Xerox WORKCENTRE 7425 Supplementary Manual

Other manuals for WORKCENTRE 7425: Reference Manual, System Administrator Manual, User Manual, Brochure & Specs, Specifications, Evaluator Manual, Specifications, Quick Use Manual

Manual is about: WorkCentre 7400 series

Page of 49

Download

Print this page

Bookmark us

WorkCentre 7425/7428/7435

Security Function Supplementary

Guide

Version 1.0, August 2009

1 2 3 4 5 6 7 Next › »

Summary of WORKCENTRE 7425

Page 1
Workcentre 7425/7428/7435 security function supplementary guide version 1.0, august 2009.
Page 2
2 table of contents before using the security function .................................................................. 5 preface .......................................................................................................................................................5 security featur...
Page 3
3 authenticated users (with system administrator privileges).............................. 22 authenticated users (with no system administrator privileges) ...................... 22 unauthenticated users....................................................................................................
Page 4
4 select all....................................................................................................................... 34 print................................................................................................................................ 34 delete.........................
Page 5
5 before using the security function preface this guide is intended for the manager and system administrator of the organization where the machine is installed, and describes the setup procedures related to security. And for general users, this guide describes the operations related to security feat...
Page 6
6 security features workcentre 7425/7428/7435 has the following security features: • hard disk data overwrite • hard disk data encryption • user authentication • system administrator’s security management • customer engineer operation restriction • security audit log • internal network data protecti...
Page 7
7 data restoration the enciphered data cannot be restored in the following conditions. • when a trouble occurs in the hard disk. • when you have forgotten the encryption key. • when you have forgotten the system administrator id and a passcode when making [service rep. Restricted operation] set to [...
Page 8
8 use of the overwrite hard disk in order to protect data stored on the hard disk from unauthorized retrieval, you can set the overwrite conditions to apply to data stored on the hard disk. You can select the number of overwrite passes from one time or three times. When [1 overwrite] is selected, “0...
Page 9
9 for optimal performance of the security features the manager (of the organization that the machine is used for) needs to follow the instructions below: • assign appropriate persons as system and machine administrators, and manage and train them properly. • if the network where the machine is insta...
Page 10
10 confirm the machine rom version and the system clock before initial settings, the system administrator (machine administrator) has to check the machine rom version and the system clock of the machine. How to check by control panel 1. Press the button on the control panel. 2. Select [machine infor...
Page 11
11 initial settings procedures using control panel this chapter describes the initial settings related to security features, and how to set them on the machine’s control panel. Authentication for entering the system administration mode 1. Press the button on the control panel. 2. Enter "admin" with ...
Page 12
12 set service rep. Restricted operation 1. Select [system settings] on the [tools] screen. 2. Select [common service settings]. 3. Select [other settings]. 4. On the [other settings] screen, select [service rep. Restricted operation]. 5. Select [change settings]. 6. Select [on]. 7. Select [maintena...
Page 13
13 set authentication 1. Select [authentication/security settings] on the [tools] screen. 2. Select [authentication]. 3. Select [login type]. 4. On the [login type] screen, select [login to local accounts]. 5. Select [save] set access control 1. Select [authentication/security settings] on the [tool...
Page 14
14 set user passcode minimum length 1. Select [authentication/security settings] on the [tools] screen. 2. Select [authentication]. 3. Select [passcode policy]. 4. On the [passcode policy] screen, select [minimum passcode length]. 5. Select [change settings]. 6. On the [minimum passcode length] scre...
Page 15
15 initial settings procedures using centreware internet services this section describes the initial settings related to security features, and how to set them on centreware internet services. Preparations for settings on the centreware internet services prepare a computer supporting the tcp/ip prot...
Page 16
16 set ssl/tsl 1. Click [+] on the [security] folder on the [properties] screen. 2. Click [machine digital certificate management]. 3. Click the [create new self signed certificate] button. 4. Set the size of the public key as necessary. 5. Set issuer as necessary. 6. Click the [apply] button. 7. Cl...
Page 17
17 set ipsec note: before setting [digital signature] for [ike authentication method], you will have to import an ipsec certificate according to same procedure as "configuring machine certificates" (3.4). 1. Click [+] on the left of the [security] folder on the [properties] screen. 2. Click [ipsec]....
Page 18
18 set snmpv3 1. Click [+] on the left of the [connectivity] folder on the [properties] screen. 2. Click [+] on the left of the [protocols] folder. 3. Click [snmp configuration]. 4. Check the [enable snmpv3 protocol] box. 5. Uncheck the [enable snmp v1/v2c protocols] box. 6. Click the [apply] button...
Page 19
19 set s/mime note: • to use e-mail with this machine, e-mail function has to be enabled and configured as stated in the system administrator guide’s "scan to e-mail". • before s/mime setting, you will have to import an s/mime certificate according to same procedure as "configuring machine certifica...
Page 20
20 regular review by audit log this section describes the setting and importing method for the audit log from the system administrator client via centreware internet services. The audit log, regularly reviewed by the security administrator, often with the aid of third party analyzing tools, helps to...
Page 21
21 authentication for the secure operation the machine has a unique authentication feature that restricts the ability to use functions. This chapter contains information for system administrators and general users on the features used to change the settings and on the setting procedures. Overview of...
Page 22
22 authenticated users (with system administrator privileges) these are users who are assigned the system administrator privileges. When a restricted service is used, this type of user must enter a user id on the authentication screen. This type of user has the same privileges as the machine adminis...
Page 23
23 functions controlled by authentication the following explains the functions that are restricted by the authentication feature. Restriction depends on which of the following two ways the machine is used. • local access • remote access for more information on the restrictions to folder and job flow...
Page 24
24 print printing is limited to print jobs sent from a computer. To use the accounting feature, use the print driver to set account information such as user id and passcode. If verification using account information fails for a print job, the print data will be either saved in the machine or deleted...
Page 25
25 authentication for folder the following explains the restrictions for job flow sheets and folder when the authentication feature is enabled. Note: when a user account is deleted, the folder and job flow sheets associated with the account are also deleted. Any files stored in the folder will also ...
Page 26
26 operations available for folder. The following table shows the relationship with the folder for each user type when the authentication feature is enabled. System administrator and authenticated users folder operation shared by machine administrator personal (owner) personal (other) create x o x d...
Page 27
27 machine administrator folder operation shared by machine administrator personal create o x display o o delete o o change settings o o display file o o delete file o o store file*1 o o print file*1 o o display o o link o o auto run o o job flow sheet manual run o o o: operation available x: operat...
Page 28
28 operation using control panel this chapter contains information on the operation of using control panel to use security features for system administrator and authenticated users. User authentication before the use of all services and settings, user needs id and passcode authentication. 6. Press t...
Page 29
29 user id allows you to enter a user id using the screen keyboard. You can enter up to 32 alphanumeric characters including spaces as a user id. User name allows you to enter a user name using the screen keyboard. You can enter up to 32 alphanumeric characters including spaces as a user name. Passc...
Page 30
30 change user passcode by general user this feature allows authenticated users (the procedure as described "user authentication " (6.1)) to change the registered passcode. 1. Authenticate by the procedure as described [user authentication ](6.1). 2. Select [user details setup]. 3. Select [change pa...
Page 31
31 folder / stored file settings this section describes the features that allow a system administrator to configure various settings for folder created for saving confidential incoming fax files or scanned files. Folder service settings this feature allows you to specify whether to discard files onc...
Page 32
32 stored file settings this feature allows you to select whether files stored in a folder are automatically deleted. You can set how long files are kept and time of the deletion. You can also select whether individual files are deleted or not. 1. Select [stored file settings] under [system settings...
Page 33
33 create folder this feature allows users to create folder for saving confidential incoming fax files or scanned files. Fax files in folder can be printed out at a convenient time and scanned files in folder can be imported to computers. 1. Select [create folder] on the [setup menu] screen. 2. Sele...
Page 34
34 send from folder this section describes the folder features that allow you to check, print, or delete files in the private folder displayed on the [send from folder] screen. Some folders, however, may require you to enter a passcode, depending on the operation you attempt. Private folder created ...
Page 35
35 private charge print the private charge print feature temporarily stores files per user id, until a user logs in and manually prints them from the machine’s control panel. This feature only displays files of a logged-in user, and thus provides security and privacy to files stored in the machine. ...
Page 36
36 operation using centreware internet services this chapter contains information on the operation of using centreware internet services, to use security features for system administrator and authenticated users. The centreware internet services program uses the embedded web user interface which ena...
Page 37
37 accessing centreware internet services follow the steps below to access centreware internet services. At a client workstation on the network, launch an internet browser. In the url field, enter “http://” followed by the ip address or internet address of the machine. Then press the key on the keyb...
Page 38
38 print this page allows you to specify printing and paper parameters, enter accounting information, and select the delivery method for your print job. Follow the steps below to select the features available on the [print] tab. Click [print] on the main panel of the home page. The [job submission] ...
Page 39
39 scan (folder operation) this page allows you to configure folder. Follow the steps below to select the features available on the [scan] tab. Click [scan] on the main panel of the home page. Select the folder hot link. The [folder] page is displayed. Folder icons clicking the icon of a registered ...
Page 40
40 folder: list of files the following table shows the setting items available on the [folder: list of files] page. Folder number displays the folder number of the selected folder. Folder name displays the name of the selected folder. File number displays the file numbers of the files stored in the ...
Page 41
41 folder setup the following table shows the setting items available on the [folder setup] page. Folder number displays the number of the selected folder. Folder name displays the name of the folder. Folder passcode displays the passcode to the folder. To change the passcode, enter it with up to 20...
Page 42
42 change user passcode by system administrator (using centreware internet services) 1. Open your web browser and enter the tcp/ip address of the machine in the address or location field press the key. 2. Enter system administrator’s id and passcode if prompted. 3. Click the [properties] tab. 4. Cli...
Page 43
43 problem solving this chapter describes solutions to problems that you may come across while using the machine and centreware internet services. The machine has certain built-in diagnostic capabilities to help identify problems and faults, and displays error messages on the control panel and web b...
Page 44
44 fault codes when a fault occurs, the touch screen displays a message on how to clear the fault. Some faults indicate customer maintenance, while others require the attention of the system administrator. The following table represents some of the fault codes relating to security functions and thei...
Page 45
45 016-581 the machine failed to transfer data via ftp using the scan to pc service because the suffix of the file or folder name exceeded the limit after connection. Change the file name, or change the destination folder on the ftp server. Or, move or delete files from the destination folder. 016-5...
Page 46
46 016-748 unable to print due to insufficient hard disk space. Reduce the number of pages in print data, for instance by dividing the print data, or by printing one copy at a time when making multiple copies. 016-764 unable to connect to the smtp server. Contact the system administrator. 016-765 un...
Page 47
47 018-505 one of the following problems has occurred. If the error occurred during smb authentication: • the user id or passcode you entered was not correct, and thus the authentication failed. • the time setting of the smb server and that of the machine do not match(windows server 2003 only).If th...
Page 48
48 appendix list of setting procedures item using control panel using centreware internet services check the clock [system settings] [common service settings] [machine clock/timers]. - use passcode entry from control panel [authentication/security] [authentication] [passcode policy] [passcode entry ...
Page 49
49 set ipsec [system settings] [connectivity & network setup] [security settings] [ipsec settings] [security] [ipsec] set snmpv3 - [connectivity] [protocols] [snmp configuration] set s/mime [system settings] [connectivity & network setup] [security settings] [s/mime settings] [security] [ssl/tls set...