5735/5740/5745/5755/5765/5775/5790
Xerox WorkCentre
Information Assurance Disclosure Paper Version
Prepared by
Ver. 2.00, March
Other company trademarks are also acknowledged
Document Version: 1.00 May
Page 2 of
Page 3 of
4. SECURITY ASPECTS OF SELECTED FEATURES
1.2. Target Audience
1. Introduction
1.1. Purpose
1.3. Disclaimer
2.1.1.Physical Partitioning
2. Device Description
2.1.Security-relevantSubsystems
Figure 2-1WorkCentre Multifunction System
Subsystem
2.1.2. Security Functions allocated to Subsystems
Security Function
Page 7 of
2.2.2. Memory Components
2.2.Controller
2.2.1.Purpose
Volatile Memory
Page 9 of
Non-VolatileMemory
Media and Storage
2.2.3. External Connections
2.2.4. USB Ports
2.3.1.Purpose
2.2.Fax Module
2.4.Scanner
2.3.2. Hardware
2.5.2. Hardware
2.5.Graphical User Interface GUI
2.5.1.Purpose
Volatile Memory Description
2.6.2. Hardware
2.7.System Software Structure
2.6.1.Purpose
2.6.3. Control and Data Interfaces
Page 14 of
Figure 2-5IPv4 Network Protocol Stack
2.7.3. Network Protocols
Page 15 of
2.8.1.1.IPSec
2.8.Logical Access
2.8.1.Network Protocols
Figure 2-6IPv6 Network Protocol Stack
2.8.2.2.Port 53, DNS
2.8.2. Ports
2.8.2.1.Port 25, SMTP
2.8.2.3.Port 68, DHCP
server
2.8.2.4.Port 80, HTTP
http
Network Controller
Page 19 of
2.8.2.5.Port 88, Kerberos
2.8.2.6.Port 110, POP-3Client
2.8.2.9.Port 389, LDAP
2.8.2.7.Ports 137, 138, 139, NETBIOS
2.8.2.8.Ports 161, 162, SNMP
2.8.2.10. Port 396, Netware
2.8.2.14. Port 631, IPP
2.8.3. IP Filtering
2.8.2.13. Port 515, LPR
2.8.2.15. Port 1900, SSDP
3. System Access
3.1. Authentication Model
Page 23 of
3.2. Login and Authentication Methods
3.2.2. User authentication
Page 25 of
3.3.2. Network Scanning Multifunction models only
3.3.System Accounts
3.3.1.Printing Multifunction models only
3.2.2.3.DDNS
3.4.2. Alternate Boot via Serial Port
3.4.Diagnostics
3.4.1.Service All product configurations
3.4.3. tty Mode
3.4.4.2.Communication Protocol
3.4.4.1.Access
3.4.4.3.Network Diagnostics executed from the PSW
Page 28 of
3.4.4.4.Accessible Data
Page 29 of
3.4.5. Summary
Page 30 of
Event description
4.1.Audit Log
Event
Entry Data
Entry Data
Event
Event description
Page 32 of
Entry Data
Event
Event description
Page 33 of
Entry Data
Event
Event description
Page 34 of
Event description
Event ID
Event
Entry Data
Entry Data
Event
Event description
Page 36 of
Entry Data
Event
Event description
Page 37 of
Entry Data
Event
Event description
Page 38 of
Event description
4.2. Xerox Standard Accounting
Event
Entry Data
4.5. Image Overwrite
4.3. Automatic Meter Reads
4.4. Encrypted Partitions
Page 40 of
4.5.3. Overwrite Timing
4.5.1. Algorithm
4.5.2. User Behavior
Page 41 of
5.Responses to Known Vulnerabilities
Customer Administration Tool
6. APPENDICES
6.1. Appendix A – Abbreviations
Customer Service Engineer
Printed Wire Board Assembly
Non-VolatileRandom Access Memory
Portable Service Workstation
System Administrator
NOTES
6.2. Appendix B – Supported MIB Objects
Support Definitions
Term
RFC 1514 – Host Resources MIB group
RFC 1759 - Printer MIB Group
WorkCentre
WorkCentre
Additional Capabilities / Application Support
RFC 1213 - MIB-IIfor TCP/IP group
WorkCentre
WorkCentre
Page 48 of
6.3. Appendix C –Standards
Function
Controller Hardware
RFC/Standard
Function
Page 49 of
Printing Description Languages
Page 50 of
6.4. Appendix E – References
faq.html