Oce CS665 Pro, CS655 User Manual

Download

Page 1

Océ

CS665 Pro CS655

Security

User’s Guide

Printing for Professionals

Page 2

Thank you for selecting an Océ solution for your document production and management needs. The following information will help you get the most productive and reliable use out of your system.

Océ brand supplies are designed for Océ copiers, printers and fax machines to ensure maximum product performance and quality. Substituting other supplies may result in inferior image quality and machine malfunction. To order supplies call the Océ Supply Line: 1-866-472-7876 (US) 1-866-462-4478 (CAN) 01277 846 146 (UK)

Should your system develop a problem that cannot be remedied by using the maintenance or troubleshooting procedures outlined in this manual, please contact the Océ Customer Support Center by calling: 1-800-243-5556 (US) 1-866-462-4478 (CAN) 08708 500 749 (UK)

For faster service, please have your machine model and serial number available before calling.

Page 3

Océ-Technologies B.V.

2008,Océ-Technologies B.V. Venlo, The Netherlands. All rights reserved. No part of this work may be reproduced, copied, adapted, or transmitted in any form or by any means without written permission from Océ.

Océ-Technologies B.V. makes no representation or warranties with respect to the

contents hereof and specically disclaims any implied warranties of merchantability or tness for any particular purpose.

Further, Océ-Technologies B.V. reserves the right to revise this publication and to make changes from time to time in the content hereof without obligation to notify any person of such revision or changes.

Edition 2008-08

Page 4

CS665 Pro Contents-1

Contents

1 Introduction

1.1 User’s Guide – Security................................................................................................................... 1-3

1.2 Composition of user’s guide .......................................................................................................... 1-4

2 Security functions

3 Security strengthen mode

3.1 Description of security strengthen mode ..................................................................................... 3-3

3.2 Data protected by security strengthen mode............................................................................... 3-4

4 Machine administrator security functions

4.1 Turn security strengthen mode on/off .......................................................................................... 4-4

4.2 HDD lock password ........................................................................................................................ 4-7

4.3 Print audit log ................................................................................................................................ 4-10

4.4 Analyze audit log ........................................................................................................................... 4-12

4.5 Table of items saved in audit log................................................................................................. 4-13

5Index

Page 5

Contents-2 CS665 Pro

Page 6

Introduction

Page 7

Page 8

CS665 Pro 1-3

Introduction

1 Introduction

1.1 User’s Guide – Security

The Control Software version is as follows.

Image control program (Image Control l1) version: A03U0Y0-00l1-G00-40

About the Firmware version display function:

The CS665 Pro Control Software (Image control program) version mentioned above can be confirmed by using the service representative (CE) service mode ROM version display function.

When you display the firmware version, the Image control program version will be displayed as follows.

Image control program (Image Control l1) version: G00 + 2 digits following the hyphen (Ex: G00-**)

Please keep this in mind when checking the software version.

EXEMPTION:

- No part of this manual may be used or duplicated without permission.

- Manufacturer and Sales Company will have no liability for any influences caused by using the printing

system and this User’s Guide.

- The information written in this is subject to change without prior notice.

Page 9

Introduction

1-4 CS665 Pro

1.2 Composition of user’s guide

This machine is provided with the following user’s guides as printed matters.

CS665 Pro User’s Guide - Copier

This guide describes an outline of the machine and copy operations.

Please refer to this guide for safety information, turning on/off the machine, paper supply, dealing with machine trouble such as paper jam, and copy operation available on the machine.

CS665 Pro User’s Guide - POD Administrator’s Reference

This guide provides you with detailed information about the machine management and how to customize the machine according to your daily use.

Please refer to this guide for a setup and management of the machine including registration of copy paper and tray setting.

CS665 Pro User’s Guide - Security (This book)

This guide describes the security functions.

Please refer to this guide for how to use the Security Strengthen mode, and for detailed machine operation in Security Strengthen mode.

To operate safely, be sure to read "Chapter 1 Safety Information" in "CS665 Pro User’s Guide - Copier" before using the machine.

Page 10

Security functions

Page 11

Page 12

CS665 Pro 2-3

Security functions

2 Security functions

The CS665 Pro device has two security modes.

Normal mode

Use this mode if the machine is used by a single person and there is a low possibility of illicit access and operations. This is the default mode when shipped from the factory.

To use regular mode, please see the user’s guide for each individual machine.

Security strengthen mode

Use this mode if the machine is connected to a local area network, or to external networks through a telephone line or other means. A machine administrator manages the device according to this user’s guide, so that users can have a safe operating environment. Your machine administrator is the only one who can turn the Security Strengthen mode ON and OFF, and make other changes, and your service representative will designate an machine administrator.

To turn the Security Strengthen mode ON, the service representative should set a CE authentication password and machine administrator password for the device. Please contact your service representative when using the Security Strengthen mode.

Please be sure to use the Security Strengthen mode to prevent data from being accessed or tampered with.

The Security icon is displayed on the touch panel if the Security Strengthen mode is activated.

Environments in which Security Strengthen mode is recommended

- The machine is monitored by a telephone line or a network.

Creating a secure environment

For security, we recommend that supervisors and a machine administrator use Security Strengthen mode and establish an environment as follows.

- Qualifications to be a machine administrator

A supervisor must select a reliable person who has adequate knowledge, technical ability, and experience as a machine administrator, to whom to delegate administration of the device.

- Guarantee of service representative (CE)

A supervisor or a machine administrator can use Security Strengthen mode after confirming that a service contract was signed with the service representative (CE). Clearly state in the service contract that the service representative will not engage in any fraudulent actions.

- Secure LAN

Be sure to connect the machine to the LAN protected by firewall in order to prevent access from an external network.

Page 13

Security functions

2-4 CS665 Pro

Page 14

Security strengthen mode

Page 15

Page 16

CS665 Pro 3-3

Security strengthen mode

3 Security strengthen mode

3.1 Description of security strengthen mode

The following items will have enhanced security.

- Machine NIC setting

While the Security Strengthen mode is activated, available function is limited to CS Remote Care.

- External access prohibited

No access is allowed over telephone lines other than CS Remote Care.

- Create, save and analyze an audit log

A history of security function operations will be created and saved. Date and time, information identifying the person who made the operation, details of the operation, and results of the operation will be saved, enabling analysis of unauthorized access. This log will be overwritten if the audit area is depleted.

- Machine Administrator authentication

A service representative will set up an authentication data for a machine administrator. The machine administrator must input a password to gain authorized access. Only one authentication string can be registered per machine.

- Machine Administrator Setting mode

If the machine administrator Setting mode has been entered by successful Administrator authentication, the setting change of various machine functions will be available on the machine. Be sure to exit the machine administrator Setting mode if you leave in front of the machine while using the machine administrator Setting mode.

Page 17

Security strengthen mode

3-4 CS665 Pro

3.2 Data protected by security strengthen mode

The data protected by Security Strengthen mode is the document data stored in the machine.

To turn security strengthen mode on/off

The machine administrator can turn Security Strengthen mode ON/OFF.

If Security Strengthen mode is OFF, data can potentially be accessed, so be careful.

Page 18

Machine administrator security functions

Page 19

Page 20

CS665 Pro 4-3

Machine administrator security functions

4 Machine administrator security functions

The machine administrator turns Security Strengthen mode ON/OFF.

To do so, an 8-digit CE authentication password and Machine Administrator password must be set for the machine. Ask your authorized service representative to set up a Machine Administrator password. To change this password, the machine administrator himself should operate the procedure described in the User’s Guide of POD Administrator’s reference.

To protect data in the machine from access and tampering, please be sure to designate a machine administrator and use Security Strengthen mode.

Reminder

Do not use your name, birthday, employee number, etc. for a password that others can easily figure out.

Be careful not to inform anybody else of the password, or not to let it known to others.

Page 21

Machine administrator security functions

4-4 CS665 Pro

4.1 Turn security strengthen mode on/off

The following is an explanation of how to turn Security Strengthen mode ON/OFF.

Note

Passwords are case sensitive.

If a wrong password or fewer than 8 alphanumerical characters are entered and the [OK] key is touched, the warning message "Password does not match" will appear, and no key will work for five seconds. Enter the right password after five seconds.

If authentication fails, the information will be saved in the audit log.

1 Press [Utility/Counter] on the control panel to display the Utility Screen.

2 Touch [03 Machine Admin. Setting].

The Input Password Screen will be displayed.

3 Enter the password.

Use the touch screen keypad to enter the 8-digit Machine Administrator password, then touch [OK].

The Machine Administrator Setting Menu Screen will be displayed.

Page 22

CS665 Pro 4-5

Machine administrator security functions

4 Touch [10 Security Setting].

5 Touch [04 Security Strengthen Set]

6 Turn Security Strengthen mode ON or OFF

If you want to turn Security Strengthen mode ON, touch [On] to highlight it. If you want to turn it OFF, touch [Off] to highlight it.

Page 23

Machine administrator security functions

4-6 CS665 Pro

7 Touch [OK].

The Restart Confirmation popup screen will appear

8 Touch [Yes].

The machine will restart and the new setting will be activated.

Page 24

CS665 Pro 4-7

Machine administrator security functions

4.2 HDD lock password

While the Security Strengthen mode is turned ON, a lock password (8 to 32 alphanumerical characters, case sensitive) can be set up on the HDD to protect the data stored on it.

If the HDD itself is externally accessed, the data readout will not be available until the correct lock password is entered.

Reminder

Do not use your name, birthday, employee number, etc. for a password that others can easily figure out.

Be careful not to inform anybody else of the password, or not to let it known to others.

Note

The HDD lock password functions only when the Security Strengthen mode is ON. When turned OFF, the message "Please set Security Strengthen mode" will be displayed.

Note

Passwords are case sensitive.

If authentication fails, the information will be saved in the audit log.

Detail

The main body serial number will be printed at the upper right corner of the audit log. For details, see "Print audit log" on page 4-10 and "Analyze audit log" on page 4-12 for the sample log.

If authentication fails, the information will be saved in the audit log.

The current password cannot be used again as a new password.

Page 25

Machine administrator security functions

4-8 CS665 Pro

1 Press [Utility/Counter] on the control panel to display the Utility Screen.

2 Touch [03 Machine Admin. Setting].

The Input Password Screen will be displayed.

3 Enter the password.

Use the touch screen keypad to enter the 8-digit Machine Administrator password, then touch [OK].

The Machine Administrator Setting Menu Screen will be displayed.

4 Touch [10 Security Setting].

Page 26

CS665 Pro 4-9

Machine administrator security functions

5 Touch [02 HDD Lock Password].

The HDD Lock Password Menu Screen will be displayed.

6 Touch [Current Password] to enter the password currently used, then touch [OK].

The first password: 13-digit alphanumeric serial number of the main body

7 If authentication is succeeded, touch [New Password] to enter the new password.

The key will not be active until authentication is succeeded.

– Touch [OK] to return to the previous screen.

8 Touch [Check Input] to re-enter the same password as above.

– Touch [OK] to return to the previous screen.

9 Touch [OK].

Page 27

Machine administrator security functions

4-10 CS665 Pro

4.3 Print audit log

An audit log will be automatically created when the data saved in the machine have been accessed.

All the audit log data can be output as follows.

Note

Passwords are case sensitive.

If authentication fails, the information will be saved in the audit log.

Note

To stop printing, press [Stop] on the control panel, then touch [Cancel] on the confirmation popup screen.

1 Press [Utility/Counter] on the control panel to display the Utility Screen.

2 Touch [03 Machine Admin. Setting].

The Input Password Screen will be displayed.

3 Enter the [password].

Use the touch screen keypad to enter the 8-digit Machine Administrator password, then touch [OK].

The Machine Administrator Setting Menu Screen will be displayed.

Page 28

CS665 Pro 4-11

Machine administrator security functions

4 Touch [01 System Setting].

5 Touch [06 List/Count].

The Management List Print Screen will be displayed.

6 Touch [Audit Log Report], then touch [COPY].

7 Press [Start] on the control panel.

Page 29

Machine administrator security functions

4-12 CS665 Pro

4.4 Analyze audit log

Audit logs need to be analyzed by the Machine Administrator regularly (once per month) or when unauthorized access and tampering of data saved in the machine in Security Strengthen mode is noticed.

The machine is supposed to store up 750 logs per month.

If more than 750 logs are assumed to be stored in a month, carry out the analysis in a shorter period before the unanalyzed logs reach that number.

Audit log information

The audit log contains the following information.

1. date/time: date and time when an operation was made that results in the creation of a log entry.

2. id: the person who made the operation or who is subject to security protection can be specified. "-1": Operation by CE (service representative). "-2": Operation by the machine administrator. Other integer: Indicates subjects for security protection.

3. action: Used to specify the operation. Check details of operation that action indicates in the following table.

4. result: Result of an operation. For password authentication, success or failure will be indicated as OK and NG. For operations without password authentication, all log entries will be indicated as OK.

Page 30

CS665 Pro 4-13

Machine administrator security functions

4.5 Table of items saved in audit log

The purpose of analyzing the audit log is to understand the following and implement countermeasures:

Whether or not data was accessed or tampered with Subject of attack Details of attack Results of attack For specific analysis methods, see the next page.

Specify unauthorized actions: password authentication

If logs have NG as the result of password authentication (action: 01, 02), items protected by passwords may have been attacked.

- Failed password authentication (NG) log entries specify who made the operation, and show if

unauthorized actions were made when password authentication failed.

- Even if password authentication succeeded (OK), it shows whether a legitimate user created the action.

You need to check carefully when successful authentication occurs after series of failures especially during times other than normal operating hours.

Specify unauthorized actions: actions other than password authentication under security

All operation results other than password authentication will be indicated as successful (OK), so determine if there were any unauthorized actions by ID and action.

- Check the time, and see if the user who operated the specific subject made any unauthorized actions.

Actions to take if unauthorized operations are found

If it's found that a password has been leaked after analyzing the audit log, change the password immediately.

No. Operation ID Stored

action

Result

1 CE authentication CE ID 01 OK/NG

2 Manager authentication Machine Administrator ID 02 OK/NG

3 Set/change Security Strengthen mode Machine Administrator ID 03 OK

4 Print audit log Machine Administrator ID 04 OK

5 Change/register CE password CE ID 05 OK

6 Change/register Machine Administrator

password

CE ID/ Machine Administrator ID06 OK

13 Change HDD lock password Machine Administrator ID 19 OK

Page 31

Machine administrator security functions

4-14 CS665 Pro

Page 32

Index

Page 33

Page 34

CS665 Pro 5-3

Index

5Index

Analyze audit log

4-12

Audit log

3-3, 4-10, 4-12

CE authentication password

4-3

CS remote care

3-3

Firewall

2-3

HDD lock password

4-7

Machine administrator

2-3

Machine administrator authentication

3-3

Machine administrator password

4-3

Machine administrator security functions

4-3

Machine administrator setting mode

3-3

Machine NIC setting

3-3

Normal mode

2-3

Print audit log

4-10

Security icon

2-3

Security strengthen mode

2-3, 3-3

Service representative (CE)

2-3

Turn security strengthen mode on/off

4-4

Unauthorized actions

4-13

Utility screen

4-4, 4-8, 4-10

Page 35

Index

5-4 CS665 Pro

Page 36

Reader's comment sheet

Questions

Have you found this manual to be accurate? O Yes O No

Were you able to operate the product, after reading this manual? O Yes O No

Does this manual provide sufficient background information? O Yes O No

Is the format of this manual convenient in size, readability and arrangement (page layout, chapter order, etc.)? O Yes O No

Could you find the information you were looking for? O Always O Most of the times O Sometimes O Not at all

What did you use to find the required information? O Table of contents O Index

Are you satisfied with this manual? O Yes O No

Thank you for evaluating this manual. If you have other comments or concerns, please explain or suggest improvements overleaf or on a separate sheet.

Comments:

----------------------------------------------------------------------------------------------------

----------------------------------------------------

Page 37

Reader's comment sheet

Date:

This reader's comment sheet is completed by: (If you prefer to remain unknown, please do fill in your occupation)

Name:

Occupation:

Company:

Phone:

Address:

City:

Country:

Please return this sheet to:

Océ-Technologies B.V. For the attention of ITC User Documentation. P.O. Box 101, 5900 MA Venlo The Netherlands

Send your comments by E-mail to: itc-userdoc@oce.com

For the addresses of local Océ organisations see: http://www.oce.com

Page 38

Addresses of local Océ organisations

[1]

Océ-Australia Ltd. P.O. Box 363 Ferntree Gully MDC Vic 3165

Australia

http://www.oce.com.au/

Océ-Österreich GmbH Postfach 95 1233 Vienna

Austria

http://www.oce.at/

Océ-Belgium N.V./S.A. J. Bordetlaan 32 1140 Brussel

Belgium

http://www.oce.be/

Océ-Brasil Comércio e Indústria Ltda. Av. das Nações Unidas, 11.857 Brooklin Novo São Paulo-SP 04578-000

Brasil

http://www.oce-brasil.com.br/

Océ-Canada Inc. 4711 Yonge Street, Suite 1100 Toronto, Ontario M2N 6K8

Canada

http://www.oce.ca/

Océ Office Equipment (Beijing) Co., Ltd. Xu Mu Cheng Chaoyang District Beijing 100028

China

http://www.oce.com.cn/

Océ-Czech Republic ltd. Hanusova 18 140 21 Praha 4

Czech Republic

http://www.oce.cz/

Océ-Danmark a/s Vallensbækvej 45 2605 Brøndby

Denmark

http://www.oce.dk/

Océ Finland OY Valkjärventie 7 D, PL 3 02130 Espoo

Finland

http://www.oce.fi/

Océ-France S.A. 32, Avenue du Pavé Neuf 93161 Noisy-le-grand, Cedex

France

http://www.oce.fr/

Océ-Deutschland GmbH Solinger Straße 5-7 45481 Mülheim/Ruhr

Germany

http://www.oce.de/

Océ-Hong Kong and China head office 12/F 1202 The Lee Gardens 33 Hysan Avenue Causeway Bay

Hong Kong

http://www.oce.com.hk/

Page 39

Addresses of local Océ organisations

Océ-Hungaria Kft. 1241 Budapest Pf.: 237

Hungary

http://www.oce.hu/

Océ-Ireland Ltd. 3006 Lake Drive Citywest Business Campus Saggart Co. Dublin

Ireland

http://www.oce.ie/

Océ-Italia S.p.A. Strada Padana Superiore 2/B 20063 Cernusco sul Naviglio (MI)

Italia

http://www.oce.it/

Océ Japan Corporation 3-25-1, Nishi Shinbashi Minato-Ku Tokyo 105-0003

Japan

http://www.ocejapan.co.jp/

Océ-Belgium S.A. Rue Astrid 2/A 1143 Luxembourg-Belair http://www.oce.lu/

Océ Malaysia Sdn. Bhd. #3.01, Level 3, Wisma Academy Lot 4A, Jalan 19/1 46300 Petalig Jaya Selangor Darul Ehsan

Malaysia

http://www.ocemal.com.my/

Océ-Mexico S.A. de C.V. Prolongación Reforma 1236, 4to Piso Col. Santa Fé, Del. Cuajimalpa C.P. 05348 México, D.F.

México

http://www.oceusa.com/

Océ-Norge A.S. Postboks 4434 Nydalen Gjerdrums vei 8 0403 Oslo

Norway

http://www.oce.no/

Océ-Poland Ltd. Sp.z o.o. ul. Bitwy Warszawskiej 1920 r. nr. 7 02-366 Warszawa

Poland

http://www.oce.com.pl/

Océ-Lima Mayer, S.A. Av. José Gomes Ferreira, 11 Piso 2 Miraflores 1497-139 Algés

Portugal

http://www.oce.pt/

Océ Singapore Pte Ltd. 190 MacPherson Road #03-00 Wisma Gulab Singapore 348548

Océ Printing Systems (PTY) Ltd. P.O.Box 629 Rivonia 2128

South Africa

Page 40

Addresses of local Océ organisations

Note: The web site http://www.oce.com gives the current addresses of the local Océ

organisations and distributors.

Note: The addresses of local Océ organisations for information about the Wide Format Printing Systems and the Production Printing Systems can be different from the addresses above. Refer to the web site http://www.oce.com for the addresses you need.

Océ España SA Business Park Mas Blau Osona, 2 08820 El Prat de Llobregat Barcelona

Spain

http://www.oce.es/

Océ-Svenska AB Sollentunavägen 84 191 27 Sollentuna

Sweden

http://www.oce.se/

Océ-Schweiz AG Sägereistrasse 10 CH8152 Glattbrugg

Schweiz

http://www.oce.ch/

Océ (Thailand) Ltd. B.B. Building 16/Floor 54 Asoke Road Sukhumvit 21 Bangkok 10110

Thailand

Océ-Nederland B.V. P.O.Box 800 5201 AV 's-Hertogenbosch

The Netherlands

http://www.oce.nl/

Océ (UK) Limited Océ House Chatham Way Brentwood, Essex CM14 4DZ

United Kingdom

http://www.oce.co.uk/

Océ North America Inc. 5450 North Cumberland Avenue Chicago, IL 60656

USA

http://www.oceusa.com/

Page 41

Printing for

Professionals

Beyond the Ordinary

Océ

100 Oakview Drive Trumbull, CT 06611 www.oceusa.com

©Océ 2008

Oce CS665 Pro, CS655 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual