• The Security Distribution Restriction Web UI page will be displayed. Select one of the two desired options under
“Domain Filter Settings” other than ‘Off’ to enable the Email domain filtering feature. Add the desired domains to filter
Email and Internet Fax jobs to and set the other settings on this page as desired.
• Select the [Save] button. This will ensure Email domain filtering is enabled.
jj). In the evaluated configuration the Hold All Jobs function should be configured so that Enablement is set to ‘Hold All Jobs in
a Private Queue’ and the Unidentified Jobs Policies is set to ‘Hold Jobs; Only Administrators can Manage Jobs’. Follow the
instructions for “Configuring the Hold All Jobs Feature” starting on page 110 of the SAG to access and configure the Hold All
Jobs function.
kk). The following features and protocols are not included in the evaluation:
• Reprint from Saved Job
• SMart eSolutions
• Custom Services (Extensible Interface Platform or EIP)
• Network Accounting and Auxiliary Access
• Internet Fax
• Use of Embedded Fax mailboxes.
• NTP
• Direct USB Printing,
• AppleTalk and Novell protocols
• SFTP
• Web Services
2. The System Administrator should change the SNMPv1/v2c public/private community strings from their default string names to
random un-guessable string names of at least 8 characters in length.
3. In the evaluated configuration, SNMPv3 is not included. However, SNMPv3 can be used if it best fits your needs. SNMPv3 cannot
be enabled until SSL (Secure Sockets Layer) and HTTPS (SSL) are enabled on the machine. To enable SNMPv3 follow the
instructions starting on page 34 of the SAG. The System Administrator should be aware that in configuring SNMPv3 there is the
option of resetting both the Privacy and Authentication passwords back to their default values. This option should only be used
if necessary since if the default passwords are not known no one will be able to access the SNMP administrator account
8
.
4. Customers should sign up for the RSS
9
subscription service available via the Xerox Security Web Site (Security@Xerox) at
www.xerox.com/security that permits customers to view the latest Xerox Product Security Information and receive timely
reporting of security information about Xerox products, including the latest security patches.
5. The device should be installed in a standard office environment. Office personnel should be made aware of authorized service
calls (for example through appropriate signage) in order to discourage unauthorized physical attacks such as attempts to
remove the internal hard disk drive(s). The System Administrator should also ensure that office personnel are made aware to
pick up the outputs of print and copy jobs in a timely manner.
6. Customers who encounter or suspect software problems should immediately contact the Xerox Customer Support Center to
report the suspected problem and initiate the SPAR (Software Problem Action Request)
10
process for addressing problems found
by Xerox customers.
7. Caution: A WorkCentre 7525/7530/7535/7545/7556 allows an authenticated System Administrator to disable functions like
Image Overwrite Security that are necessary for secure operation. System Administrators are advised to periodically review the
configuration of all installed machines in their environment to verify that the proper evaluated configuration is maintained.
8. Depending upon the configuration of the device, two IPv4 addresses, a primary IPv4 address and a secondary IPv4 address,
may be utilized. The System Administrator selects whether the primary IPv4 address will be obtained statically or dynamically
via DHCP from the IP (Internet Protocol) page on the Web UI
11
. The second IPv4 address is assigned via APIPA when the
System Administrator enables the ‘Self Assigned Address’ option from the IP (Internet Protocol) page on the Web UI. If the
8
The SNMP administrator account is strictly for the purposes of accessing and modifying the MIB objects via SNMP; it is separate from the System
Administrator “admin” user account or user accounts given SA privileges by the System Administrator “admin” user. The administrator account can
not perform any System Administrator functions.
9
Really Simple Syndication – A lightweight XML format for distributing news headlines and other content on the Web. Details for signing up for this
RSS Service are provided in the Security@Xerox RSS Subscription Service guide posted on the Security@Xerox site at
http://www.xerox.com/go/xrx/template/009.jsp?view=Feature&ed_name=RSS_Security_at_Xerox&Xcntry=USA&Xlang=en_US.
10
A SPAR is the software problem report form used internally within Xerox to document customer-reported software problems found in products in
the field.
11
The primary IPv4 address can also be assigned dynamically via DHCP from the Dynamic Addressing screen on the Local UI.
To Next Page
Loading...
