SNMPv3 cannot be enabled until SSL and HTTPS (SSL) are enabled on the machine. To enable SNMPv3 follow
the instructions for “Configuring SNMPv3” under “SNMP” in Section 3 of the SAG.
Be aware that in configuring SNMPv3 there is the option of resetting both the Privacy and Authentication
passwords back to their default values. This option should only be used if necessary since if the default passwords
are not known no one will be able to access the SNMP administrator account
.
8. Wireless:
Connection of the printer to a wireless network from a security perspective is not considered totally secure.
However, if such a connection is absolutely required, follow the instructions for either “Connecting to a Wireless
Network from the Control Panel” or Connecting to a Wireless Network Using the Embedded Web Server” as
applicable, in Section 2 of the SAG. Make sure that for security settings WPA2 is enabled and configured and
WEP is disabled.
d. The following additional features and protocols are not considered secure and should be used at the discretion of the
device user:
Xerox Extensible Interface Platform®
Accounting
Internet Fax
Use of Embedded Fax mailboxes
Xerox App Gallery
e. Customer software upgrades should not be enabled for general use. Administrators should only enable software upgrades
when performing an upgrade, and software upgrades disabled when complete. Software upgrades can be
enabled/disabled by following the instructions for ‘Enabling Upgrades’ under ‘Updating the Printer Software’ in Section 10
of the SAG.
f. Firmware verification that software upgrade files for the device are properly certified for that device should be enabled by
following the instructions for “Enabling Firmware Verification” in Section 4 of the SAG.
g. Following internal customer policies and procedures required to evaluate and install devices in your environment.
III. Secure Operation of Device Services/Functions
a. Change the following passcodes on a regular basis, choose passcodes to be as random as possible and set them to the
indicated minimum lengths:
Smart Card or CAC passcode – 8 characters (alphanumeric)
Secure Print passcode – 6 digits
b. Ensure that local usernames established on the device match domain names and that both map to the same individual.
c. Operation of IIO and ODIO (only for VersaLink Multifunction Printers that have a Hard Disk Drive):
1. If a manual ODIO is to be run set up and initiate a manual ODIO follow the “To Start a Disk Overwrite Manually”
instructions under “Managing Disk Drives” in Section 4 of the SAG.
2. If a scheduled ODIO is to be run set up and initiate a scheduled ODIO follow the “To Schedule a Disk Overwrite”
instructions under “Managing Disk Drives” in Section 4 of the SAG.
3. IIO of a delayed or secure print job will not occur until after the machine has printed the job.
4. If an overwrite fails, the error is handled as system failure and an error message is displayed on Control Panel.
5. ODIO is not executed when device is in the following status:
・ Device power is turned off or device is being shut down
・ Device is being initialized
・ System failure occurs
6. When system failure occurs while this function is in progress, after completing transition to system failure status, the
device reboots regardless of system failure type.
7. Even if there is a reserved job such as Delayed Print and Delayed Fax, the documents are deleted.
The SNMP administrator account is strictly for the purposes of accessing and modifying the MIB objects via SNMP; it is separate from the
System Administrator “admin” user account or user accounts given SA privileges by the System Administrator “admin” user. The administrator
account cannot perform any System Administrator functions.
To Next Page
Loading...
