Home » Konica Minolta Manuals » Multifunction Devices » Konica Minolta C300i » Manual Viewer

Konica Minolta C300i bizhub C360i/C300i/C250i Security Operations User Manual - Page 36

action]: Any of [Protected], [Allow], and [Deny] [Cancel]

View all Konica Minolta C300i manuals

Add to My Manuals
Save this manual to your list of manuals

Page 36 highlights

2.4 Setting IPsec 2 device, confirm that a new certificate has been issued. See bizhub C360i/C300i/C250i User's Guide, Ver. 1.00 AA2J-9598BA-00 for more information. Use [Enable IPsec] in the settings below. Setting item [IPsec] [Default action] [Certificate Verification Level Settings] IPsec Policy Setting value [ON] [Deny] • Expiration Date: ON (default) • Key Usage: OFF (default) • Chain: ON • Expiration Date Confirmation: OFF (default) [action]: Any of [Protected], [Allow], and [Deny] ([Cancel] cannot be used.) NOTICE Do not use an device certificate that is electronically signed by MD5, as an increased risk results of data to be protected being tampered with or leaked. With FIPS enabled, only SHA-256 can be used for the digital signature certificate. Turning off the main power switch results in discarding IKE SA (shared secret key for IKE) that is stored in the memory managed by this machine as well as the shared key managed by each SA (key generated by converting the pre-shared key used for IPsec). To eliminate the risk of the data to be protected being tampered with or leaked, refer to the recommended ciphers list disclosed by, for example, NIST and CRYPTREC and use the appropriate cryptographic technique. Use the following browsers to ensure safety. Use of any of the following browsers achieves communication that ensures confidentiality of the image data transmitted and received. Microsoft Internet Explorer - 10/11 Mozilla Firefox - 20 or later Microsoft Internet Explorer 11 is used for the ISO15408 evaluation for this machine. 0 The control panel and the Web Connection can be used for this setting. 0 For the procedure to access the administrator mode, see page 2-2. 0 Do not leave the machine with the setting screen of administrator mode left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the administrator mode. 1 Call the administrator mode. 2 Tap [Network] - [TCP/IP Setting] - [IPsec]. 3 Select [IPsec Setting], and tap [OK]. 4 Make the necessary settings. % Tap [Cancel] or [

Section	Page
Contents	2
1 Security	6
1.1 Introduction	6
1.1.1 Persons using the machine	6
1.1.2 Relation between user and job deletion	7
1.2 Compliance with the ISO15408 Standard	8
1.2.1 Hardware and software	8
1.2.2 Installation of firmware	8
1.2.3 Operating precautions	9
1.2.4 INSTALLATION CHECKLIST	10
1.3 Enhanced security mode	13
1.3.1 Major security functions in operation under ISO15408 certification	13
1.4 Precautions for operation control	13
1.4.1 Roles of the owner of the machine	13
1.4.2 Roles and requirements of the administrator	14
1.4.3 Password usage requirements	14
1.4.4 External authentication server control requirements	14
1.4.5 Security function operation setting operating requirements	15
1.4.6 Operation and control of the machine	15
1.4.7 Machine maintenance control	17
1.4.8 Precautions for using the printer driver	17
1.5 Miscellaneous	18
1.5.1 Password rules	18
1.5.2 Precautions for use of various types of applications	18
1.5.3 Encrypting communications	19
1.5.4 Print functions	19
IPP printing	19
1.5.5 FAX functions	19
1.5.6 USB keyboard	19
1.5.7 Different types of boxes	19
1.5.8 Terminating a session and logging out	20
1.5.9 Authentication error during external server authentication	20
1.5.10 Finding the version information	20
2 Administrator Operations	22
2.1 Accessing the administrator mode	22
2.1.1 Accessing the administrator mode	22
2.1.2 Accessing the user mode	27
2.1.3 Checking the number of wrong entries in authentication	29
Conditions to clear the number of times of check	29
2.2 Enhancing the security function	30
2.2.1 Items cleared by format	32
2.2.2 Setting the Enhanced Security Mode	33
2.3 Setting the password rules	34
2.3.1 Setting the password rules	34
2.4 Setting IPsec	35
2.4.1 IPsec setting	35
2.5 Firmware verification function at the time of starting the machine	37
2.5.1 Setting the firmware verification function	37
2.5.2 Self-test function	37
2.6 Preventing unauthorized access	38
2.6.1 Setting Prohibited Functions	38
2.7 Canceling the operation prohibited state	39
2.7.1 Performing release setting	39
2.8 Setting the authentication method	40
2.8.1 Setting the authentication method	40
2.8.2 Setting the external server	41
2.9 ID & Print setting function	42
2.9.1 Setting ID & Print	42
2.10 System auto reset function	43
2.10.1 Setting the system auto reset function	43
2.11 User setting function	44
2.11.1 Making user setting	44
2.12 User box function	46
2.12.1 Setting user box usage restriction	46
2.12.2 Setting the user box	47
2.12.3 Changing the user attributes and box password	48
2.12.4 Setting Memory RX	49
2.12.5 Batch deleting the documents in the Memory RX User Box	49
2.13 Changing the administrator password	50
2.13.1 Changing the administrator password	50
2.14 Obtaining job log	51
2.14.1 Obtaining and deleting a job log	51
2.14.2 Job log data	53
2.15 Setting time/date in machine	80
2.15.1 Setting time/date	80
2.15.2 Setting daylight saving time	80
2.16 TCP/IP setting function	81
2.16.1 Setting the IP Address	81
2.16.2 Registering the DNS server	81
2.17 E-mail setting function	82
2.17.1 Setting the SMTP server (E-mail server)	82
2.18 SMB setting function	83
2.18.1 Setting a client	83
2.19 WebDAV setting function	84
2.19.1 Setting a client	84
2.20 Automatic logoff setting function	85
2.20.1 Setting automatic logoff	85
2.21 Setting for the IPsec communication certificate	86
2.21.1 Introducing the device certificate for IPsec communication	86
2.21.2 Deleting the IPsec communication device certificate	86
2.21.3 Introducing the CA (certification authority) certificate for IPsec communication	87
2.22 FIPS mode setting function	88
2.22.1 Setting the FIPS mode	88
2.23 Firmware update function	89
2.23.1 Updating the firmware	89
2.24 Job deletion setting function	90
2.24.1 Setting the job deletion	90
3 User Operations	92
3.1 User authentication function	92
3.1.1 Performing user authentication	92
3.1.2 Accessing the ID & Print document	95
3.1.3 Number of wrong entries in authentication	95
Conditions to clear the number of times of check	95
3.2 Change password function	96
3.2.1 Performing change password	96
3.3 User box function	97
3.3.1 Setting the user box	97
3.3.2 Changing the user attributes and box password	98
3.3.3 Accessing the user box and user box file	99
3.3.4 Number of wrong entries in entering the box password	100
Conditions to clear the number of times of check	100
Appendix	102
1. Installation of the machine and steps to be performed before operation	103
1.1 Unpacking and setting up the machine	103
1.1.1 Installation and setup of the machine	103
2. FAX function	104
2.1 Installing/setting procedure of the FAX kit	104
2.1.1 Install procedure	104
2.1.2 Routing of the modular cable	104
2.1.3 Affixing the labels	105
2.1.4 Configuration procedures	105

Match case Limit results 1 per page

bizhub C360i/C300i/C250i/C036DNi/C030DNi/C025DNi

2-16

2.4

Setting IPsec

device, confirm that a new certificate has been issued. See bizhub C360i/C300i/C250i User’s Guide, Ver.

1.00 AA2J-9598BA-00 for more information.

Use [Enable IPsec] in the settings below.

NOTICE

Do not use an device certificate that is electronically signed by MD5, as an increased risk results of data to be

protected being tampered with or leaked.

With FIPS enabled, only SHA-256 can be used for the digital signature certificate.

Turning off the

main power switch

results in discarding IKE SA (shared secret key for IKE) that is stored in

the memory managed by this machine as well as the shared key managed by each SA (key generated by con-

verting the pre-shared key used for IPsec).

To eliminate the risk of the data to be protected being tampered with or leaked, refer to the recommended

ciphers list disclosed by, for example, NIST and CRYPTREC and use the appropriate cryptographic tech-

nique.

Use the following browsers to ensure safety. Use of any of the following browsers achieves communication

that ensures confidentiality of the image data transmitted and received.

Microsoft Internet Explorer

10/11

Mozilla Firefox

20 or later

Microsoft Internet Explorer 11 is used for the ISO15408 evaluation for this machine.

The control panel and the

Web Connection

can be used for this setting.

For the procedure to access the administrator mode, see page 2-2.

Do not leave the machine with the setting screen of administrator mode left shown on the display. If it

is absolutely necessary to leave the machine, be sure first to log off from the administrator mode.

Call the administrator mode.

Tap [Network] - [TCP/IP Setting] - [IPsec].

Select [IPsec Setting], and tap [OK].

Make the necessary settings.

Tap [Cancel] or [<] to go back to the previous screen.

Select [Enable IPsec], and tap [OK].

Make the necessary settings.

Tap [OK] or [Cancel] to go back to the previous screen.

Select [Communication Check], and tap [OK].

Make the necessary settings.

Tap [Back] to go back to the previous screen.

Tap [OK].

Setting item

Setting value

[IPsec]

[ON]

[Default action]

[Deny]

[Certificate Verification Level Settings]

•

Expiration Date: ON (default)

•

Key Usage: OFF (default)

•

Chain: ON

•

Expiration Date Confirmation: OFF (default)

IPsec Policy

[action]: Any of [Protected], [Allow], and [Deny] ([Cancel]

cannot be used.)