HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 86 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
7.1.5 Protection of the TSF
Restricted forwarding of data to external interfaces (including fax 7.1.5.1
separation)
The TOE allows an administrator to enable / disable the forwarding of data received from an External
Interface to the Shared-medium interface. The terms External Interface and Shared-medium Interface are
defined in [PP2600.2] and duplicated in section 8.2 of this Security Target. This implies that an
administrator can configure the TOE to have a distinct functional separation between the analog fax
phone line and the Shared-medium Interface (i.e., network interface) of the TOE.
The analog fax hardware and the firmware that controls the fax hardware do not have the ability to access
the Shared-medium fax functions. No pathway is provided to the Shared-medium interface from the fax.
The TOE’s analog fax functions only support the sending and receiving of fax data. Fax commands with
potential for accessing the Shared-medium interface are not supported by the TOE.
When the fax feature “Fax Archive” is enabled, the administrator can control the destination to which fax
data is archived. The administrator can disable the fax feature “Fax Archive” to prevent data from being
sent from the Public Switched Telephone Network (PSTN) to the local network.
This section maps to the following SFR:
FMT_MOF.1-faxarchive
FPT_FDI_EXP.1
TSF self-testing 7.1.5.2
The EWS interface allows an administrator (U.ADMINISTRATOR) to execute a set of correct operations
tests, TSF Data integrity tests, and integrity tests of TSF executable code. The specific security related
tests available to the administrator are listed in FPT_TST.1. In some cases, the tests have pre-requisites
that must be met prior to execution in order to receive valid results. For example, the LDAP Settings
verification test requires LDAP Sign In to be configured and enabled prior to executing the test. The tests
that may be available during self-test include:
Device User Access Code verification
LDAP Settings verification
Windows Setting verification
This section maps to the following SFR:
FPT_TST.1
Reliable timestamps 7.1.5.3
The TOE contains a system clock that is used to generate reliable timestamps. Only administrators can
manage the system clock.
This section maps to the following SFR:
FPT_STM.1
7.1.6 TOE access protection
The following session termination mechanisms are supported by the TOE:
Inactivity timeout
Automatic logout
To Next Page
Loading...