Information Assurance Disclosure Paper Version
Xerox WorkCentre
5735/5740/5745/5755/5765/5775/5790
Prepared by
Document Version: 1.00 May
Other company trademarks are also acknowledged
Ver. 2.00, March
Page 2 of
Page 3 of
4. SECURITY ASPECTS OF SELECTED FEATURES
1.1. Purpose
1. Introduction
1.2. Target Audience
1.3. Disclaimer
2.1.Security-relevantSubsystems
2. Device Description
2.1.1.Physical Partitioning
Figure 2-1WorkCentre Multifunction System
Security Function
2.1.2. Security Functions allocated to Subsystems
Subsystem
Page 7 of
2.2.1.Purpose
2.2.Controller
2.2.2. Memory Components
Volatile Memory
Non-VolatileMemory
Media and Storage
Page 9 of
2.2.4. USB Ports
2.2.3. External Connections
2.4.Scanner
2.2.Fax Module
2.3.1.Purpose
2.3.2. Hardware
2.5.1.Purpose
2.5.Graphical User Interface GUI
2.5.2. Hardware
Volatile Memory Description
2.6.1.Purpose
2.7.System Software Structure
2.6.2. Hardware
2.6.3. Control and Data Interfaces
Page 14 of
2.7.3. Network Protocols
Page 15 of
Figure 2-5IPv4 Network Protocol Stack
2.8.1.Network Protocols
2.8.Logical Access
2.8.1.1.IPSec
Figure 2-6IPv6 Network Protocol Stack
2.8.2.1.Port 25, SMTP
2.8.2. Ports
2.8.2.2.Port 53, DNS
2.8.2.3.Port 68, DHCP
http
2.8.2.4.Port 80, HTTP
server
Network Controller
2.8.2.5.Port 88, Kerberos
2.8.2.6.Port 110, POP-3Client
Page 19 of
2.8.2.8.Ports 161, 162, SNMP
2.8.2.7.Ports 137, 138, 139, NETBIOS
2.8.2.9.Port 389, LDAP
2.8.2.10. Port 396, Netware
2.8.2.13. Port 515, LPR
2.8.3. IP Filtering
2.8.2.14. Port 631, IPP
2.8.2.15. Port 1900, SSDP
3.1. Authentication Model
3. System Access
Page 23 of
3.2.2. User authentication
3.2. Login and Authentication Methods
Page 25 of
3.3.1.Printing Multifunction models only
3.3.System Accounts
3.3.2. Network Scanning Multifunction models only
3.2.2.3.DDNS
3.4.1.Service All product configurations
3.4.Diagnostics
3.4.2. Alternate Boot via Serial Port
3.4.3. tty Mode
3.4.4.3.Network Diagnostics executed from the PSW
3.4.4.1.Access
3.4.4.2.Communication Protocol
Page 28 of
Page 29 of
3.4.4.4.Accessible Data
Page 30 of
3.4.5. Summary
Event
4.1.Audit Log
Event description
Entry Data
Event description
Event
Entry Data
Page 32 of
Event description
Event
Entry Data
Page 33 of
Event description
Event
Entry Data
Page 34 of
Event
Event ID
Event description
Entry Data
Event description
Event
Entry Data
Page 36 of
Event description
Event
Entry Data
Page 37 of
Event description
Event
Entry Data
Page 38 of
Event
4.2. Xerox Standard Accounting
Event description
Entry Data
4.4. Encrypted Partitions
4.3. Automatic Meter Reads
4.5. Image Overwrite
Page 40 of
4.5.2. User Behavior
4.5.1. Algorithm
4.5.3. Overwrite Timing
Page 41 of
5.Responses to Known Vulnerabilities
6.1. Appendix A – Abbreviations
6. APPENDICES
Customer Administration Tool
Customer Service Engineer
Portable Service Workstation
Non-VolatileRandom Access Memory
Printed Wire Board Assembly
System Administrator
Support Definitions
6.2. Appendix B – Supported MIB Objects
NOTES
Term
WorkCentre
RFC 1759 - Printer MIB Group
RFC 1514 – Host Resources MIB group
WorkCentre
WorkCentre
RFC 1213 - MIB-IIfor TCP/IP group
Additional Capabilities / Application Support
WorkCentre
Function
6.3. Appendix C –Standards
Page 48 of
Controller Hardware
Page 49 of
Function
RFC/Standard
Printing Description Languages
6.4. Appendix E – References
faq.html
Page 50 of