Home » Konica Minolta Manuals » Printers » Konica Minolta bizhub 950i » Manual Viewer

Konica Minolta bizhub 950i bizhub 950i/850i Security Operations User Guide - Page 15

Enhanced security mode

View all Konica Minolta bizhub 950i manuals

Add to My Manuals
Save this manual to your list of manuals

Page 15 highlights

1.4 Enhanced security mode 1 1.4 Enhanced security mode Setting the [Enhanced Security Mode] to [ON] will validate the security function of this machine. For details of the settings of different security functions to be changed by turning [ON] the [Enhanced Security Mode], see page 2-10. 1.4.1 Major security functions in operation under ISO15408 certification The following describes major security functions in operation under ISO15408 certification. Function Identification and authentication function User limiting function Auditing function Network communication protecting function Description Access control is then provided through password authentication for any access to the Administrator Mode, user authentication mode, User Box, and a User Box data file. Access is thereby granted only to the authenticated user. A password that can be set must meet the Password Rules. The machine does not accept setting of an easily decipherable password. For details of the Password Rules, see page 1-17. As an action against a failure in defined certification, if a wrong password is entered, during password authentication, a predetermined number of times (once to three times.) or more set by the administrator, the machine determines that it is unauthorized access through Prohibited Functions, prohibiting any further entry of the password. By prohibiting the password entry operation, the machine prevents unauthorized use or removal of data. The administrator is responsible for resetting the prohibition of the password entry operation. For details, see page 2-23. Specific functions to be used by each user may be limited. For details, see page 2-28. Information including operations performed on the machine and a job history can be stored in the Storage or log server. Setting the job log (audit log) allows an illegal act or inadequate operation performed on the machine to be traced. For details, see page 2-35. Communication data between the machine, client PC, and servers can be encrypted using the IPsec, which prevents information leakage through eavesdropping over the network. For details, see page 2-16. bizhub 950i/850i/AccurioPrint 950i/850i 1-11

Section	Page
Contents	2
1 Security	6
1.1 Introduction	6
1.1.1 Persons using the machine	6
1.1.2 Relation between user and job deletion	7
1.2 Compliance with the ISO15408 Standard	8
1.2.1 Hardware and software	8
1.2.2 Operating precautions	8
1.3 Installation procedure	10
1.3.1 Setting of password rules	11
1.3.2 Setting of IP address and DNS host	11
1.3.3 Setting of administrator password	11
1.3.4 Setting of user authentication	12
1.3.5 Setting of accurate date and time	12
1.3.6 Setting of job log obtaining method	12
1.3.7 Setting of operation of ID & Print function	12
1.3.8 Setting of Memory RX	12
1.3.9 Setting of FW Update (USB) Password	13
1.3.10 Setting of FIPS mode	13
1.3.11 Setting of function pattern customization	13
1.3.12 Setting of Enhanced Security Mode	13
1.3.13 Setting of IPsec communication certificate	14
1.3.14 Setting of network	14
1.3.15 Check of IPsec setting for communication with each server	14
1.3.16 Check of settings banned for operation	14
1.3.17 Check of device information	14
1.4 Enhanced security mode	15
1.4.1 Major security functions in operation under ISO15408 certification	15
1.5 Precautions for operation control	16
1.5.1 Roles of the owner of the machine	16
1.5.2 Maintenance of the security environment	16
1.5.3 Roles of the administrator	17
1.5.4 Password usage requirements	17
1.5.5 External authentication server control requirements	17
1.5.6 Security function operation setting operating requirements	18
1.5.7 Operation and control of the machine	18
1.5.8 Machine maintenance control	20
1.5.9 Precautions for using the printer driver	20
1.6 Miscellaneous	21
1.6.1 Password rules	21
1.6.2 Precautions for use of various types of applications	21
1.6.3 Encrypting communications	22
1.6.4 Print functions	22
IPP printing	22
1.6.5 FAX functions	22
1.6.6 USB keyboard	22
1.6.7 Different types of boxes	22
1.6.8 Terminating a session and logging out	23
1.6.9 Occurrence of authentication error during external server authentication	23
1.6.10 Finding the version information	23
2 Administrator Operations	25
2.1 Accessing the administrator mode	25
2.1.1 Accessing the administrator mode	25
2.1.2 Accessing the user mode	30
2.1.3 Checking the number of wrong entries in authentication	32
Conditions to clear the number of times of check	32
2.2 Enhancing the security function	33
2.2.1 Items cleared by format	36
2.2.2 Setting the Enhanced Security Mode	37
2.3 Setting the password rules	38
2.3.1 Setting the password rules	38
2.4 Setting IPsec	39
2.4.1 IPsec setting	39
2.4.2 Introducing the device certificate for IPsec communication	41
2.4.3 Deleting the IPsec communication device certificate	42
2.4.4 Introducing the CA (certification authority) certificate for IPsec communication	42
2.5 Firmware verification function at the time of starting the machine	43
2.5.1 Setting the firmware verification function	43
2.5.2 Self-test function	43
2.6 Preventing unauthorized access	44
2.6.1 Setting Prohibited Functions	44
2.7 Canceling the operation prohibited state	46
2.7.1 Performing release setting	46
2.8 Setting the authentication method	47
2.8.1 Setting the authentication method	47
2.8.2 Setting the external server	48
2.9 ID & Print setting function	49
2.9.1 Setting ID & Print	49
2.10 System auto reset function	50
2.10.1 Setting the system auto reset function	50
2.11 User setting function	51
2.11.1 Making user setting	51
2.12 User box function	53
2.12.1 Setting user box usage restriction	53
2.12.2 Setting the user box	54
2.12.3 Changing the user attributes and box password	55
2.12.4 Setting Memory RX	56
2.12.5 Batch deleting the documents in the Memory RX User Box	56
2.13 Changing the administrator password	57
2.13.1 Changing the administrator password	57
2.14 Obtaining job log	58
2.14.1 Obtaining and deleting a job log	58
2.14.2 Job log data	60
2.15 Setting time/date in machine	89
2.15.1 Setting time/date	89
2.15.2 Setting daylight saving time	89
2.16 TCP/IP setting function	90
2.16.1 Setting the IP Address	90
2.16.2 Registering the DNS server	90
2.17 E-mail setting function	91
2.17.1 Setting the SMTP server (E-mail server)	91
2.18 SMB setting function	92
2.18.1 Setting a client	92
2.19 WebDAV setting function	93
2.19.1 Setting a client	93
2.20 Automatic logoff setting function	94
2.20.1 Setting automatic logoff	94
2.21 FIPS mode setting function	95
2.21.1 Setting the FIPS mode	95
2.22 Firmware update function	96
2.22.1 Updating the firmware	96
2.23 Job deletion setting function	97
2.23.1 Setting the job deletion	97
3 User Operations	99
3.1 User authentication function	99
3.1.1 Performing user authentication	99
3.1.2 Accessing the ID & Print document	102
3.1.3 Number of wrong entries in authentication	102
Conditions to clear the number of times of check	102
3.2 Change password function	103
3.2.1 Performing change password	103
3.3 User box function	104
3.3.1 Setting the user box	104
3.3.2 Changing the user attributes and box password	105
3.3.3 Accessing the user box and user box file	106
3.3.4 Number of wrong entries in entering the box password	107

Match case Limit results 1 per page

bizhub 950i/850i/AccurioPrint 950i/850i

1-11

1.4

Enhanced security mode

1.4

Enhanced security mode

Setting the [Enhanced Security Mode] to [ON] will validate the security function of this machine. For details

of the settings of different security functions to be changed by turning [ON] the [Enhanced Security Mode],

see page 2-10.

1.4.1

Major security functions in operation under ISO15408 certification

The following describes major security functions in operation under ISO15408 certification.

Function

Description

Identification and au-

thentication function

Access control is then provided through password authentication for any ac-

cess to the Administrator Mode, user authentication mode, User Box, and a

User Box data file. Access is thereby granted only to the authenticated user.

A password that can be set must meet the Password Rules. The machine

does not accept setting of an easily decipherable password. For details of

the Password Rules, see page 1-17.

As an action against a failure in defined certification, if a wrong password is

entered, during password authentication, a predetermined number of times

(once to three times.) or more set by the administrator, the machine deter-

mines that it is unauthorized access through Prohibited Functions, prohibit-

ing any further entry of the password. By prohibiting the password entry

operation, the machine prevents unauthorized use or removal of data. The

administrator is responsible for resetting the prohibition of the password en-

try operation. For details, see page 2-23.

User limiting function

Specific functions to be used by each user may be limited. For details, see

page 2-28.

Auditing function

Information including operations performed on the machine and a job history

can be stored in the Storage or log server. Setting the job log (audit log) al-

lows an illegal act or inadequate operation performed on the machine to be

traced. For details, see page 2-35.

Network communication

protecting function

Communication data between the machine, client PC, and servers can be

encrypted using the IPsec, which prevents information leakage through

eavesdropping over the network. For details, see page 2-16.