Xerox® Security Guide for Light Production Mono Class Products
Event Monitoring & Logging
Audit Log
The Audit Log feature records security-related events. The Audit Log contains the following information:
Field
Description
Index
A unique value that identifies the event.
Date
The date that the event happened in mm/dd/yy format.
Time
The time that the event happened in hh:mm:ss format.
ID
The type of event. The number corresponds to a unique description.
Description An abbreviated description of the type of event.
Additional
Details
Columns 6
–10 list other information about the event, such as:
Identity: User Name, Job Name, Computer Name, Printer Name, Folder Name, or
Accounting Account ID display when Network Accounting is enabled.
Completion Status
Image Overwrite Status: The status of overwrites completed on each job. Immediate
Image must be enabled.
A maximum of 15,000 events can be stored on the device. When the number of events exceeds 15,000,
audit log events will be deleted in order of timestamp, and then new events will be recorded. The audit
log be exported at any time by a user with administrative privileges. Note that as a security precaution,
audit log settings and data can only be accessed via HTTPS.
Operational Security
Firmware Restrictions
The list below describes supported firmware delivery methods and applicable access controls.
Local Firmware Upgrade via USB port:
Xerox service technicians can update product firmware using a USB port and specially configured USB
thumb drive. This ability can be restricted by enabling the Customer Service Engineer Restriction feature
which will require entry of a unique, customer designated password in order to accept the update.
Network Firmware Update:
Product system administrators can update product firmware using the Embedded Web Server.
The ability to apply a firmware update is restricted to roles with system administrator or Xerox service
permissions. Firmware updates can be disabled by a system administrator.
Xerox Remote Services Firmware Update:
Xerox Remote Services can update product firmware securely over the internet using HTTPS. This
feature can be disabled, scheduled, and includes optional email alerts for system administrators.
The programs stored in the Flash ROM listed below are downloadable from external sources.
Controller
Marking Engine
Scanner
Document Feeder
Finisher (Option for processing printed paper. No description on Finisher is provided in this document
because user’s image data will not be stored in it.)