Canon Paper Shredder Section 9 Addendum

9.1 – Canon SecurityRecommendations Quick Reference

Each customer’sneeds are different, and while the security of corporate data is ultimately the

responsibilityof the customer, the security technologies outlined below may help support your

organization'sinformation security needs. The following actions are recommended by Canon as

appropriate firststeps in securing an imageRUNNER ADVANCE system for most environments.

While these suggestionsassist in enhancing device security, internal company security policies

should ultimatelydictate which security measures are appropriate for implementation within a

specificenvironment.

1. Choose a form ofUser Authentication and/or Access Control

2. Setthe system administrator ID and password

3. Disable unused portsand applications (e.g. FTP, RUI)

4. Setpasswords for Mail Boxesand Advanced Boxes

5. Restrictprinting and RUI access to specific IP or MAC addresses

6. Setpasswords for Address Bookmanagement

7. Change the SNMP communitystrings

8. Disable the USB portif unused

9. Utilize OptionalHard Disk Drive Erase Kit or Hard DiskDrive Encryption Kit to ensure integrity

ofdata stored on internal Hard Disk Drives

10.Monitor the devices using imageWARE EMC

35

White Paper: Canon imageRUNNER ADVANCE Security

Section 9 – Addendum

Contents

Main White Paper: Canon imageRUNNER ADVANCE Security INTENT OF THIS DOCUMENT: Version 1.0 June 14, 2010 Table of Contents Page Section 1 Introduction 1.1 Security MarketOverview 1.2 Imaging & Printing Security Overview 1.3 KeySecurity Concentration Areas 2.1 imageRUNNER ADVANCEController Security 2.2 Authentication Device-Based Authentication Card-Based Authentication 2.3 AccessControl Password-Protected System Settings AccessManagement System The following describesthe various Base access levels (roles) that are available: The following functionsand features can be restricted: * Requires SSO-H to be enabled. Privilegesby Access Level Device Function Values Description Scan and Send Security Page Print Driver Security Features USB Block 2.4 Third PartyMEAP Application and Development 3.1 Document Security Secure Printing DocumentStorage Space Protection Other DocumentSecurity Capabilities Page LLooggggiinngg && AAuuddiittiinngg sseeccttiioonn 3.2 Data Security* Data at Rest Page Page Page Page Data in Transit DDooccuummeenntt SSeeccuurriittyy IInnffoorrmmaattiioonn SSeeccuurriittyy 3.3 FaxSecurity Super G3 FaxBoard and Multi Line Fax Board Other FaxFeatures FaxStorage Space 4.1 Network and PrintSecurity (Canon Network Printer Kit Only) Enabling/Disabling Protocols/Applications IP AddressFiltering Media AccessControl (MAC) Filtering SSLEncryption IPv6 Support IPSecSupport KeyExchange Protocol WirelessLAN IEEE 802.1X SNMP CommunityString DDeevviiccee SSeeccuurriittyy USB Block Scan and Send - VirusConcerns for E-mail Reception 4.2 Mail Server Security SMTP Authentication POP Authentication Before SMTP Section 5 Security Monitoring & Management Tools 5.1 imageWARE Enterprise ManagementConsole 5.2 Restricting Device Setup Screens DDeevviiccee SSeeccuurriittyy DDeevviiccee SSeeccuurriittyy Section 6 Logging & Auditing 6.1 Document Scan Lock& Trace LOCK TRACE DDooccuummeenntt SSeeccuurriittyy Section 6 Logging & Auditing 6.2 Canon imageWAREAccounting Manager 6.3 Canon imageRUNNER ADVANCETracker 6.4 imageWARESecure Audit Manager Section 7 Canon Solutions & Regulatory Requirements 7.1 Common Criteria 7.2 Common Criteria Certification Section 7 Canon Solutions & Regulatory Requirements 7.3 Authorized Send for CAC/PIV Section 8 Conclusion Section 9 Addendum 9.1 Canon SecurityRecommendations Quick Reference 9.2 Canon imageRUNNER ADVANCEHDD Security Section 9 Addendum Data Encryption & Mirroring Kit-C1 Data Erase Kit-C1 Functions