Prepared by
Xerox WorkCentre
Information Assurance Disclosure Paper Version
5735/5740/5745/5755/5765/5775/5790
Page 2 of
Other company trademarks are also acknowledged
Document Version: 1.00 May
Ver. 2.00, March
Page 3 of
4. SECURITY ASPECTS OF SELECTED FEATURES
1.3. Disclaimer
1. Introduction
1.1. Purpose
1.2. Target Audience
Figure 2-1WorkCentre Multifunction System
2. Device Description
2.1.Security-relevantSubsystems
2.1.1.Physical Partitioning
Page 7 of
2.1.2. Security Functions allocated to Subsystems
Security Function
Subsystem
Volatile Memory
2.2.Controller
2.2.1.Purpose
2.2.2. Memory Components
Non-VolatileMemory
Media and Storage
Page 9 of
2.2.4. USB Ports
2.2.3. External Connections
2.3.2. Hardware
2.2.Fax Module
2.4.Scanner
2.3.1.Purpose
Volatile Memory Description
2.5.Graphical User Interface GUI
2.5.1.Purpose
2.5.2. Hardware
2.6.3. Control and Data Interfaces
2.7.System Software Structure
2.6.1.Purpose
2.6.2. Hardware
Page 14 of
2.7.3. Network Protocols
Page 15 of
Figure 2-5IPv4 Network Protocol Stack
Figure 2-6IPv6 Network Protocol Stack
2.8.Logical Access
2.8.1.Network Protocols
2.8.1.1.IPSec
2.8.2.3.Port 68, DHCP
2.8.2. Ports
2.8.2.1.Port 25, SMTP
2.8.2.2.Port 53, DNS
Network Controller
2.8.2.4.Port 80, HTTP
http
server
2.8.2.5.Port 88, Kerberos
2.8.2.6.Port 110, POP-3Client
Page 19 of
2.8.2.10. Port 396, Netware
2.8.2.7.Ports 137, 138, 139, NETBIOS
2.8.2.8.Ports 161, 162, SNMP
2.8.2.9.Port 389, LDAP
2.8.2.15. Port 1900, SSDP
2.8.3. IP Filtering
2.8.2.13. Port 515, LPR
2.8.2.14. Port 631, IPP
3.1. Authentication Model
3. System Access
Page 23 of
3.2.2. User authentication
3.2. Login and Authentication Methods
Page 25 of
3.2.2.3.DDNS
3.3.System Accounts
3.3.1.Printing Multifunction models only
3.3.2. Network Scanning Multifunction models only
3.4.3. tty Mode
3.4.Diagnostics
3.4.1.Service All product configurations
3.4.2. Alternate Boot via Serial Port
Page 28 of
3.4.4.1.Access
3.4.4.3.Network Diagnostics executed from the PSW
3.4.4.2.Communication Protocol
Page 29 of
3.4.4.4.Accessible Data
Page 30 of
3.4.5. Summary
Entry Data
4.1.Audit Log
Event
Event description
Page 32 of
Event
Event description
Entry Data
Page 33 of
Event
Event description
Entry Data
Page 34 of
Event
Event description
Entry Data
Entry Data
Event ID
Event
Event description
Page 36 of
Event
Event description
Entry Data
Page 37 of
Event
Event description
Entry Data
Page 38 of
Event
Event description
Entry Data
Entry Data
4.2. Xerox Standard Accounting
Event
Event description
Page 40 of
4.3. Automatic Meter Reads
4.4. Encrypted Partitions
4.5. Image Overwrite
Page 41 of
4.5.1. Algorithm
4.5.2. User Behavior
4.5.3. Overwrite Timing
5.Responses to Known Vulnerabilities
Customer Service Engineer
6. APPENDICES
6.1. Appendix A – Abbreviations
Customer Administration Tool
System Administrator
Non-VolatileRandom Access Memory
Portable Service Workstation
Printed Wire Board Assembly
Term
6.2. Appendix B – Supported MIB Objects
Support Definitions
NOTES
WorkCentre
RFC 1759 - Printer MIB Group
WorkCentre
RFC 1514 – Host Resources MIB group
WorkCentre
RFC 1213 - MIB-IIfor TCP/IP group
WorkCentre
Additional Capabilities / Application Support
Controller Hardware
6.3. Appendix C –Standards
Function
Page 48 of
Printing Description Languages
Function
Page 49 of
RFC/Standard
6.4. Appendix E – References
faq.html
Page 50 of