Xerox® Security Guide for Entry Production Color Class ProductsMarch 2019 Page 4-21Time The time that the event happened in hh:mm:ss format.ID The type of event. The number corresponds to a unique description.Description An abbreviated description of the type of event.AdditionalDetailsColumns 6–10 list other information about the event, such as:Identity: User Name, Job Name, Computer Name, Printer Name, Folder Name, orAccounting Account ID display when Network Accounting is enabled.Completion StatusImage Overwrite Status: The status of overwrites completed on each job. ImmediateImage must be enabled.A maximum of 15,000 events can be stored on the device. When the number of events exceeds 15,000,audit log events will be deleted in order of timestamp, and then new events will be recorded. The auditlog be exported at any time by a user with administrative privileges. Note that as a security precaution,audit log settings and data can only be accessed via HTTPS.Operational SecurityFirmware RestrictionsThe list below describes supported firmware delivery methods and applicable access controls. Local Firmware Upgrade via USB port:Xerox service technicians can update product firmware using a USB port on the PC UI. This ability isrestricted to CSE installation only.Additional Service DetailsXerox products are serviced by a tool referred to as the Portable Workstation (PWS). Only Xeroxauthorized service technicians are granted access to the PWS. Customer documents or files cannot beaccessed during a diagnostic session, nor are network servers accessible through this port. If a networkconnection is required while servicing a Xerox device, service technicians will remove the device from anyconnected networks. The technician will then connect directly to the device using an Ethernet cable,creating a physically secure and isolated network during service operations.Backup & Restore (Cloning)Certain system settings can be captured in a ‘clone’ file that may be applied to other systems of the samemodel. Clone files are encoded but not encrypted and have the potential to contain sensitive informationdepending on which product feature setting is selected. Access to both create and apply a clone file canbe restricted using role-based access controls. Clone files can only be created and applied through theEmbedded Web Server.EIP ApplicationsXerox products can offer additional functionality through the Xerox Extensible Interface Platform (EIP).Third party vendors can create Apps that extend the functionality of a product. Xerox signs EIPapplications that are developed by Xerox or Xerox partners. Products can be configured to preventinstallation of unauthorized EIP applications. The Versant® supports EIP applications. ColorPress® doesnot support EIP.