Konica Minolta bizhub C258 bizhub C368/C308/C258 Security Operations User Manu - Page 21

Hardware and software used in the machine, Firmware integrity verification function, IPsec setting

Get Konica Minolta bizhub C258 PDF manuals and user guides View all Konica Minolta bizhub C258 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 21 highlights

1.4 Miscellaneous 1 Hardware and software used in the machine The following lists the software, hardware, and their versions used for the ISO15408 evaluation for this machine and they are the same as those listed on the security target. The ISO15408 evaluation assumes that the HDD is mounted in the machine. Any configuration not including the HDD is not guaranteed by the ISO15408 evaluation. The user should appropriately manage the hardware and software used with the machine on his or her own responsibility. Hardware/software FAX Kit Printer Driver Data Administrator with Device Set-Up and Utilities Data Administrator External authentication server DNS server Version, etc. FK-514 PCL: Ver. 3.1.4.0 PS: Ver. 3.1.4.0 XPS: Ver. 3.1.4.0 Ver. 1.0.06000 Ver. 4.1.34000 Active directory mounted on Windows Server 2008 R2 Standard Service Pack 1 Windows Server 2008 R2 Standard Service Pack1 Firmware integrity verification function When the main power switch is turned ON with the Enhanced Security Mode set to [ON], the machine checks the encryption key and the hash value to thereby determine that its firmware is fully operational. If a fault occurs in the firmware, a malfunction screen appears when the machine is started, warning that a fault has occurred. To reset the fault condition, turn [OFF] the Enhanced Security Mode and restart the machine, or update the firmware. For more details, consult your Service Representative. IPsec setting This machine offers a choice of two authentication methods of [Pre-Shared Key] and [Digital Signature] for authenticating the remote machine with which to communicate. When [Pre-Shared Key] is to be used, control the pre-shared key appropriately to ensure that it is not leaked to any third party other than the remote machine with which to communicate. For the shared key, set a value that consists of a combination of eight or more alphanumeric characters and that cannot be easily guessed. Do not set a value that can be easily guessed from your birthday, employee identification number, and the like. [Digital Signature] has a higher security strength than [Pre-Shared Key]. The ISO15408 evaluation for the machine is performed on the basis of the [Pre-Shared Key]. [Main Mode] and [Aggressive Mode] are available in [Negotiation Mode] of [IKE Settings]. The default setting is [Main Mode]. The administrator should operate the machine with the [Main Mode] setting. CS Remote Care function CS Remote Care is a system that manages the machine through transmission and reception of various types of data for managing the machine between the machine and the CS Remote Care center computer via a telephone/fax line, a network, or E-mail. Functions are disabled to access the LAN from the telephone line and to directly transfer received fax. When the Enhanced Security Mode is set to [ON], the following functions are no longer usable: instructing to rewrite the firmware, sending and receiving account counter information, rewriting settings of the machine, and the Counter Remote Control function. bizhub C368/C308/C258 1-17

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
bizhub C368/C308/C258
1-17
1.4
Miscellaneous
1
Hardware and software used in the machine
The following lists the software, hardware, and their versions used for the ISO15408 evaluation for this ma-
chine and they are the same as those listed on the security target.
The ISO15408 evaluation assumes that the HDD is mounted in the machine. Any configuration not including
the HDD is not guaranteed by the ISO15408 evaluation.
The user should appropriately manage the hardware and software used with the machine on his or her own
responsibility.
Firmware integrity verification function
When the
main power switch
is turned ON with the Enhanced Security Mode set to [ON], the machine
checks the encryption key and the hash value to thereby determine that its firmware is fully operational.
If a fault occurs in the firmware, a malfunction screen appears when the machine is started, warning that a
fault has occurred. To reset the fault condition, turn [OFF] the Enhanced Security Mode and restart the ma-
chine, or update the firmware. For more details, consult your Service Representative.
IPsec setting
This machine offers a choice of two authentication methods of [Pre-Shared Key] and [Digital Signature] for
authenticating the remote machine with which to communicate.
When [Pre-Shared Key] is to be used, control the pre-shared key appropriately to ensure that it is not leaked
to any third party other than the remote machine with which to communicate. For the shared key, set a value
that consists of a combination of eight or more alphanumeric characters and that cannot be easily guessed.
Do not set a value that can be easily guessed from your birthday, employee identification number, and the
like.
[Digital Signature] has a higher security strength than [Pre-Shared Key].
The ISO15408 evaluation for the machine is performed on the basis of the [Pre-Shared Key].
[Main Mode] and [Aggressive Mode] are available in [Negotiation Mode] of [IKE Settings]. The default setting
is [Main Mode]. The administrator should operate the machine with the [Main Mode] setting.
CS Remote Care function
CS Remote Care is a system that manages the machine through transmission and reception of various types
of data for managing the machine between the machine and the CS Remote Care center computer via a tele-
phone/fax line, a network, or E-mail. Functions are disabled to access the LAN from the telephone line and
to directly transfer received fax.
When the Enhanced Security Mode is set to [ON], the following functions are no longer usable: instructing to
rewrite the firmware, sending and receiving account counter information, rewriting settings of the machine,
and the Counter Remote Control function.
Hardware/software
Version, etc.
FAX Kit
FK-514
Printer Driver
PCL: Ver. 3.1.4.0
PS: Ver. 3.1.4.0
XPS: Ver. 3.1.4.0
Data Administrator with De-
vice Set-Up and Utilities
Ver. 1.0.06000
Data Administrator
Ver. 4.1.34000
External authentication server
Active directory mounted on Windows Server 2008 R2 Standard Ser-
vice Pack 1
DNS server
Windows Server 2008 R2 Standard Service Pack1