendix a – abbreviations api application programming interface amr automatic meter reads asic application-specific integrated circuit. This is a custom integrated circuit that is un...

  • Page 38

    Xerox workcentre 6400 information assurance disclosure paper 38 ver. 1.00, may 2010 page 38 of 44 odio on-demand image overwrite pcl printer control language pdl page description language pin personal identification number pwba printed wire board assembly rfc required functional capability sa system...

  • Page 39

    Xerox workcentre 6400 information assurance disclosure paper 39 ver. 1.00, may 2010 page 39 of 44 6.2. Appendix b – supported mib objects notes : (1) the number of objects shown per mib group represents the number of objects defined by the ietf standard for that mib group. It does not represent the ...

  • Page 40

    Xerox workcentre 6400 information assurance disclosure paper 40 ver. 1.00, may 2010 page 40 of 44 rfc 1759 - printer mib group workcentre rfc 1213 - system group supported rfc 1213 - interface group supported rfc 1514 - storage group supported rfc 1514 - device group supported general group [7 objec...

  • Page 41

    Xerox workcentre 6400 information assurance disclosure paper 41 ver. 1.00, may 2010 page 41 of 44 rfc 1213 - mib-ii for tcp/ip group workcentre transmission group [0 objects] not applicable because the group has not yet been defined by the ietf snmp group [28 objects] supported system object resourc...

  • Page 42

    Xerox workcentre 6400 information assurance disclosure paper 42 ver. 1.00, may 2010 page 42 of 44 6.3. Appendix c –standards controller hardware pci specification (pci local bus specification revision 2.1) 100 megabit ethernet (ieee 802.3) universal serial bus 1.1 parallel (ieee 1284) ieee 1394a (fi...

  • Page 43

    Xerox workcentre 6400 information assurance disclosure paper 43 ver. 1.00, may 2010 page 43 of 44 function rfc/standard appletalk inside appletalk, second edition printing description languages postscript language reference, third edition pcl6 (pcl5e 5si emulation) pcl6 (pclxl 5m emulation) tiff 6.0...

  • Page 44

    Xerox workcentre 6400 information assurance disclosure paper 44 ver. 1.00, may 2010 page 44 of 44 6.4. Appendix e – references kerberos faq http://www.Nrl.Navy.Mil/ccs/people/kenh/kerberos-faq.Html ip port numbers http://www.Iana.Org/assignments/port-numbers.