Konica Minolta bizhub 423, bizhub 363, bizhub 283, bizhub 223, bizhub7828 Stringing Machine
This Service Manual (Ver. 1.02) describes bizhub 423 / bizhub 363 /
bizhub 283 / bizhub 223 / bizhub 7828 / ineo 423 / ineo 363 / ineo 283 /
ineo 223 / N607 / N606 / N605 Control Software
(MFP Controller: A1UD0Y0-0100-GM0-04).
SECURITY FUNCTION
SERVICE MANUAL
2011.062011.06
Ver. 1.02Ver. 1.02
Revision history
1
1
1
After publication of this service manual, the parts and mechanism may be subject to change for
improvement of their performance.
Therefore, the descriptions given in this service manual may not coincide with the actual machine.
When any change has been made to the descriptions in the service manual, a revised version will be
issued with a revision mark added as required.
Revision mark:
• To indicate clearly a section revised, show to the left of the revised section.
A number within represents the number of times the revision has been made.
• To indicate clearly a section revised, show in the lower outside section of the corresponding page.
A number within represents the number of times the revision has been made.
NOTE
Revision marks shown in a page are restricted only to the latest ones with the old ones deleted.
• When a page revised in Ver. 2.0 has been changed in Ver. 3.0:
The revision marks for Ver. 3.0 only are shown with those for Ver. 2.0 deleted.
• When a page revised in Ver. 2.0 has not been changed in Ver. 3.0:
The revision marks for Ver. 2.0 are left as they are.
1
2011/06 1.02 — Revised
2011/04 1.01 — Revised
2011/03 1.00 — Issue of the first edition
Date Service manual Ver. Revision mark Descriptions of revision
bizhub 423/363/283/223/7822
Security Function
Security Function Ver. 1.02 Jun. 2011
CONTENTS
Security function
1. Overview ................................................................................................................. 1
2. Compliance with the ISO15408 standard................................................................ 1
3. Data to be protected................................................................................................1
4. Precautions for operation control ............................................................................ 2
5. Checking the firmware version number................................................................... 4
5.1 Security authentication firmware version number................................................. 4
6. Accessing the Service Mode................................................................................... 4
6.1 Access method to the Service Mode .................................................................... 4
6.2 Access lock of Service Mode................................................................................ 6
6.2.1 Access lock release procedure .....................................................................6
7. Enhancing the security function .............................................................................. 7
7.1 Details of settings ................................................................................................. 7
7.2 Security enhancing procedure.............................................................................. 7
7.2.1 Making and checking the service settings .................................................... 7
7.2.2 Requests to the administrator .....................................................................12
7.2.3 Functions disabled by the setting of Enhanced Security Mode................... 13
7.2.4 Functions whose settings are changed by Enhanced Security Mode......... 13
8. Service Mode functions......................................................................................... 16
8.1 Firmware Version................................................................................................ 16
8.1.1 Checking the firmware version number....................................................... 16
8.2 CE Authentication function ................................................................................. 17
8.2.1 Setting the CE Authentication function........................................................ 17
8.3 Administrator Password function ........................................................................ 18
8.3.1 Setting the administrator password............................................................. 18
8.4 CE Password function......................................................................................... 20
8.4.1 Setting the CE password............................................................................. 20
8.5 Initialization function ........................................................................................... 23
8.5.1 Initialize method ..........................................................................................25
8.6 HDD Format........................................................................................................ 26
8.6.1 HDD format execution procedure................................................................ 27
8.7 HDD installation setting ...................................................................................... 28
8.7.1 HDD installation setting procedure ............................................................. 28
8.8 Operation ban release time setting..................................................................... 29
8.8.1 Operation ban release time setting procedure ............................................ 29
8.9 Administrator Unlocking function ........................................................................30
i
bizhub 423/363/283/223/7828
Security Function
Security Function Ver. 1.02 Jun. 2011
8.9.1 Administrator Unlocking function procedure ............................................... 30
8.10 Bluetooth Settings .............................................................................................. 31
8.10.1 Bluetooth settings procedure ...................................................................... 31
9. Overwrite All Data function ................................................................................... 33
9.1 Overwrite All Data procedure ............................................................................. 33
9.2 Items to be cleared by Overwrite All Data .......................................................... 33
9.2.1 Items cleared by Overwrite All Data............................................................ 33
10. Firmware rewriting ................................................................................................ 35
10.1 Outline ................................................................................................................ 35
10.2 USB memory ...................................................................................................... 35
10.2.1 Preparation ................................................................................................. 35
10.2.2 Procedure ................................................................................................... 35
10.2.3 Action when data transfer fails.................................................................... 38
11. FAX function.......................................................................................................... 39
11.1 Installing/setting procedure of the FAX kit.......................................................... 39
11.1.1 Install procedure ......................................................................................... 39
11.1.2 Setting procedure ....................................................................................... 41
ii
Security Function Ver. 1.02 Jun. 2011 1. Overview
bizhub 423/363/283/223/7822
Security Function
1. Overview
This Service Manual contains the essential operating procedures and precautions for using
the security functions.
2. Compliance with the ISO15408 standard
This machine has an enhanced security function: Set the Enhanced Security Mode, in
Administrator Settings, to [ON].
The security functions offered by this machine comply with ISO15408/IEC15408 (level:
EAL3).
3. Data to be protected
The underlying concept of this machine toward security is “to protect data that can be disclosed against the intention of users.”
The following types of image files that have been saved in the machine and made available
for use by its users are protected while the machine is being used.
• Image files saved by secure print
• Image files saved as ID & print document when print data is to be saved using the ID &
print setting function
• Image files saved in personal user box, public user box and group user box
The following types of data saved in the HDD are protected when use of a leased machine
is terminated at the end of the leasing contract, the machine is to be discarded, or when the
HDD is stolen.
• Image files saved by secure print
• Image files saved as ID & print document when print data is to be saved using the ID &
print setting function
• Image files saved in personal user box, public user box and group user box
• Image files of a job in the queue state
• Image files other than secure print document, ID & print document and user box file
• Data files left in the HDD data space, used as image files and not deleted through the
general deletion operation
• Temporary data files generated during print image file processing
• Destination recipient data (e-mail address, telephone number)
* “Secure print” represents the settings for the secure print document in the printer driver
interface.
This machine offers specific functions as data protection methods: the SSL function that
ensures confidentiality of images transmitted and received over the network and the
S/MIME function that is used for encrypting image files.
The concept of the SSL and S/MIME functions toward security in organizations is “to
ensure confidentiality in image data communication.”
The machine assumes an office environment that responds to most stringent security
requirements by carrying out communications of highly confidential image data transmitted
and received among different pieces of IT equipment within an office LAN via reliable paths
and protecting such data through proper encryption.
1
4. Precautions for operation control Security Function Ver. 1.02 Jun. 2011
bizhub 423/363/283/223/7828
Security Function
4. Precautions for operation control
A. Requirements of the service engineer
The service engineer should take full responsibility for controlling the machine during his or
her procedures for setting up and servicing the machine so that no improper operations are
performed.
<To achieve effective security>
• The service engineer who sets up and services the machine should have completed the
course in security and be certified accordingly.
• The service engineer should swear that he or she would never disclose information as it
relates to the settings of this machine to anybody in accordance with the Installation
Checklist contained in User’s Guide [Security Operations].
• The service engineer should perform his or her physical service jobs in the presence of
the administrator of the machine.
B. Protection of setting data in Service Mode
The CE password used to access Service Mode must be adequately controlled by the service engineer concerned to ensure that it is not leaked. Make sure that any password that
could be easily guessed by a third person is not used as the CE password.
<To achieve effective security>
The CE password should:
• Not be one that is easily guessed by third persons.
• Not be known by any third person.
• Be changed at regular intervals.
• Be set again quickly if one has been initialized.
C. Network connection requirements for the machine
Packets being transmitted over the LAN installed in the office, in which the machine is
installed, should be protected from unauthorized manipulation. If the LAN is to be connected to an outside network, no unauthorized attempt to establish connection from the
external network should be permitted.
<To achieve effective security>
• If the LAN, in which the machine is installed, is connected to an outside network, install a
firewall or similar network device to block any access to the machine from the outside
network and make the necessary settings.
• Configure the LAN installed in the office, in which the machine is installed, by using a
switching hub and other devices to ensure that the packets are protected from unauthorized manipulation.
• Provide an appropriate network control at all times to make sure that packets are protected from unauthorized manipulation and no other copying machine is connected without prior notice to the office LAN to which this machine is connected.
2
Security Function Ver. 1.02 Jun. 2011 4. Precautions for operation control
bizhub 423/363/283/223/7822
Security Function
D. Machine maintenance control
When the service engineer performs maintenance service jobs for the machine, he or she
should check the firmware version number and the checksum value, and make sure that
the system has not been altered.
The service engineer should take the following precautions when the user is to purchase an
additional option.
a. For an option that requires that Enhanced Security Mode be turned “OFF” before the
option can be used on the machine, notify the user that the mounting of the option makes
the machine not guaranteed by the ISO15408 certification.
b. Applications subject to the ISO15408 security evaluation and certification are described
in User’s Guide Security Operations. If any application (including options) not described
in the User’s Guide is to be used, notify the user that the use of the application is not
guaranteed by the ISO15408 certification.
E. Miscellaneous
The service engineer should explain to the administrator of the machine that the languages, in which the contents of the User’s Guide [Security Operations] have been evalu-
ated, are Japanese and English. He or she should also explain the way how to get the
manual in the language, in which it is evaluated.
In addition, the service engineer should promptly provide the version of the User’s Guide
that has been evaluated for the user whenever the user needs one.
3
5. Checking the firmware version number Security Function Ver. 1.02 Jun. 2011
bizhub 423/363/283/223/7828
Security Function
A1UDS1E021DB
5. Checking the firmware version number
• Confirm the need to enhance or not to enhance the security function with the administrator of this machine: If administrator wants to enhance, check the firmware version number and the checksum value.
• If the firmware version number of this machine is different from numbers shown in the list
below, it will be necessary to re-write to the firmware version corresponding to security.
Refer to P.35 for the method of how to re-write the firmware.
5.1 Security authentication firmware version number
MFP Controller Ver. Check Sum
bizhub 423/363/283/223/7828 A1UD0Y0-0100-GM0-04 3323
Refer to P.16 for the method of checking the firmware version.
6. Accessing the Service Mode
6.1 Access method to the Service Mode
1. Press the Utility/Counter key.
2. Touch [Meter Count].
3. Touch [Check Details] on Meter Count display.
4. Press the following keys in this order:
Stop00 Stop 0 1
5. Enter the CE Password.
NOTE
• Authentication using the CE Password is carried out only if “ON” is set for
[CE Authentication] as accessed through [Service Mode] [Enhanced Security].
NOTE
• The CE password entered is displayed as “✱.”
• NEVER forget the CE password. When forgetting the CE password, call responsible person of KMBT.
4
Security Function Ver. 1.02 Jun. 2011 6. Accessing the Service Mode
bizhub 423/363/283/223/7822
Security Function
A1UDS1E022DA
• If a wrong CE Password has been entered, no further entry can be made for 5 sec.
Wait, therefore, for at least 5 sec. before attempting to enter the correct CE Password.
• Each time a wrong CE password is entered, the CE password illegal access count
is incremented by one.
When the access to the Service Mode has been successful with the correct CE
password entered, the CE password illegal access count is cleared and reset to 0.
• When “ON” is set for Enhanced Security Mode, or “Mode 2” is set for [Prohibited
Functions When Authentication Error] as accessed through [Administrator Set-
tings] [Security Settings] [Security Details], access to the Service Mode
through the CE Password is restricted by the number of times (1 to 3) set for Prohibited Functions When Authentication Error.
If the CE password illegal access count exceeds the set number of times, the
machine is then set into an access lock state. Then, access to the Service Mode
cannot be made until the access lock state is released.
For the procedure to release the access lock state, see P.6.
• To go from the CE password screen to another, enter the CE password and call the
Service Mode menu to the screen. Then, quit the Service Mode. You can also exit
from the CE password screen by turning OFF and ON the sub power switch; however, be careful that any jobs entered will be cleared at this time.
6. The Service Mode screen will appear.
NOTE
• If you leave the site with the Service Mode setting screen being displayed, unauthorized changes could occur for any set values. When you finish the setting of
Service Mode, or if you have to leave the site by necessity when the Service Mode
has been set, be sure to press [Exit] to the basic screen.
5
6. Accessing the Service Mode Security Function Ver. 1.02 Jun. 2011
bizhub 423/363/283/223/7828
Security Function
A1UDS1E023DA
6.2 Access lock of Service Mode
• Use the following procedure to release the access lock state of the Service Mode.
Releasing the access lock state will also clear the illegal access count reached in CE
authentication.
6.2.1 Access lock release procedure
1. Turn off the sub power switch/main power switch and turn it on again more than 10 sec-
onds after.
2. Press the Utility/Counter key.
3. Touch [Meter Count].
4. Touch [Check Details].
5. Touch [Coverage Rate].
6. Press the following keys in this order:
Stop09 3 1 7
(Performing this step will start the access lock release timer.)
7. Once started, the access lock release timer measures time intervals.
The access lock state is released when the period of time set through [Service Mode]
[Enhanced Security] [Operation Ban release time] elapses.
See P.29
6
Security Function Ver. 1.02 Jun. 2011 7. Enhancing the security function
bizhub 423/363/283/223/7822
Security Function
A1UDS1E024DA
7. Enhancing the security function
• Perform the Enhanced Security Mode procedures while making checks of installation
checklist in User’s Guide [Security Operations].
• To make the Enhanced Security Mode, service settings must first be made. Make the
necessary service settings and check that they have been correctly made.
7.1 Details of settings
Item Setting/Check Default Setting
CE Authentication ON OFF
CE Password Set arbitrarily. 92729272
Image Controller Setting Check the setting of Controller 0. Controller 0
HDD installation setting Check the setting of Installed. Installed
Management Function Choice Check the setting of Unset. Unset
NOTE
• If any one of the above functions is not set properly, the machine does not allow
the Enhanced Security setting to be made.
• The CE Password must be set to any value other than the default one.
7.2 Security enhancing procedure
7.2.1 Making and checking the service settings
1. Call the Service Mode to the screen.
See P.4
2. Press the following keys in this order to display the Enhanced Security screen:
Stop0Clear
3. Touch [CE Authentication].
7
7. Enhancing the security function Security Function Ver. 1.02 Jun. 2011
bizhub 423/363/283/223/7828
Security Function
A1UDS1E025DA
A1UDS1E026DB
4. Touch [ON].
5. Touch [END] and [CE Password].
6. The default setting is “92729272.” Using the keyboard shown on the display, enter
“92729272” in Current Password and touch [END].
8
Security Function Ver. 1.02 Jun. 2011 7. Enhancing the security function
bizhub 423/363/283/223/7822
Security Function
A1UDS1E027DB
7. From the keyboard shown on the display, enter a new 8-digit password and touch
[END].
NOTE
• Be sure to change the CE password.
• If the Password Rule setting is set to “ON,” a password consisting of only the
same character, one consisting of less than 8 digits, or the same password as that
set before the change cannot be set. In this case, therefore, do not set a password
having only the same character or one consisting of less than 8 digits.
• Set any value other than the default one for the CE Password.
• Exiting from the Service Mode after the new CE password has been set validates
the setting of the new password.
• NEVER forget the CE password. When forgetting the CE password, call responsible person of KMBT.
8. Type the new CE password again and touch [END].
9. Touch [System 2].
10. Touch [Image Controller Setting].
9
7. Enhancing the security function Security Function Ver. 1.02 Jun. 2011
bizhub 423/363/283/223/7828
Security Function
A1UDS1E028DA
A1UDS1E029DA
11. Check that “Controller 0” is selected.
12. Touch [END] to display the Service Mode screen.
13. Touch [System 2].
14. Touch [HDD] and check that “Installed” is selected.
15. Touch [END].
16. Touch [Firmware Version].
17. Touch [END] to display the Service Mode screen.
10
Security Function Ver. 1.02 Jun. 2011 7. Enhancing the security function
bizhub 423/363/283/223/7822
Security Function
A1UDS1E030DA
A1UDS1E031DA
18. Press the following keys in this order to display the Billing Setting screen:
Stop9
19. Touch [Management Function Choice].
20. Check that “UnSet” is selected and then touch [END].
11
Loading...