background image

Xerox® Security Guide for Light Production Mono Class Products 

 

2  User Data Protection 

Xerox printers and multifunction products receive, process, and may optionally store user data from 
several sources including as local print, scan, fax, or copy jobs or mobile and cloud applications, etc.  
Xerox products protect user data being processed by employing strong encryption.  When the data is no 
longer needed, the Image Overwrite (IIO) feature automatically erases and overwrites the data on 
magnetic media, rendering it unrecoverable.  As an additional layer of protection, an extension of IIO 
called On-Demand Image Overwrite (ODIO) can be invoked to securely wipe all user data from magnetic 
media. 

 

User Data protection while within product 

This section describes security controls that protect user data while it is resident within the product.  For a 
description of security controls that protect data in transit please refer to the following section that 
discusses data in transit; also the 

Network Security

 section of this document.  

 

Encryption 

All user data being processed or stored to the product is encrypted by default.  Note that encryption may 
be disabled to enhance performance on both Legacy and D-Series® products (though this is not 
recommended in secure environments).  

The algorithm used in the product is AES-256.  The encryption key is automatically created at start up 
and stored in the RAM. The key is deleted by a power-off, due to the physical characteristics of the RAM. 

 

TPM Chip 

The Legacy and D-Series® products do not contain a TMP chip.  Please refer to 

Appendix A:  Product 

Security Profiles

 for model specific information. 

 

Media Sanitization (Image Overwrite) 

Legacy  and D-Series® products equipped with magnetic hard disk drives are compliant with NIST 
Special Publication 800-88 Rev1: Guidelines for Media Sanitization.  User data is securely erased using a 
three-pass algorithm as described in the following link: 

https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-88r1.pdf

 

 

Immediate Image Overwrite 

When enabled, Immediate Image Overwrite (IIO) will overwrite any temporary files that were created on 
the magnetic hard disk that may contain user data.  The feature provides continuous automatic 
overwriting of sensitive data with minimal impact to performance, robust error reporting, and logging via 
the Audit Log. 

 

Note:  Solid State storage media such as Solid-State Disk, eMMC, SD-Card, and Flash media cannot be completely 
sanitized by multi-pass overwriting methods due to the memory wear mapping that occurs.  (Additionally, attempts to do 
so would also greatly erode the operational lifetime of solid state media).  Solid State media is therefore not 
recommended for use in highly secure environments.  Please refer to NIST-800-

88 “Table A-8: Flash Memory-Based 

Storage Product 

Sanitization” for technical details.

 

Summary of Contents for D110

Page 1: ...ce Disclosure Xerox Security Guide Light Production Mono Class Copier Printers Legacy Printers Legacy Copier Printers D Series Copier Printers 4110 4112 4127 4590 Enterprise Printing System 4110 4112 4127 4590 Copier Printer D95 D110 D125 D136 Copier Printer ...

Page 2: ...rsion 1 0 February 2019 Copyright protection claimed includes all forms and matters of copyrightable material and information now allowed by statutory or judicial law or hereinafter granted including without limitation material generated from the software programs which are displayed on the screen such as icons screen displays looks etc Changes are periodically made to this document Changes techni...

Page 3: ... CONTROLS 25 4 DEVICE SECURITY BIOS FIRMWARE OS RUNTIME AND OPERATIONAL SECURITY CONTROLS 27 FAIL SECURE VS FAIL SAFE 27 PRE BOOT SECURITY 28 BOOT PROCESS SECURITY 28 RUNTIME SECURITY 28 EVENT MONITORING LOGGING 29 OPERATIONAL SECURITY 29 BACKUP RESTORE CLONING 30 EIP APPLICATIONS 30 5 CONFIGURATION SECURITY POLICY MANAGEMENT SOLUTIONS 31 6 IDENTIFICATION AUTHENTICATION AND AUTHORIZATION 32 AUTHEN...

Page 4: ...Xerox Security Guide for Light Production Mono Class Products APPENDIX B SECURITY EVENTS 51 XEROX LEGACY SECURITY EVENTS 51 D SERIES SECURITY EVENTS 67 1 ...

Page 5: ...spect to Information Assurance This document does not provide tutorial level information about security connectivity or the product s features and functions This information is readily available elsewhere We assume that the reader has a working knowledge of these types of topics Target Audience The target audience for this document is Xerox field personnel and customers concerned with IT security ...

Page 6: ...cluding finishers paper trays document handers etc may vary configuration however they are not relevant to security and are not discussed 1 Optional High Capacity Feeder 2 Bypass paper feed tray 3 Duplex Automatic Document Feeder 4 Document Cover 5 Document Glass 6 User Interface 7 Optional Standard Finisher 8 Front Cover 9 Left Cover 10 Trays 1 4 11 Lower Left Cover 12 Front Cover on Optional HCF...

Page 7: ... memory on Controller is accessible Preview Thumbnail feature Scanner The scanner converts documents from hardcopy to electronic data A document handler moves originals into a position to be scanned The scanner provides enough image processing for signal conditioning and formatting The scanner does not store scanned images The scanner does not have its own control processor The scanner attribute i...

Page 8: ...ser Data Protection In addition to managing document processing the controller manages all network functions and services Details can be found in section Network Security The controller handles all I O communications with connected products The following section provides a description of each interface Please note that not all interfaces are supported on all models details about each model can be ...

Page 9: ...or more USB ports may be located on the front of the product near the user interface Front USB ports may be enabled or disabled by a system administrator The front USB port supports the following Walk up users may insert a USB thumb drive to store or retrieve documents for scanning and or printing from a FAT formatted USB device The controller will only allow reading writing of a limited set of kn...

Page 10: ...address and product location NFC functionality can be disabled using the embedded web server of the product NFC functionality requires a software plugin that can be obtained from Xerox sales and support NFC functionality is supported via optional touch screen user interface or optional dedicated NFC USB dongle Information shared over NFC includes IPv4 Address IPv6 Address MAC Address UUID a unique...

Page 11: ...256 The encryption key is automatically created at start up and stored in the RAM The key is deleted by a power off due to the physical characteristics of the RAM TPM Chip The Legacy and D Series products do not contain a TMP chip Please refer to Appendix A Product Security Profiles for model specific information Media Sanitization Image Overwrite Legacy and D Series products equipped with magneti...

Page 12: ...s protocol is based on HTTP and utilizes the TLS suite to encrypt data HTTPS TLS Securely submit a print job directly to product via the built in web server Xerox Print Stream Encryption The Xerox Global Print Driver supports document encryption when submitting Secure Print jobs to enabled products Simply check the box to Enable Encryption when adding the Passcode to the print job Outbound User Da...

Page 13: ...dia Sanitization NIST 800 171 Image Overwrite All models use magnetic HDD Models with magnetic HDD See Appendix A Product Security Profiles Models with magnetic HDD See Appendix A Product Security Profiles Print Submission IPPS TLS Supported Supported Supported HTTPS TLS Supported Supported Supported Xerox Print Stream Encryption Supported Supported Supported Scan to Repository Server HTTPS TLS No...

Page 14: ...ent to external network services Inbound Listening Services Out Bound Network Client Print Services LPR IPP Raw IP etc Management Services SNMP Web interface WebServices etc Infrastructure Discovery Services IPSEC SSDP WSD mDNS NetBIOS etc Built in Scan Services FTP HTTP HTTPS TLS SFTP SSH SMB CIFS SMTP SMTPS POP3 POPS etc Authentication Services LDAP LDAPS SMB Kerberos Infrastructure ISAKMP IPSec...

Page 15: ...ion Agent 445 TCP Direct Hosting 465 TCP SMTPS Client 500 UDP ISAKMP 515 TCP LPR 524 TCP NetWare NCP Client 547 UDP DHCPv6 Client 631 TCP IPP FreeFlow 636 TCP LDAPS Client 1824 TCP HTTPS OffBox Validation Client 1824 TCP Xerox Secure Access 1900 UDP SSDP 3702 UDP WSD Discovery 5353 UDP Mdns 9100 TCP raw IP 15000 TCP Loopback port for the control of SMTP server 20001 TCP Loopback port for HTTP Serv...

Page 16: ... A system administrator can change the port number from CentreWare Internet Services Port 53 DNS This port is used for DNS This port is used for name queries to the DNS server when the product accesses the device designated by the device name This port is also used to register device names in DNS server authoritative server to update the DNS dynamically A system administrator can disable only DNS ...

Page 17: ...3 operates as a secure channel for SSMI and supports TLSv1 1 and TLSv1 2 When SSL TLS is enabled HTTP connections to SSMI are redirected to HTTPS Since communication through port 443 is encrypted interception on the network can be avoided Port 80 HTTP WSD This port supports WSD Web Services on Devices Print feature The port number is configurable and a system administrator can disable this port an...

Page 18: ...wsing protocol Port 445 is a standard direct host port and is used for communication using SMB protocol that does not use NetBIOS over TCP A system administrator can disable each of the 4 ports via Local User Interface or from CentreWare Internet Services To use the SMB feature for Scan all of the above ports need to be available For Scan image is sent to Port 139 or Port 445 both of which are on ...

Page 19: ...entreWare Internet Services Ports 80 443 HTTPS Authentication Agent ASC These are used as the destination ports when the product communicates to ApeosWare Authentication Agent AWAA Protocol and port number can be changed from AWAA by a system administrator of AWAA and cannot be changed from local UI or CentreWare Internet Services Port 465 SMTPS This is the secure channel port used to access the S...

Page 20: ...LDAP authentication and for Address Book queries in the Scan to Email feature Port 1824 HTTPS OffBox Validation This port is used to communicate with OffBox Validation server The protocol and port number can be changed by a system administrator on the OffBox Validation server side and cannot be changed via local UI or from CentreWare Internet Services Port 1900 SSDP This port provides the discover...

Page 21: ...nd IPv6 protocols Legacy Printers Legacy Copier Printers D Series Copier Printers 4110 4112 4127 4590 EPS 4110 4112 4127 4590 D95 D110 D125 D136 IPSec Supported IP Versions IPv4 IPv6 IPv4 IPv6 IPv4 IPv6 Key exchange authentication method Preshared Key digital signature device authentication certificate server validation certificate Preshared Key digital signature device authentication certificate ...

Page 22: ...ox Legacy 4110 4112 4127 and D Series Copier Printer products support TLS 1 2 Legacy Printers Legacy Copier Printers D Series Copier Printers 4110 4112 4127 4590 EPS 4110 4112 4127 4590 D95 D110 D125 D136 TLS Versions Supported Product Web Interface 1 2 1 1 1 0 1 2 1 1 1 0 1 2 1 1 1 0 Product Web Services 1 2 1 1 1 0 1 2 1 1 1 0 1 2 1 1 1 0 Product IPPS printing 1 2 1 1 1 0 1 2 1 1 1 0 1 2 1 1 1 0...

Page 23: ... logs in to the product using a Smart Card For protocols such as HTTPS the printer is the server and must prove its identity to the client Web browser For protocols such as 802 1X the printer is the client and must prove its identity to the authentication server typically a RADIUS server Device Certificates Legacy and D Series products support both CA signed and self signed certificates Product ce...

Page 24: ...ificate that contains a key that does not meet this requirement a message appears The message alerts the user that the certificate they are attempting to upload does not meet the key length requirement Legacy Printers Legacy Copier Printers D Series Copier Printers 4110 4112 4127 4590 EPS 4110 4112 4127 4590 D95 D110 D125 D136 Trusted Certificates Minimum Length Restriction Options None 1024 2048 ...

Page 25: ...0 D95 D110 D125 D136 Email S MIME Versions v3 v3 v3 Digest SHA1 SHA256 SHA384 SHA512 SHA1 SHA256 SHA384 SHA512 SHA1 SHA2 SHA256 SHA384 SHA512 Encryption 3DES AES128 AES192 AES256 3DES AES128 AES192 AES256 3DES AES128 AES192 AES256 SNMPv3 SNMPv3 is the current standard version of SNMP defined by the Internet Engineering Task Force IETF It provides three important security features Message integrity...

Page 26: ...ng Cisco ISE to automatically detect and profile new Xerox products from the day they are released Customers who use Cisco ISE find that including Xerox products in their security policies is simpler and requires minimal effort Cisco ISE Profiling Services provides dynamic detection and classification of endpoints connected to the network ISE collects various attributes for each network endpoint t...

Page 27: ...audit processes to support them quickly become prohibitively expensive It also lacks the ability to manage endpoints contextually Connectivity of D Series Copier Printer devices can be fully managed contextually by Cisco TrustSec TrustSec uses Security Group Tags SGT that are associated with an endpoint s user device and location attributes SG ACLs can also block unwanted traffic so that malicious...

Page 28: ...y and D Series products support IP Whitelisting only When enabled all traffic is prohibited regardless of interface wired wireless unless enabled by IP filter rule IPv4 and IPv6 are enabled separately If IP Filter and IPsec are both enabled IPsec is evaluated first Up to 25 addresses can be enabled for IPv4 and an additional 25 for IPv6 Addresses include IP and subnet allowing individual system or...

Page 29: ...e BIOS is inaccessible and cannot be cleared or reset The BIOS can only be modified by a firmware update which is digitally signed BIOS will fail secure locking the system if integrity is compromised Embedded Encryption Configuration Settings including security settings and User Data are encrypted by AES Each device is encrypted using its own unique key Boot Process Integrity Firmware Integrity Ve...

Page 30: ...mware is protected from tampering by use of digital signatures discussed later in this section The BIOS is designed to fail secure An integrity check is performed immediately when power is applied If verification is successful the system proceeds with OS kernel boot If the integrity check fails the system will fail secure Embedded Encryption AES encryption is used to protect the system user data a...

Page 31: ...ion audit log settings and data can only be accessed via HTTPS Operational Security Firmware Restrictions The list below describes supported firmware delivery methods and applicable access controls Local Firmware Upgrade via USB port Xerox service technicians can update product firmware using a USB port and specially configured USB thumb drive This ability can be restricted by enabling the Custome...

Page 32: ...e Workstation PWS Only Xerox authorized service technicians are granted access to the PSW Customer documents or files cannot be accessed during a diagnostic session nor are network servers accessible through this port If a network connection is required while servicing a Xerox device service technicians will remove the device from any connected networks The technician will then connect directly to...

Page 33: ...urity Guide for Light Production Mono Class Products 5 Configuration Security Policy Management Solutions Xerox Device Manager and Xerox CentreWare Web available as a free download centrally manage Xerox Devices ...

Page 34: ...ion Legacy and D Series Copier Printer devices support the following authentication mode Local Authentication Network Authentication Smart Card Authentication CAC PIV SIPR Net Convenience Authentication Service Technician Authentication Local Authentication The local user database stores user credential information The printer uses this information for local authentication and authorization and fo...

Page 35: ...ID and password set for the product authentication to the switch device starts in order to connect to the LAN port 802 1X Authentication In 802 1X authentication when the product is connected to the LAN port of Authenticator such as the switch as shown below the Authentication server authenticates the product and the Authenticator controls access of the LAN port according to the authentication res...

Page 36: ...orted Supported Supported PIV PIV II Supported Supported Supported Net Gemalto Net v1 Gemalto Net v2 Supported Supported Supported Gemalto MD Not Currently Supported Not Currently Supported Not Currently Supported Convenience Authentication Convenience authentication offloads authentication to a third party solution which may offer more or less security than native security implementations Users s...

Page 37: ... view this information can be disallowed Local Access Without RBAC permissions defined basic information such as Model Serial number Software Version IP address and Host Name can be viewed without authentication This can be disabled by disallowing access to device settings for unauthenticated By default users are allowed to access the local interface however they are restricted from accessing devi...

Page 38: ...the Initial Ticket that the product received using the entered password When the decryption completes in success the user is authenticated In SMB authentication through the negotiation with SMB authentication server the appropriate authentication method is determined by examining from the highest level i e NVLMv2 User selects pre registered SMB domain name and executes authentication by entering U...

Page 39: ...tion server is encrypted by the supplier s unique code e g Equitrac Corporation Sequence of authentication performed by inserting card to Secure Access card reader is as follows 1 The information on the card inserted to Secure Access card reader is read and notified to the Secure Access authentication server Then the request for password confirmation is notified to the product from the Secure Acce...

Page 40: ...es in Xerox software and hardware It can be downloaded from this page http www xerox com information security information security articles whitepapers enus html Additional Resources Below are additional resources Security Resource URL Frequently Asked Security Questions https www xerox com en us information security frequently asked questions Common Criteria Certified Products https security busi...

Page 41: ...rox Security Guide for Light Production Mono Class Products Appendix A Product Security Profiles This appendix describes specific details of each Legacy 4110 4112 4127 and D Series Copier Printer product ...

Page 42: ...a system administrator Front Panel Optional USB2 0 Type A port s Users may insert a USB thumb drive to print from or store scanned files to Physical security of this information is the responsibility of the user or operator Note that features that leverage USB ports such as Scan To USB can be disabled independently or restricted using role based access controls Firmware upgrades may be applied usi...

Page 43: ...d Circuit soldered to circuit board HDD Magnetic Hard Disk Drive SSD Solid State Disk SD Card Secure Digital Card Controller Non Volatile Memory Size Type Use User Modifiable How to Clear Volatile 64MB SDRAM MCU PWBA Temporary storage of variables N SRAM is erased when machine is powered off Yes 4Gbit DRAM SYSTEM MEMORY DIMM Temporary storage of program and work area N SDRAM is erased when machine...

Page 44: ...work area N SDRAM is erased when machine is powered off Yes 64MB SDRAM ESS PWBA Temporary storage of program and work area N SDRAM is erased when machine is powered off Yes 1Gbit SDRAM page memory Temporary storage of variables N SRAM is erased when machine is powered off Yes 512MB 1Gbit 64M x 16 bit x4 SDRAM page memory DIMM IPS PWBA Temporary storage of variables for IISS N SRAM is erased when m...

Page 45: ... Optional USB2 0 Type A port s Users may insert a USB thumb drive to print from or store scanned files to Physical security of this information is the responsibility of the user or operator Note that features that leverage USB ports such as Scan To USB can be disabled independently or restricted using role based access controls Firmware upgrades may be applied using this port Connection of optiona...

Page 46: ...WBA Permanent storage of program font data User image data not stored N Not Customer Clearable No 16KB EEPROM BP PWBA Permanent storage of machine setting data User image data not stored N Not Customer Clearable No 8MB Flash ESS PWBA Permanent storage of program User image data not stored N Not Customer Clearable No 2GB SD Card Billing meters and critical settings N Not Customer Clearable No 1MB B...

Page 47: ...rogram and work area N SDRAM is erased when machine is powered off Yes 64MB SDRAM ESS PWBA Temporary storage of program and work area N SDRAM is erased when machine is powered off Yes 1Gbit SDRAM page memory Temporary storage of variables N SRAM is erased when machine is powered off Yes Additional Information All memory listed above contains code for execution and configuration information No user...

Page 48: ...can be disabled completely by a system administrator Front Panel Optional USB2 0 Type A port s Users may insert a USB thumb drive to print from or store scanned files to Physical security of this information is the responsibility of the user or operator Note that features that leverage USB ports such as Scan To USB can be disabled independently or restricted using role based access controls Firmwa...

Page 49: ... Card Secure Digital Card Controller Hard Disk Table Drive Partition Removable Y N Size User Modifiable Y N Function Process to Clear ide0 a N 3726MB N Resources data storage At the deletion of data ide0 b N 3726MB N Print data temporary storage At the completion of job ide0 c N 14902MB N Private Mailbox storage At the deletion of data ide0 d N 3726MB N PDL mail data temporary storage At the compl...

Page 50: ...temporarily stored on this partition when Scan To Server Scan To PC or Scan To Email is used ide0 g PDL data are received and temporarily stored on this partition ide0 h Management data are authentication database job log audit log certificate address book development log ide0 i Scan data stored by Scan to URL process remain on this partition until user retrieves data 8 Xerox D95 D95A D110 D125 St...

Page 51: ... of work area No SDRAM is erased when a main switch is turned off Yes 512KB SRAM ESS PWBA Temporary storage of variables for IISS No SRAM is erased when machine is powered off Yes 4MB SDRAM ESS PWBA Temporary storage of work area No SDRAM is erased when a main switch is turned off Yes Additional Information The controller operating system memory manager allocates memory dynamically between OS runn...

Page 52: ...nent storage of program data User image data are not stored No Not customer alterable No 16KB EEPROM IIT PWBA Permanent storage of IIT configuration code User image data are not stored No Not customer alterable No 16KB EEPROM 2nd IIT DCDC PWBA Permanent storage of 2nd IIT configuration code User image data are not stored No Not customer alterable No 384KB Flash with 24Kbyte of data RAM DADF PWBA P...

Page 53: ...User ID Accounting Account ID 6 Network scan job Job name User Name Completion Status IIO status Accounting User ID Accounting Account ID total number net destination net destination 7 Server fax job Job name User Name Completion Status IIO status Accounting User ID Accounting Account ID Total fax recipient phone numbers fax recipient phone numbers net destination 8 IFAX Job name User Name Complet...

Page 54: ...bers 14 Lan Fax Job Job name User Name Completion Status IIO status Accounting User ID Accounting Account ID Total fax recipient phone numbers fax recipient phone numbers 15 Data Encryption enabled Device name Device serial number 16 Manual ODIO Full started Device name Device serial number 17 Manual ODIO Full complete Device name Device serial number Overwrite Status 18 Data Encryption disabled D...

Page 55: ...cript Passwords Device name Device serial number StartupMode enabled disabled System Params Password changed Start Job Password changed 29 Network User Login UsereName Device name Device serial number Completion Status Success Failed 30 SA login UsereName Device name Device serial number Completion Status Success or Failed 31 User Login UserName Device name Device serial number Completion Status S...

Page 56: ...abled disabled 42 Network Authentication Enable Disable Configure UserName Device name Device serial number Completion Status Enabled Disabled 43 Device clock UserName Device name Device serial number Completion Status time changed date changed 44 SW upgrade Device name Device serial number Completion Status Success Failed 45 Cloning Device name Device serial number Completion Status Success Faile...

Page 57: ...r Interval Change Device Name Device Serial Number Interface Web LUI Timer affected by change User Name who made this change Session IP if available Completion Status 59 Feature Access Control Enable Disable Configure User Name Device Name Device Serial Number Completion Status Enabled Disabled Configured Interface Web Local CAC SNMP Session IP address if available 60 Device Clock NTP Enable Disab...

Page 58: ...Login UserName Device Name Device Serial Number Completion Status Success Failed 70 Print from USB Enable Disable User Name Device Name Device Serial Number Completion Status Enabled Disabled 71 USB Port Enable Disable User Name Device Name Device Serial Number USB Port Front Rear Completion Status Enabled Disabled 72 Scan to USB Enable Disable User Name Device Name Device Serial Number Completion...

Page 59: ...ryption UserName Device name Device serial number Completion Status Enabled for STARTLS Enabled for STARTLS if Avail Enabled for SSL TLS Disabled 81 Email Domain Filtering Rule User name Device Name Device Serial Number Completion Status Feature Enabled Feature Disabled Rule Added Rule Deleted 82 Software Self Test Started Device Name Device Serial Number 83 Software Self Test Complete Device Name...

Page 60: ...Created Changed 94 FTP SFTP Filing Passive Mode User Name Device Name Device Serial Number Completion Status Enabled Disabled 95 EFax Forwarding Rule User Name Device Name Device Serial Number Fax Line 1 or 2 if applicable Completion Status Rule Edit Rule Enabled Rule Disabled 96 EIP Weblets Allow Install UserName Device name Device serial number Completion Status Enable Installation Block Install...

Page 61: ...ining for next attempt Min Remaining for next attempt 104 Plan Conversion Device name Device serial number Completion Status Success if Passcode is ok Failed if Passcode is not ok Locked out if Max Attempts Exceed 5 Time Remaining Hrs Remaining for next attempt Min Remaining for next attempt 105 IPv4 Enable Disable Configure UserName Device name Device serial number Completion Status Enabled Wirel...

Page 62: ...sion data 113 Airprint Enable Disable Configure UserName Device name Device serial number Completion Status Enabled Disabled Configured 114 Device cloning enable disable UserName Device name Device serial number Completion Status Enable Disable 115 Save for reprint job UserName Device name Device serial number Completion Status Standard Access Open Access Restricted 116 Web UI Access Configure Use...

Page 63: ... Name Device serial number Completion Status Enable Disable 126 Display Device information configure UserName Device Name Device serial number Completion Status Configured 127 Invalid Login Lockout Expires Device name Device serial number Interface Web UI Session IP Address if available Count of invalid attempts attempts xx where xx the number of attempts 128 Erase Customer Data Erase Customer Dat...

Page 64: ...nstall Device Name Device Serial Completion Status Success Fail User readable names for the features being installed 138 Remote Services Data Push Device Name Device Serial Completion Status Success Fail 139 Remote Services User Name Device Name Device Serial Status Enabled Disabled 140 Restore enable disable User Name Device name Device serial number Completion status Enable Disable 141 Backup Re...

Page 65: ...e serial number User name of target user Action Grant or Revoke 150 Manual session logout Device Name Device Serial Number Interface Web LUI CAC User Name who was logged out Session IP if available 151 IPP Enable Disable Configure User name Device name Device serial number Completion status Enabled Disabled Configured 152 HTTP Proxy Server Enable Disable Configure User name Device name Device seri...

Page 66: ...e Serial Number Destination IP address Completion Status Success Failed 164 One Touch App Management User Name Device name Device serial number Onetouch application Display Name Action Install Un install Completion Success Failed 165 SMB Browse User name Device name Device serial number Completion status Enabled Disabled Configured 166 Job Data Removal Standard started Device name Device serial nu...

Page 67: ...Clone Add On File name 176 Xerox Configuration Watchdog User name Device Name Device Serial number Completion status Enabled Disabled 177 Xerox Configuration Watchdog Check Complete User name if available SYSTEM if executed as a scheduled event Device name Device serial number Completion status Success Failed 178 Xerox Configuration Watchdog Remediation Complete User name if available SYSTEM if ex...

Page 68: ... User Name Device name Device serial number Completion Status Enabled Disabled Configured 183 FTP Browse User Name Device name Device serial number Completion Status Enabled Disabled Configured 184 SFTP Browse User Name Device name Device serial number Completion Status Enabled Disabled Configured ...

Page 69: ...name Completion Success Failed Invalid User ID Failed Invalid Password Failed Host Name or IP Address Method Local Remote Convenience Custom Role System Administrator Customer Engineer Casual Operator 201 Logout User name Completion Success Failed 201 Locked System Administrator Authentication Count of Remaining Authentication Failures 201 Detected Continuous Authentication Fail User name Protocol...

Page 70: ...e and Time Completion Success Failed 501 Add User User name User Role 501 Edit User User name User Role ID Password CardID Name Permission Role ICCardID Other 501 Delete User User Name 501 Create Mailbox Host Name or IP Address Box Number 501 Delete Mailbox 501 Switch Authentication Mode Completion Success New Setting Previous Setting 501 Change Security Setting Authentication Accounting Image Ove...

Page 71: ...ing Impression Mode Completion Success Failed Designated Mode A3 Mode A4 Mode Billing Meter Values 601 Import Certificate User name Completion Success Failed Category RootCA DeviceEE SSCEE Key Size Issuer DN Serial Number 601 Delete Certificate 601 Add Address Entry Host Name or IP Address Registration Number 601 Delete Address Entry 601 Edit Address Entry 601 Import Address Book Host Name or IP A...

Page 72: ...ntacts Connectivity Permissions System 601 Import Cloning Data 701 Important Parts Completion Replaced 701 Hard Disk Completion Replaced Installed Removed 701 ROM Version Change 801 Communication Reliability When Reliability Communication Error is detected at the periodical check ...

Reviews: