Xerox WorkCentre 6655 Bezpieczna instalacja i obsługa - Strona 5

Przeglądaj online lub pobierz pdf Bezpieczna instalacja i obsługa dla Drukarka Xerox WorkCentre 6655. Xerox WorkCentre 6655 19 stron. Color multifunction printer
Również dla Xerox WorkCentre 6655: Instrukcja obsługi (15 strony), Instrukcja instalacji (2 strony), Instrukcja instalacji (7 strony), Instrukcja instalacji oprogramowania (4 strony), Instrukcja wymiany wkładu (2 strony), Podręcznik (3 strony), Skrócona instrukcja obsługi (14 strony)

Drukuj stronę

Xerox WorkCentre 6655 Bezpieczna instalacja i obsługa

ii. Set the permission for all Non-Logged In Users Roles (see "User Roles" in Section 4 of the SAG) to be

Not Allowed, Not Allowed & Hidden or Never, as appropriate, for the following: (1) all print permission

categories (by following the "Editing Print Permissions for the Non-Logged In Users Role" under

"Configuring Authorization Settings" in Section 4 of the SAG) and (2) all services and tools (by following

the "Editing Services and Tools Permissions for the Non-Logged In Users Role" under "Configuring

Authorization Settings" in Section 4 of the SAG). Also set the

Network Authorization

i. Establish remote authorization using LDAP by following the "Configuring Network Authorization Settings"

and "Configuring Network Authorization Server Settings" instructions in Section 4 of the SAG. Make sure

to follow only the instructions pertaining to setting up an LDAP Server.

Network Authorization using an SMB server is not part of the evaluated configuration and should not be

used.

4. Personalization: Enable personalization by following the instructions for "Specifying the Method the Printer

Uses to Acquire Email Address of Users" under "Configuring Smart Card Authentication Settings" under

"Configuring Authentication Settings" in Section 4 of the SAG. Configure personalization by following the

instructions for "Configuring User Mappings" under "LDAP" in Section 3 of the SAG.

5. Immediate Image Overwrite: Follow the instructions under 'Enabling Immediate Image Overwrite at the

Control Panel' or 'Enabling Immediate Image Overwrite' in Section 4 of the SAG to enable Immediate Image

Overwrite from the Control Panel or the Web UI, respectively.

Both Immediate Image Overwrite and On Demand Image Overwrite are enabled by default at the factory when

the device is first delivered.

6. Security Certificates: Install a digital certificate on the device before enabling SSL by following the appropriate

instructions under "Security Certificates" in in Section 4 of the SAG for installing the any one of the digital

certificates (Device Certificate, CA Certificate or Trusted Certificate) the device supports.

Note that a Xerox self-signed certificate is installed by default on the device. If a CA certificate is desired a

Certificate Signing Request (CSR) will have to be sent to a Certificate Authority to obtain the CA Certificate

before it can be installed on the device. Follow the instructions for "Creating a Certificate Signing Request"

under "Security Certificates" in in Section 4 of the SAG to create the CSR.

7. Transport Layer Security (TLS)/Secure Sockets Layer (SSL):

i. Follow the instructions under 'Enabling DND/DDNS Settings the Control Panel' or '"DNS" (under

"Configuring IP Settings in CentreWare Internet Services") in Section 3 of the SAG for entering the host

and domain names, to assign the machine a valid, fully qualified machine name and domain from the

Control Panel or the Web UI, respectively (required for SSL to work properly).

ii. If a self-signed certificate is to be used download the generic Xerox root CA certificate from the device by

following the instructions for saving the certificate file under "Viewing, Saving or Deleting a Certificate" in

Section 4 of the SAG and then installing the saved certificate in the certificate store of the System

Administrator's browser.

iii. Enable HTTPS by following the instructions for "Enabling HTTPS (SSL)" under "Secure HTTP (SSL)" in

Section 4 of the SAG. Set the 'Force Traffic over SSL' option to be Yes (all HTTP requests will be

switched to HTTPS).

iv.

Disable SSLv3.0 in favor of TLS v1.x to avoid vulnerabilities associated with downgrading from TLS to

SSLv3.0.

8. FIPS 140-2 Mode: Encryption of transmitted and stored data by the device must meet the FIPS 140-2 Standard.

Enable the use of encryption in "FIPS 140 mode" and check for compliance of certificates stored on the device

to the FIPS 140-2 Standard by follow the instructions for "Enabling FIPS 140 Mode and Checking for

Compliance" in Section 4 of the SAG.

Since Kerberos and SFTP are not FIPS compliant secure protocols, make sure when enabling FIPS mode that

you set up the proper exceptions for both Kerberos and SFTP.

9. Data Encryption: Enable data encryption by following the instructions under "Enabling Encryption of Stored

Data" in Section 4 of the SAG; data encryption is enabled by default at the factory when the device is first

delivered. Before enabling disk encryption, ensure that the WorkCentre 5845/5855/5865/5875/5890,