Xerox ColorQube 9201 Secure Installation And Operation - Page 6

Browse online or download pdf Secure Installation And Operation for All in One Printer Xerox ColorQube 9201. Xerox ColorQube 9201 12 pages. Mfp
Also for Xerox ColorQube 9201: Install And Operation Instructions (14 pages), Evaluator Manual (28 pages), Quick User Manual (38 pages), Quick Manual (8 pages), Quick Manual (16 pages), Secure Installation And Operation (12 pages), How To Make A Copy (9 pages)

Print Page

Xerox ColorQube 9201 Secure Installation And Operation

Fax parameters and options via the Local User Interface on the machine by following the instructions on pages 15-2

through 15-4 in the SAG.

w). To enable and configure IPSec, follow the instructions starting on page 8-12 in the SAG. Xerox strongly recommends that

IPSec should be used to secure printing jobs; HTTPS (SSL) should be used to secure scanning jobs. Note: IPSec is not

available for either the AppleTalk protocol or the Novell protocol with the 'IPX' filing transport.

Xerox also recommends that the default values for IPSec parameters listed in the IPSec section in the SAG be used

whenever possible for secure IPSec setup. The following default values not listed in the SAG should also be used for secure

IPSec setup:

For defining policies the options listed for 'Hosts', 'Protocols' and 'Action' are all defaults; the System Administrator

•

should choose the particular option that pertains to whether the hosts and protocols in each case are to be allowed or

discarded and the corresponding desired action.

The Host Group address type defaults to 'Specific'.

•

Protocol Group Custom Protocol defaults to being disabled. If Custom Protocol is enabled then the protocol defaults to

•

'TCP' and the Device Is type defaults to 'Server'.

The IPSec New Actions keying method defaults to 'Internet Key Exchange (IKE)'.

•

If 'Manual Keying' is selected the IPSec security option defaults to 'ESP', the Security Parameter Index: IN defaults

•

to '256', the Security Parameter Index: OUT defaults to '257', the hash method defaults to 'SHA-1', the encryption

method defaults to '3DES' and the keys option defaults to 'ASCII format (System will automatically convert to

hex value for you)'. Also, "AH" alone should not be selected as the IPSec Security option.

If 'Internet Key Exchange (IKE)' is selected the IKE Phase 1 key lifetime defaults to '86,400 seconds', the DH Group

•

defaults to 'DH Group 2 (1024-bit MODP)', the Encrypt/Hash pair defaults to 'SHA-1 and AES', the IPSec mode

defaults to 'Transport Mode', the IPSec security option defaults to 'ESP', the IKE Phase 2 key lifetime defaults to

'28,800 seconds', the IKE Phase 2 hash method defaults to 'SHA1' and the IKE Phase 2encryption method defaults

to '3DES'.

x). Xerox recommends that if SNMP is enabled SNMPv3 should be used. SNMPv3 can be set up by following the instructions

statrting on page 5-10 of the SAG.

SNMPv3 cannot be enabled until SSL (Secure Sockets Layer) and HTTPS (SSL) are enabled on the device.

The Authentication Password and the Privacy Password should both be at least 8 alphanumeric characters.

The System Administrator should be aware that in configuring SNMPv3 there is the option of resetting both the Privacy and

Authentication passwords back to their default values. This option should only be used if necessary since if the default

passwords are not known no one will be able to access the SNMP administrator account.

y). There is a software verification test feature that checks the integrity of the executable code by comparing a calculated hash

value against a pre-stored value to ensure the value has not changed. To initiate this feature perform the following from the

Web UI:

Select the Properties tab.

•

Select the following entries from the Properties 'Content menu': Security

•

Select the [Start] button to initiate the software verification test.

•

z). To enable the session inactivity timers (termination of an inactive session) from the Web UI:

At the Web UI, select the Properties tab.

•

Select the following entries from the Properties 'Content menu': Security

•

Enter in the appropriate text box the desired inactive session timeout interval in minutes for the Web System Timer (i.e.,

•

the session timeout for the Web UI) and for the Touch User Interface System Timer (i.e., the session timeout for the

Local User Interface).

Select the [Apply] button. This will save the indicated inactivity timer settings. After saving the changes the System

•

Timeout page will be redisplayed.

aa). To enable the session inactivity timer (termination of an inactive session) for the Local UI from the Local UI:

.Select the [Machine Status] hard button on the device and then the [Tools] button to access the System Administrator

•

Tool pathway.

Select the following buttons from the Tools menu: [Device Settings]

•

Select the [Enabled] button and then enter the desired inactive session timeout interval in seconds in the text box.

•

Select the [Save] button. This will save the indicated Local UI inactivity timer setting. After saving the changes the

•

Timers screen will be redisplayed.

Software Verification Test.

System Timeout

[Timers]

[System Timeout...]