HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 21 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
Protection of the TSF 1.5.2.5
1.5.2.5.1 Restricted forwarding of data to external interfaces
The TOE allows an administrator to restrict the forwarding of data received from an External Interface to
the Shared-medium Interface. Specifically, the fax feature Fax Archive, which can automatically archive
faxes, can be enabled/disabled by an administrator. The administrator can control the destination of the
archived fax data. The TOE does not provide a pathway or support for commands necessary to achieve
network access.
1.5.2.5.2 TSF self-testing
The TOE contains a suite of self tests to test specific security functionality of the TOE. It contains data
integrity checks for testing specific TSF Data of the TOE and for testing the stored TOE executables.
1.5.2.5.3 Reliable timestamps
The TOE contains a system clock that is used to generate reliable timestamps.
TOE access protection 1.5.2.6
1.5.2.6.1 Inactivity timeout
The Control Panel supports an inactivity timeout in case users forget to logout of the Control Panel after
logging in.
1.5.2.6.2 Automatic logout
The Control Panel supports the following administrator-selectable automatic logout functions:
Sign out the user immediately after starting the job
Sign out the user 10 seconds after starting the job with the user-selectable option to remain
signed in
If the user signs in and never starts a job, the inactivity timeout feature will terminate the session.
Trusted channel communication and certificate management 1.5.2.7
The TOE supports IPsec to protect data being transferred over the Shared-medium Interface. IPsec uses
IP addresses and X.509v3 certificates to identify and authenticate the Network Client Computers and the
Administrative Computer as well as other trusted IT products to which the TOE connects (e.g., syslog
server, SMTP gateway).
The TOE uses several cryptographic algorithms with IPsec. These cryptographic algorithms, supplied by
the QuickSec cryptographic library, are all part of the Operational Environment, but the TOE controls the
usage of these algorithms. Also, the TOE uses a software-based random number generator in the
Operational Environment when creating symmetric encryption keys used as communications session
keys and secret keys used during data integrity verification.
In addition, the TOE provides certificate management functions used to manage (add, replace, delete)
X.509v3 certificates.
User and access management 1.5.2.8
The TOE provides management capabilities for managing its security functionality. The TOE supports the
following roles:
administrators (U.ADMINISTRATOR)
users (U.NORMAL)
To Next Page
Loading...