4.1 – Network and PrintSecurity (Canon Network Printer Kit Only)
Canon imageRUNNER ADVANCEsystems include a number of highly configurable network security features that assist in
securing information when the optionalNetwork Print Kit is installed. Standard network security featuresinclude the
abilityto permit only authorized users and groups to access and print to the device, limiting device communicationsto
designated IP/MACaddresses, and controlling the availability of individual network protocolsand por ts asdesired.
Enabling/Disabling Protocols/Applications
Through Canon’sdevice setup and installation utilities, network administrators are provided with the ability to configure
the specificdevice protocols and service ports that are accessible. As a result, unwanted device communication and
system accessvia specific transport protocols can be effectively blocked.
Canon imageRUNNER ADVANCEsystems have the ability to disable unused TCP/IP portsto fur ther secure the devices.
Disabling portsaffects the available functions and applications on the device. Configurable ports* include:
24
White Paper: Canon imageRUNNER ADVANCE Security
Section 4 – Network Security
Name Port Description Setting location Functions Impacted By This Port
FTP TCP 21 File Transfer [Control] Settlings/ Registration > Preferences > Network >
TCP / IP Settings> FTP Print Settings
Ifdisabled, FTP printing/scanning options
willbe disabled.
SMTP TCP 25 Simple MailTransfer Protocol Settlings/ Registration > Preferences > Function Settings>
Send > Email/ I-Fax Settings Communication Settings
E-mailand I-Fax sending capability are enabled
through thisfunction.
HTTP TCP 80 World Wide Web HTTP Settings/ Registration > Preferences> Network >
TCP / IP Settings> Use HTTP
No accessto the imageRUNNER Remote UI utility if
disabled. Printing over IPP willcease if disabled.
netbios-ssn TCP 139 NETBIOSSession Service Settings/ Registration > Preferences > Network >
SMB Server Settings> Use SMB Scanning to a windowsfolder will be affected.
HTTPS TCP 443 HTTP protocolover TSL/SSL. Can be
used with the following functions:
Ifenabled, all network traffic between user pc
and imageRUNNER device via the
Remote UI utilityis secure.
Remote UI Settings/ Registration > Management Settings > License /
Other > Remote UI > SelectOn > Use SSL, Select On or Off
MEAP Settings Settings / Registration > Management Settings > License /
Other > MEAP Settings> SSL Settings > Select On or Off
IPP PrintSettings
Settings/ Registration > Preferences > Network > TCP/IP
Settings> IPP Print Settings > Select On >
Use SSL, SelectOn or Off
Device Information
DeliverySettings
Settings/ Registration > Management Settings > Device
Management> Device Information Delivery Settings > Restrict
Receiving for Each Function > SelectOn or Off
Confirm DepartmentID PIN Settings/ Registration > Preferences > Network > TCP/IP
Settings> Confirm Department ID PIN > Select On or Off
E-Mail/I-Fax: Authentication/Encryption
Settings/ Registration > Function Settings > Send >
E-Mail/I-FAXSettings > Communication Settings>
Authent./Encryption > Allow SSL(SMTP Receive),
Allow SSL(SMTP Send), and Allow SSL (POP)
PRINTER TCP 515 Spooler Settings/ Registration > Preferences > Network >
Use SpoolFunction > Select On or Off Disabling this protocol will cease Printing over LPR.
IPP TCP 631 IPP (InternetPrinting Protocol) Settings/ Registration > Preferences> Network > TCP / IP
Settings> IPP Print Settings > Select On or Off
Disabling thisprotocol will cause Printing over IPP
protocolto stop.
HTTP (Meap) TCP 8000 World Wide Web HTTP for MEAP
Settings/ Registration > Management Settings >
License / Other > MEAP Settings> SSLSettings >
SelectOn or Off
Disabling thisfeature disables access
to MEAP SMSPage and other MEAP applications
such asiWAM for MEAP.
RAW TCP 9100 Standard TCP/IP Printer (RAW) Settings/ Registration > Preferences > Network > TCP / IP
Settings> RAW Print Settings > Select On or Off
Disabling thisfeature causes Printing over
Std TCP/IP protocolto stop.
SNMP UDP 161 Simple NetworkManagementProtocol Settings/ Registration > Preferences > Network > TCP / IP
Settings> SNTP Settings > Select On or Off
Disabling thisfeature will result in imageRUNNER
devicesnot being discovered or manageable by
device managementutilities such as iWEMC.