Contents - security guide
- Table Of Contents
- Table Of Contents
- Table Of Contents
- November 2018
- Introduction
- Product Description
- User Interface
- MB Ethernet RJ-45 Network Connector
- User Data Protection
- User Data in transit
- Scanning to User Local USB Storage Product
- Network Security
- Network Encryption
- Wireless 802.11 Wi-Fi Protected Access (WPA)
- Public Key Encryption (PKI)
- Trusted Certificates
- Certificate Validation
- Network Access Control
- Contextual Endpoint Connection Management
- IP Whitelisting (IP Address Filtering)
- Device Security: BIOS, Firmware, OS, Runtime, and Operational security controls
- Fail Secure Vs Fail Safe
- Runtime Security
- Service Technician (CSE) Access Restriction
- Configuration & Security Policy Management Solutions
- Identification, Authentication, and Authorization
- Network Authentication
- Simple Authentication (non-secure)
- Additional Information & Resources
- Appendix A: Product Security Profiles
- AltaLink® B8045/B8055/B8065/B8075/B8090
- AltaLink® C8030 / C8035 / C8045 / C8055 / C8070
- VersaLink® B7025, B7030 B7035
- VersaLink® C7000, C7020, C7025, C7030
- VersaLink® B400, B405
- VersaLink® C500, C600, C505, C605
- VersaLink® B600, B605, B610, B615
- VersaLink® C8000, C9000
- Appendix B: Security Events
- VersaLink® Security Events
|
Xerox® Security Guide for Office Class Products: AltaLink® VersaLink®November 2018 Page 23Runtime SecurityEach AltaLink® device comes with McAfee Embedded Control built-in and enabled by default. McAfeeEmbedded Control is used to protect a variety of endpoints that range from wearable devices to criticalsystems controlling electrical generation.Executable control prevents unauthorized code from executing. Xerox has defined a whitelist ofexecutable programs; software that is not on the secure whitelist is not allowed to execute.Memory control monitors memory and running processes. If unauthorized code is injected into a runningprocess, it is detected and prevented.When an anomaly is detected it is logged to the device audit log and optional alerts are immediately sentvia email. Events are also reportable through CentreWare® Web or Xerox Device Manager, andMcAfee® ePolicy Orchestrator® (ePO).Event Monitoring & LoggingAudit LogThe Audit Log feature records security-related events. The Audit Log contains the following information:Field DescriptionIndex A unique value that identifies the event.Date The date that the event happened in mm/dd/yy format.Time The time that the event happened in hh:mm:ss format.ID The type of event. The number corresponds to a unique description.Description An abbreviated description of the type of event.AdditionalDetailsColumns 6–10 list other information about the event, such as:Identity: User Name, Job Name, Computer Name, Printer Name, Folder Name, orAccounting Account ID display when Network Accounting is enabled.Completion StatusImage Overwrite Status: The status of overwrites completed on each job. ImmediateImage must be enabled.AltaLink® products currently support 159 unique security events. VersaLink® products currently support52 unique events.A maximum of 15,000 events can be stored on the device. When the number of events exceeds 15,000,audit log events will be deleted in order of timestamp, and then new events will be recorded. The auditlog be exported at any time by a user with administrative privileges. Note that as a security precaution,audit log settings and data can only be accessed via HTTPS.Operational SecurityFirmware RestrictionsThe list below describes supported firmware delivery methods and applicable access controls. Local Firmware Upgrade via USB port:Xerox service technicians can update product firmware using a USB port and specially configured USB
PreviousNext |