Xerox 701P40211 manual Using the High security setting

Page 29

System Guide

Security and Network Setup

While the underlying XDSS content has not changed since its inception, its implementation philosophy has been reversed in the 3.7 release. Previously, XDSS was an option typically chosen at install. Now the features are automatically implemented with a scrape install. A scrape install includes both the Solaris operating system and a DocuSP 3.7 release. This corresponds with the “High” setting in the Security Profile dialogue box under the System menu. The “Medium” setting describes the default operating environment normally provided by Sun. Upgrades, however, retain the previous security setting. Note that if XDSS was disabled in 3.6 and DocuSP is upgraded to 3.7 without an OS reload, the security setting will be medium.

WARNING

Since the “high” security setting disables a number of commonly used services, it is important that customers review this document and test this feature against their mission-critical applications.

This document provides information on all modifications made by XDSS so the customer can determine which security setting best meets their needs. Some customers may find that some features disabled by this script, such as telnet, FTP and NFS, are required in their environment. If a certain application communicated successfully with DocuSP 3.6 fails following a 3.7 upgrade but its communication mechanism is unknown to the customer, it is recommended that the setting be temporarily changed to “Medium” to determine if the high security setting is the cause of this change. If further assistance is required to manually disable or enable specific services listed in this document, please contact the Customer Support Center or the appropriate Sun documentation.

Using the High security setting

The following is a list of documents that are disabled when the security setting is set to “High”:

FTP (including anonymous FTP)

telnet

echo (Echoes back any character sent)

discard (Discards everything sent)

daytime (Displays the date and time)

Common Controller

4-5

Image 29
Contents Xerox Document Services Platform Series USA Table of Contents Table of Contents Fonts PrintingFinishing Accounting and Billing TroubleshootingHints and Tips Table of Contents Table of Contents System Guide Viii About this guide ContentsIntroduction Customer Support ConventionsInternet Services Http Gateway Configuration Gateway ConfigurationGateway IPP Gateway ConfigurationType cd /opt/XRXnps/XRXipp Administrator must enable Snmp in License Manager Simple Network Management Protocol Snmp ConfigurationSnmpdebuglog Configuration variablesSnmp MIB Support Printer and job messagesGateway Configuration System Guide Type cd /opt/XRXnps/XRXnwqsgw/bin NDS SetupGateway Configuration System Guide Common Controller Backup Backup and RestoreRestore Backing up a System Restoring a System Type restoreAccess and Security Security and Network SetupChanging the logon level Overview of SecurityXerox responsibility User Password changesRoles and responsibilities DocuSP 3.7 security changes Security SetupUsing the High security setting Security and Network Setup System Guide User level User and File-level changesSolaris file permissions secured Multicast routing disabledOS and host information hidden Sendmail daemon securedRemote CDE login disabled Network parameters secured Executable stacks disabledDocuSP router capabilities disabled NFS port monitor restrictedDigiPath and Decomposition Services Configure-xdss scriptXdss script components Disabling LP Anonymous PrintingDisable-security and enable-security scripts Remote shell internet serviceEnable-ftp and disable-ftp scripts User Account ManagementPrint command line client from remote systems Other security tips Configure for xrxusrOnline help for security Document and backupSample of inetd.conf file # Syntax for TLI-based Internet services # only on machines acting as boot servers Orstream or dgram #rexd/1 tli rpc/tcp wait root /usr/sbin/ rpc.rexd rpc.rexd How Do I? Answer Quick referenceHow Do I? Answer First In/First Out Fifo Printing Controller settings for limited Fifo scheduling/printingPrinting ‘Enabling Fifo Job Scheduling’ Enable/Disable Fifo Job Scheduling‘No Change Made’ Enabled DisabledSetpclcontrol Utility Ascii and PCL Printing UtilityImpact on DocuSP printers Set lp/lprcopycount utility # ./setVPSoption -2NONVPS Socket Gateway Configuration Utility setVPSoptionPerformance considerations Tiff filesTiff orientation Supported Tiff tags Resolution UnitsCompression T4 OptionY Resolution Micr EnablementStrip Byte Counts and Strip Offsets Tile Width, Tile Length, Tile Offsets, Tile Byte CountsPaper Trays Using VippPrinting hints Printing System Guide Common Controller DocuTech FinishingSubset Finishing Subset Offset Page Level Jog Creating jobs to use subset finishingPCL Offset/Separator/Subset Finishing command Large Capacity ESC&15H Envelope Feed ESC&16H PCL Paper Source CommandMixed Stacking Additional finishing information Finishing System Guide Common Controller Fonts How to choose fontsFonts PostScript Resident Fonts Font download optionResident Fonts System GuideFonts FontsSystem Guide PCL resident fonts Downloaded fonts PCL 5e resident bitmap fontsNon Resident Fonts PostScript fonts Optional or soft fontsFont substitution PCL 5e fonts Accounting Accounting and BillingAuto exporting accounting log Accounting exported valuesAccounting file fields System Guide Accounting and Billing Bytes Read SecondsProcessed SkippedAccounting and Billing System Guide Pages Printed Sheets PrintedAccounting and Billing System Guide Billable Events BillingMarket Region Billing Meters for Region Billing MetersDeclared faults TroubleshootingCalling for service Job fault Undeclared faultsPrinter fault Macintosh problems Client problemsWindows problems GUI problems DigiPath problemsFont problems Print Quality problemsAt the # prompt, typesync sync halt and press Enter Inoperable system problemsJob flow problems System Guide Troubleshooting PostScript problems Job Integrity problemsPDL problems Tiff problems Restore password Problems when saving a job Restart DocuSP software without rebootingProductivity and performance problems Alljobslog Printing system logsSystemlog StatuslogPrinting the system logs Epexceptionlog and epprimarylogType sync sync halt Rebooting and restartingPrinting the accounting log Opt/XRXnps/bin/XJDC -option,option... filename Loading XJDC/UnixXjdc Hints and Tips Configuring XJDC/UnixBASIC.JSL Output filesTroubleshooting System Guide General Hints and TipsGeneral Comments Color SystemsTime used to generate the PDL Time used to transfer PDLJob submission hints Number of images Time required to print PDLEthernet GatewaysVariable data Job submission orderJob RIP Hints Image Quality Skipped Pitches Job Printing HintsPerform a Trace PCI Channel Interface PWB Trace Capture ProcedureExport the trace file to floppy Numerics IndexIndex System Guide INDEX-3 Index INDEX-4 System Guide