How it Works
Xerox
Loading...
3550
User Manual [ru]
236 pgs12.28 Mb0
User Manual
32 pgs820.18 Kb0
Service manual
275 pgs13.39 Mb0

Xerox 3550 User Manual

Mark Bixler
800 Phillips Road
Webster
, New York 14
580
Xerox WorkCentre
3550
Prepared by:
Xerox Corporation
XEROX WorkCentre
3550
Information Assurance Disclosure Paper
©2011 Xerox Corporation. All rights reserved. Xerox and the sphere of connectivity design are trademarks of Xerox Corporation in the United States and/or other counties.
Other company trademarks are also acknowledged.
Document Version: 1.3 (March 2011).
2
Ver. 1.3, March 2011 Page 2 of 32
XEROX WorkCentre
3550
Information Assurance Disclosure Paper
1. INTRODUCTION ..................................................................................................................................5
1.1.
Purpose .................................................................................................................................................................................... 5
1.2.
Target Audience ................................................................................................................................................................... 5
1.3.
Disclaimer ............................................................................................................................................................................... 5
2. DEVICE DESCRIPTION .......................................................................................................................6
2.1.
Security-relevant Subsystems ......................................................................................................................................... 7
2.1.1. Physical Partitioning .......................................................................................................................................................................7
2.1.2. Security Functions allocated to Subsystems ........................................................................................................................8
2.2.
Controller ................................................................................................................................................................................ 9
2.2.1. Purpose ................................................................................................................................................................................................9
2.2.2. Memory Components ....................................................................................................................................................................9
2.2.3. External Connections .................................................................................................................................................................. 10
2.2.4. USB Ports ......................................................................................................................................................................................... 10
2.3
Fax Module .......................................................................................................................................................................... 11
2.3.1. Purpose ............................................................................................................................................................................................. 11
2.3.2. Hardware ......................................................................................................................................................................................... 11
2.4.
Scanner ................................................................................................................................................................................. 11
2.4.1. Purpose ............................................................................................................................................................................................. 11
2.4.2. Hardware ......................................................................................................................................................................................... 11
2.5.
Local User Interface (LUI) ............................................................................................................................................. 12
2.5.1. Purpose ............................................................................................................................................................................................. 12
2.5.2. Hardware ......................................................................................................................................................................................... 12
2.6.
Marking Engine (also known as the Image Output Terminal or IOT) .......................................................... 12
2.6.1. Purpose ............................................................................................................................................................................................. 12
2.6.2. Hardware ......................................................................................................................................................................................... 12
2.6.3. Control and Data Interfaces .................................................................................................................................................... 12
2.7.
System Software Structure ........................................................................................................................................... 13
2.7.1. Open-source components ......................................................................................................................................................... 13
2.7.2. OS Layer in the Controller ......................................................................................................................................................... 13
2.7.3. Network Protocols ........................................................................................................................................................................ 14
2.8.
Logical Access ..................................................................................................................................................................... 15
2.8.1. Network Protocols ........................................................................................................................................................................ 15
2.8.2. Ports ................................................................................................................................................................................................... 16
2.8.3. IP Filtering ....................................................................................................................................................................................... 20
3. SYSTEM ACCESS ................................................................................................................................ 21
3.1.
Authentication Model ..................................................................................................................................................... 21
3
Ver. 1.3, March 2011 Page 3 of 32
XEROX WorkCentre
3.2.
Login and Authentication Methods ........................................................................................................................... 21
3.2.1. System Administrator Login [All product configurations] ........................................................................................... 21
3.2.2. User authentication ..................................................................................................................................................................... 21
3.3.
System Accounts ............................................................................................................................................................... 24
3.3.1. Printing [Multifunction models only] .................................................................................................................................... 24
3.3.2. Network Scanning [Multifunction models only] .............................................................................................................. 24
3.4.
Diagnostics .......................................................................................................................................................................... 24
3550
Information Assurance Disclosure Paper
4. SECURITY ASPECTS OF SELECTED FEATURES ...................................................................... 25
4.1.
SMart eSolutions ............................................................................................................................................................... 25
4.2.1 Meter Assistant .............................................................................................................................................................................. 25
4.2.2 Supplies Assistant ......................................................................................................................................................................... 25
4.2.3 Summary .......................................................................................................................................................................................... 25
5. RESPONSES TO KNOWN VULNERABILITIES ......................................................................... 26
5.1.
Security @ Xerox (www.xerox.com/security) .......................................................................................................... 26
6. APPENDICES ....................................................................................................................................... 27
6.1.
Appendix A – Abbreviations ......................................................................................................................................... 27
6.2.
Appendix B – Supported MIB Objects ....................................................................................................................... 29
6.3.
Appendix C –Standards .................................................................................................................................................. 31
6.4.
Appendix E – References ................................................................................................................................................ 32
4
Ver. 1.3, March 2011 Page 4 of 32
XEROX WorkCentre
1. Introduction
The
WorkCentre 3550 multifunction systems
devices for the general office.
1.1. Purpose
The purpose of this document is to disclose information for the WorkCentre products with respect to device security. Device Security, for this paper, is defined as how image data is stored and transmitted, how the product behaves in a networked environment, and how the product may be accessed, both locally and remotely. Please note that the customer is responsible for the security of their network and the WorkCentre products do not establish security for any network environment.
The purpose of this document is to inform Xerox customers of the design, functions, and features of the WorkCentre products relative to Information Assurance (IA).
This document does NOT provide tutorial level information about security, connectivity, PDLs, or WorkCentre products features and functions. This information is readily available elsewhere. We assume that the reader has a working knowledge of these types of topics. However, a number of references are included in the Appendix.
3550
Information Assurance Disclosure Paper
are among the latest versions of Xerox copier and multifunction
1.2. Target Audience
The target audience for this document is Xerox field personnel and customers concerned with IT security.
1.3. Disclaimer
The information in this document is accurate to the best knowledge of the authors, and is provided without warranty of any kind. In no event shall Xerox Corporation be liable for any damages whatsoever resulting from user's use or disregard of the information provided in this document including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Xerox Corporation has been advised of the possibility of such damages.
5
Ver. 1.3, March 2011 Page 5 of 32
XEROX WorkCentre
Document Feeder & Scanner (IIT)
Marking Engine (IOT)
User Interface (UI)
The Network Controller is
Output Bin
USB Host Port
3550
Information Assurance Disclosure Paper
2. Device Description
This product consists of an input document handler and scanner, marking engine including paper path, controller, and user interface.
located on the left rear side of
the machine in WorkCentre
3550 products.
Paper Trays
Figure 2-1 WorkCentre Multifunction System
6
Ver. 1.3, March 2011 Page 6 of 32
XEROX WorkCentre
3550
Information Assurance Disclosure Paper
2.1. Security-relevant Subsystems
2.1.1. Physical Partitioning
The security-relevant subsystems of the product are partitioned as shown in Figure 2-2.
Figure 2-2 System functional block diagram
7
Ver. 1.3, March 2011 Page 7 of 32
XEROX WorkCentre
3550
Information Assurance Disclosure Paper
2.1.2. Security Functions allocated to Subsystems
Security Function Subsystem
System Authentication
Network Authentication
Cryptographic Operations
User Data Protection – SSL
User Data Protection – IP Filtering
User Data Protection – IPSec
Network Management Security
Fax Flow Security
Security Management
Controller
Graphical User Interface
Controller
Graphical User Interface
Controller
Controller
Controller
Controller
Controller
Fax Module
Controller
Graphical User Interface
Controller
Graphical User Interface
Table 1 Security Functions allocated to Subsystems
8
Ver. 1.3, March 2011 Page 8 of 32
XEROX WorkCentre
Type (SRAM, DRAM,
Size User
Function or U
se Process to Sanitize
Type (
Flash, EEPROM,
Size User
Function or Use
Process to Sanitize
2.2. Controller
2.2.1. Purpose
The controller provides both network and direct-connect external interfaces, and enables copy, print, email, network scan and LanFAX functionality. Network scanning and LanFAX are standard features. The controller also incorporates a proprietary web server that exports a Web User Interface (WebUI) through which users can submit jobs and check job and machine status, and through which system administrators can remotely administer the machine.
The controller contains the image path, which uses proprietary hardware and algorithms to process the scanned images into high-quality reproductions. Scanned images may be temporarily buffered in DRAM to enable electronic pre-collation, sometimes referred to as scan-once/print-many. When producing multiple copies of a document, the scanned image is processed and buffered in the DRAM in a proprietary format. The buffered bitmaps are then read from DRAM and sent to the Image Output Terminal (IOT) for marking on hardcopy output. For long documents, the production of hardcopy may begin before the entire original is scanned, achieving a level of concurrency between the scan and mark operations.
The controller operating system is pSOS v2.5. The controller works with the User Interface (UI) assembly to provide system configuration functions. A System Administrator PIN must be entered at the UI in order to access these functions.
2.2.2. Memory Components
3550
Information Assurance Disclosure Paper
Volatile Memory
etc)
SDRAM 256/512
MB
Additional Information:
Modifiable (Y/N)
Expandable to 512 MB
Main Memory Remove power
Non-Volatile Memory
etc)
Flash 32 MB No Operating System, PDL
Flash ROM 1 MB No Backup None
Flash 8 MB No Fax/Font Backup None
Additional Information:
data is permanently stored in this location.
Modifiable (Y/N)
None Interpreters, Fonts, MIB, Fax Journal List, Fax Dialing, Code used for scheduling the marking of jobs
All memory listed above contains code for execution and configuration information. No user or job
9 Ver. 1.3, March 2011 Page 9 of 32
Table 2 Controller memory components
XEROX WorkCentre
2.2.3. External Connections
3550
Information Assurance Disclosure Paper
Interface Description / Usage
1 Foreign Device Interface (FDI) Allows connection of optional access
control hardware
2 PEK (Product Enablement Key)
Reader Slot
3 USB 2.0 Target Port Direct-connect printing
Used for initial product configuration.
Figure 2-3 Back panel connections
2.2.4. USB Ports
The WorkCentre 3550 contains a host connector for a USB flash drive, enabling printing from USB, scanning to USB and upload of software upgrade files.
Autorun is disabled on this port. No executable files will be accepted by the port.
Modifying the software upgrade or saved machine settings files will make the files unusable on a WorkCentre 3550.
The machine settings that can be saved and restored by a service technician are limited to controller parameters that are needed for normal operation.
Both ports can be disabled by an Admin via the WebUI.
4 Ethernet 10/100/1000 Network connectivity
5 FAX line 1, RJ-11 Supports FAX Modem T.30 protocol
only
6 Extension Telephone Socket
(EXT), RJ11
7 USB 2.0 Host Port (Not Pictured
– see Figure 2-1)
Table 3 Controller External Connections
Allows connection of telephone
Printing from USB, scanning to USB, upload of software upgrade files
USB
USB port and location Purpose
USB 2.0 Host port Printing from USB, scanning to USB, upload of software upgrade files
USB 2.0 Target port Direct-connect printing
Table 4 USB Ports
10
Ver. 1.3, March 2011 Page 10 of 32
Loading...
+ 22 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use