HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 22 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
Administrators have the authority to manage the security functionality of the TOE and to manage users.
Users can only manage user data that they have access to on the TOE.
1.5.3 TOE boundaries
Physical 1.5.3.1
The physical boundary of the TOE is the programs and data stored in the firmware of the HCD (except for
the embedded operating system and the QuickSec cryptographic library) and the English-language
guidance documentation.
It is typical for an HCD, and thus the TOE, to be shared by many users and for those users to have direct
physical access to the HCD. By design, users have easy access to some of the hardware features, such
as the Control Panel, the paper input trays, the paper output trays, the scanner, and the power button.
But other features such as the processor, volatile memory, and storage drive are located inside the HCD
in the formatter cage. The formatter cage can be secured to the HCD chassis using a combination lock,
thus, restricting normal user access to the components inside the cage.
Because of the restricted access to the storage drive, the drive is considered a non-removable non-
volatile storage device from the perspective of [PP2600.2].
Due to the physical accessibility of the HCDs, they must be used in non-hostile environments. Physical
access should be controlled and/or monitored.
QuickSec version 5.1 ([QuickSec51]) library implements the TOE's IPsec including the IPsec/Firewall.
QuickSec includes a cryptographic library. Although the IPsec implementation in QuickSec is in the TOE
boundary, the QuickSec cryptographic library used by QuickSec for all IPsec cryptography is part of the
Operational Environment. QuickSec is developed and tested by INSIDE Secure.
Regarding the SMTP gateway, the TOE can only provide protection of sent emails to the device with
which the TOE has the IPsec connection (i.e., the TOE only provides protection between the TOE and
SMTP gateway). After that point, the Operational Environment must provide the remaining protection
necessary to transfer the email from the SMTP gateway to the email's addressee(s).
The following table lists the English-guidance documentation for the TOE:
Common Criteria Evaluated Configuration Guide for HP LaserJet Enterprise MFP
M527 Series, Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
HP LaserJet Enterprise MFP M527 User Guide
HP Color LaserJet Enterprise MFP M577 User Guide
HP PageWide Enterprise Color MFP 586 User Guide
Table 3: English-only guidance documentation
Logical 1.5.3.2
The security functionality provided by the TOE has been described above and includes:
Auditing
Cryptography
To Next Page
Loading...