Xerox Color 1000i Press 보안 매뉴얼 - 페이지 21
{카테고리_이름} Xerox Color 1000i Press에 대한 보안 매뉴얼을 온라인으로 검색하거나 PDF를 다운로드하세요. Xerox Color 1000i Press 45 페이지. Entry production color presses
Xerox Color 1000i Press에 대해서도 마찬가지입니다: 디자인 매뉴얼 (30 페이지)
페이지 인쇄
Xerox® Security Guide for Entry Production Color Class Products
Device Security: BIOS, Firmware, OS, Runtime, and
Operational security controls
Versant® and ColorPress® products have robust security features that are designed to protect the
system from a wide range of threats. Below is a summary of some of the key security controls.
Pre-Boot BIOS Protection
BIOS
The BIOS is inaccessible and cannot be cleared or reset.
The BIOS can only be modified by a firmware update, which is digitally signed.
BIOS will fail secure, locking the system if integrity is compromised.
Embedded Encryption
Configuration Settings (including security settings) and User Data are encrypted by AES.
Each device is encrypted using its own unique key.
Boot Process Integrity
Firmware Integrity & Verification
Firmware is digitally signed.
Firmware is verified against a whitelist using cryptographic hashing.
Event Monitoring & Logging
The Audit Log feature records security-related events.
Continuous Operational Security
Firmware and Diagnostic Security Controls
Firmware installation controls limit who can install firmware and from where.
Customer defined service technician (CSE) restrictions add an additional layer of protection to
prevent unauthorized access and/or modification of Versant® and ColorPress® products.
Continuous logging
Fail Secure Vs Fail Safe
Versant® and ColorPress® products are designed to fail secure.
When a security control is compromised, the control is no longer trustworthy, and a system is at risk of
further compromise. In such a scenario, security products may either fail safe [open] or fail secure
[closed].
An example from physical security is a door. If power is lost the door may either:
Unlock and 'fail safe' to an open state likely for safety reasons (such as in a public building).
Lock and 'fail secure' for security reasons (such as a bank vault).
March 2019
Page 4-19