Aficio Pro C550EX User manual
Read this manual carefully before you use this machine and keep it handy for future reference. For safe and correct use, be sure to read the Safety Information
in "About This Machine" before using the machine.
8
Getting Started
Authentication and its Application
Ensuring Information Security
Managing Access to the Machine
Enhanced Network Security
Specifying the Extended Security Functions
Troubleshooting
Appendix
1
2
3
4
5
6
7
Security Reference
Operating Instructions
Introduction
This manual contains detailed instructions and notes on the operation and use of this machine. For your safety and
benefit, read this manual carefully before using the machine. Keep this manual in a handy place for quick reference.
Important
Contents of this manual are subject to change without prior notice. In no event will the company be liable for direct,
indirect, special, incidental, or consequential damages as a result of handling or operating the machine.
Do not copy or print any item for which reproduction is prohibited by law.
Copying or printing the following items is generally prohibited by local law:
bank notes, revenue stamps, bonds, stock certificates, bank drafts, checks, passports, driver's licenses.
The preceding list is meant as a guide only and is not inclusive. We assume no responsibility for its completeness or
accuracy. If you have any questions concerning the legality of copying or printing certain items, consult with your
legal advisor.
Notes:
Some illustrations in this manual might be slightly different from the machine.
Certain options might not be available in some countries. For details, please contact your local dealer.
Depending on which country you are in, your machine may include certain options as standard. For details, please
contact your local dealer.
Caution:
Use of controls or adjustments or performance of procedures other than those specified in this manual might result
in hazardous radiation exposure.
Manuals for This Machine
Refer to the manuals that are relevant to what you want to do with the machine.
• Media differ according to manual.
• The printed and electronic versions of a manual have the same contents.
• Adobe Acrobat Reader/Adobe Reader must be installed in order to view the manuals as PDF files.
• A Web browser must be installed in order to view the html manuals.
• For enhanced security, we recommend that you first make the following settings. For details, see
"Setting Up the Machine".
• Install the Device Certificate.
• Enable SSL (Secure Sockets Layer) Encryption.
• Change the user name and password of the administrator using Web Image Monitor.
About This Machine
Be sure to read the Safety Information in this manual before using the machine.
This manual provides an introduction to the functions of the machine. It also explains the control panel,
preparation procedures for using the machine, how to enter text, and how to install the CD-ROMs
provided.
Troubleshooting
Provides a guide to solving common problems, and explains how to replace paper, toner, staples,
and other consumables. Also refer to this manual for explanations on where to put the machine and
how to maintain it.
Copy/ Document Server Reference
Explains Copier and Document Server functions and operations. Also refer to this manual for
explanations on how to place originals.
Network Guide
Explains how to configure and operate the machine in a network environment, and use the software
provided.
General Settings Guide
Explains User Tools settings, and Address Book procedures such as registering user codes. Also refer
to this manual for explanations on how to connect the machine.
Security Reference
This manual is for administrators of the machine. It explains security functions that you can use to
prevent unauthorized use of the machine, data tampering, or information leakage. Be sure to read
this manual when setting the enhanced security functions, or user and administrator authentication.
1
Information
Contains general notes on the machine, and information about the trademarks of product names used
in the manuals.
• Manuals provided are specific to machine types.
• In addition to the above, manuals are also provided for the Printer functions.
• Some of the example screens shown in this manual might differ slightly from actual screens. Also, some
functions might not be available, even if they are shown in screenshots.
2
TABLE OF CONTENTS
Manuals for This Machine.................................................................................................................................1
How to Read This Manual.................................................................................................................................8
Symbols...........................................................................................................................................................8
IP Address.......................................................................................................................................................8
1. Getting Started
Enhanced Security..............................................................................................................................................9
Glossary..........................................................................................................................................................9
Setting Up the Machine...............................................................................................................................10
Security Measures Provided by this Machine................................................................................................13
Using Authentication and Managing Users...............................................................................................13
Ensuring Information Security.....................................................................................................................13
Limiting and Controlling Access..................................................................................................................14
Enhanced Network Security.......................................................................................................................15
2. Authentication and its Application
Administrators and Users.................................................................................................................................17
Administrators...............................................................................................................................................17
User...............................................................................................................................................................18
The Management Function..............................................................................................................................20
About Administrator Authentication............................................................................................................20
About User Authentication..........................................................................................................................21
Enabling Authentication...................................................................................................................................23
Authentication Setting Procedure...............................................................................................................23
Administrator Authentication...........................................................................................................................25
Specifying Administrator Privileges............................................................................................................25
Registering the Administrator......................................................................................................................28
Logging on Using Administrator Authentication........................................................................................33
Logging off Using Administrator Authentication........................................................................................34
Changing the Administrator........................................................................................................................35
Using Web Image Monitor.........................................................................................................................36
User Authentication..........................................................................................................................................38
User Code Authentication...............................................................................................................................39
Specifying User Code Authentication........................................................................................................39
Basic Authentication.........................................................................................................................................41
3
Specifying Basic Authentication..................................................................................................................41
Authentication Information Stored in the Address Book...........................................................................43
Specifying Login User Name and Login Password...................................................................................43
Windows Authentication.................................................................................................................................48
Specifying Windows Authentication..........................................................................................................49
LDAP Authentication.........................................................................................................................................54
Specifying LDAP Authentication.................................................................................................................55
If User Authentication is Specified..................................................................................................................58
User Code Authentication (Using the Control Panel)................................................................................58
Login (Using the Control Panel)..................................................................................................................58
Log Off (Using the Control Panel)..............................................................................................................60
Login (Using Web Image Monitor)............................................................................................................61
Log Off (Using Web Image Monitor).........................................................................................................61
User Lockout Function..................................................................................................................................61
Auto Logout..................................................................................................................................................64
3. Ensuring Information Security
Specifying Access Permission for Stored Files...............................................................................................67
Assigning Users and Access Permission for Stored Files..........................................................................67
Specifying Passwords for Stored Files........................................................................................................70
Unlocking Files.............................................................................................................................................71
Protecting the Address Book...........................................................................................................................74
Encrypting Data in the Address Book.........................................................................................................74
Encrypting Data on the Hard Disk..................................................................................................................77
Enabling the Encryption Settings.................................................................................................................77
Printing the Encryption Key.........................................................................................................................80
Updating the Encryption Key......................................................................................................................82
Canceling Data Encryption.........................................................................................................................84
Deleting Data on the Hard Disk......................................................................................................................87
Auto Erase Memory.....................................................................................................................................87
4. Managing Access to the Machine
Preventing Modification of Machine Settings................................................................................................95
Menu Protect.....................................................................................................................................................97
Menu Protect................................................................................................................................................97
4
Limiting Available Functions............................................................................................................................99
Specifying Which Functions are Available................................................................................................99
5. Enhanced Network Security
Preventing Unauthorized Access..................................................................................................................103
Access Control...........................................................................................................................................103
Enabling/Disabling Protocols..................................................................................................................104
Specifying Network Security Level..........................................................................................................108
Encrypting Transmitted Passwords...............................................................................................................112
Protection Using Encryption..........................................................................................................................113
SSL (Secure Sockets Layer) Encryption....................................................................................................113
User Settings for SSL (Secure Sockets Layer)..........................................................................................118
Setting the SSL / TLS Encryption Mode...................................................................................................118
SNMPv3 Encryption.................................................................................................................................120
Transmission Using IPsec...............................................................................................................................123
Encryption and Authentication by IPsec..................................................................................................123
Encryption Key Auto Exchange Settings and Encryption Key Manual Settings...................................124
IPsec Settings.............................................................................................................................................125
Encryption Key Auto Exchange Settings Configuration Flow................................................................132
Encryption Key Manual Settings Configuration Flow.............................................................................137
telnet Setting Commands..........................................................................................................................138
6. Specifying the Extended Security Functions
Specifying the Extended Security Functions................................................................................................147
Changing the Extended Security Functions.............................................................................................147
Procedure for Changing the Extended Security Functions.....................................................................147
Settings.......................................................................................................................................................149
Other Security Functions...............................................................................................................................153
Weekly Timer Code..................................................................................................................................153
Limiting Machine Operation to Customers Only.........................................................................................156
Settings.......................................................................................................................................................156
Specifying Service Mode Lock Preparation............................................................................................156
Canceling Service Mode Lock.................................................................................................................158
7. Troubleshooting
Authentication Does Not Work Properly.....................................................................................................161
5
A Message Appears.................................................................................................................................161
An Error Code Appears............................................................................................................................162
Machine Cannot Be Operated................................................................................................................176
8. Appendix
Supervisor Operations..................................................................................................................................179
Logging on as the Supervisor...................................................................................................................179
Logging off as the Supervisor...................................................................................................................181
Changing the Supervisor..........................................................................................................................181
Resetting an Administrator's Password....................................................................................................183
Machine Administrator Settings....................................................................................................................185
System Settings..........................................................................................................................................185
Maintenance..............................................................................................................................................187
Copier / Document Server Features.......................................................................................................187
Settings via Web Image Monitor.............................................................................................................188
Network Administrator Settings....................................................................................................................190
System Settings..........................................................................................................................................190
Settings via Web Image Monitor.............................................................................................................190
File Administrator Settings.............................................................................................................................193
System Settings..........................................................................................................................................193
Settings via Web Image Monitor.............................................................................................................193
User Administrator Settings...........................................................................................................................195
System Settings..........................................................................................................................................195
Settings via Web Image Monitor.............................................................................................................195
Document Server File Permissions................................................................................................................197
The Privilege for User Account Settings in the Address Book.....................................................................199
User Settings - Control Panel Settings..........................................................................................................201
Copier / Document Server Features............................................................................................................202
System Settings...............................................................................................................................................208
User Settings - Web Image Monitor Settings..............................................................................................214
Device Settings...............................................................................................................................................215
Interface..........................................................................................................................................................224
Network..........................................................................................................................................................225
Functions That Require Options....................................................................................................................228
6
How to Read This Manual
Symbols
This manual uses the following symbols:
Indicates important safety notes.
Ignoring these notes could result in serious injury or death. Be sure to read these notes. They can be found
in the "Safety Information" section of About This Machine.
Indicates important safety notes.
Ignoring these notes could result in moderate or minor injury or damage to the machine or to property. Be
sure to read these notes. They can be found in the "Safety Information" section of About This Machine.
Indicates points to pay attention to when using the machine, and explanations of likely causes of paper
misfeeds, damage to originals, or loss of data. Be sure to read these explanations.
Indicates supplementary explanations of the machine's functions, and instructions on resolving user errors.
This symbol is located at the end of sections. It indicates where you can find further relevant information.
[ ]
Indicates the names of keys that appear on the machine's display panel.
[ ]
Indicates the names of keys on the machine's control panel.
IP Address
In this manual, "IP address" covers both IPv4 and IPv6 environments. Read the instructions that are relevant
to the environment you are using.
8
1. Getting Started
This chapter describes the machine's security features and how to specify initial security settings.
Enhanced Security
This machine's security functions can be enhanced by managing the machine and its users using the
improved authentication functions.
By specifying access limits for the machine's functions and the documents and data stored in the machine,
information leaks and unauthorized access can be prevented.
Data encryption also prevents unauthorized data access and tampering via the network.
• However, the security enhancements explained in this manual might not be applicable to some
functions.
Authentication and Access Limits
Using authentication, administrators manage the machine and its users. To enable authentication,
information about both administrators and users must be registered in order to authenticate users via
their login user names and passwords.
Four types of administrators manage specific areas of machine usage, such as settings and user
registration.
Access limits for each user are specified by the administrator responsible for user access to machine
functions and documents and data stored in the machine.
For details about the administrator and user roles, see "Administrators and Users".
Encryption Technology
This machine can establish secure communication paths by encrypting transmitted data and
passwords.
• p.17 "Administrators and Users"
Glossary
Administrator
There are four types of administrators according to administrative function: machine administrator,
network administrator, file administrator, and user administrator. We recommend that only one person
takes each administrator role.
In this way, you can spread the workload and limit unauthorized operation by a single administrator.
9
1
Basically, administrators make machine settings and manage the machine; but they cannot perform
normal operations, such as copying.
User
A user performs normal operations on the machine, such as copying.
File Creator (Owner)
This is a user who can store files in the machine and authorize other users to view, edit, or delete those
files.
Registered User
Users with personal information registered in the Address Book who have a login password and user
name.
Administrator Authentication
Administrators are authenticated by their login user name and login password, supplied by the
administrator, when specifying the machine's settings or accessing the machine over the network.
User Authentication
Users are authenticated by a login user name and login password, supplied by the user, when
specifying the machine's settings or accessing the machine over the network.
The user's login user name and password, as well as other items of information, are stored in the
machine's Address Book. Personal information can be obtained from the Windows domain controller
(Windows authentication) or LDAP Server (LDAP authentication), connected to the machine via the
network.
Login
This action is required for administrator authentication and user authentication. Enter your login user
name and login password on the machine's control panel. A login user name and login password
may also be required when accessing the machine over the network or using such utility as Web
Image Monitor.
Logout
This action is required with administrator and user authentication. This action is required when you
have finished using the machine or changing the settings.
Setting Up the Machine
If you want higher security, make the following setting before using the machine:
1. Turn the machine on.
2. Press the [User Tools/Counter] key.
1. Getting Started
10
1
3. Press [System Settings].
4. Press [Interface Settings].
5. Specify the IPv4 Address.
For details on how to specify the IPv4 address, see "Interface Settings", General Settings Guide.
6. Connect the machine to the network.
7. Start Web Image Monitor, and then log on to the machine as the administrator.
For details about logging on to Web Image Monitor as an administrator, see "Using Web Image
Monitor".
8. Install the device certificate.
For information on how to install the device certificate, see "Protection Using Encryption".
9. Enable secure sockets layer (SSL).
10. Enter the administrator's user name and password.
For details about specifying the administrator user name and password, see "Registering the
Administrator".
The administrator's default account (user name: "admin"; password: blank) is unencrypted between
steps 6 to 9. If acquired during this time, this account information could be used to gain unauthorized
access to the machine over the network.
If you consider this risky, we recommend that you specify a temporary administrator password for
accessing Web Image Monitor for the first time, before connecting to the network in step 6.
Enhanced Security
11
1
Security Measures Provided by this Machine
Using Authentication and Managing Users
Enabling Authentication
To control administrators' and users' access to the machine, perform administrator authentication and
user authentication using login user names and login passwords. To perform authentication, the
authentication function must be enabled. For details about authentication settings, see "Enabling
Authentication".
Specifying Authentication Information to Log on
Users are managed using the personal information managed in the machine's Address Book.
By enabling user authentication, you can allow only people registered in the Address Book to use the
machine. Users can be managed in the Address Book by the user administrator. For details about
specifying information to log on, see "Basic Authentication".
Specifying Which Functions are Available
This can be specified by the user administrator. Specify the functions available to registered users. By
making this setting, you can limit the functions available to users. For details about specifying which
functions are available, see "Limiting Available Functions".
• p.23 "Enabling Authentication"
• p.41 "Basic Authentication"
• p.99 "Limiting Available Functions"
Ensuring Information Security
Protecting Stored Files from Unauthorized Access
You can specify who is allowed to use and access scanned files and the files in Document Server. For
details about protecting stored files from unauthorized access, see "Specifying Access Permission for
Stored Files".
Protecting Stored Files from Theft
You can specify who is allowed to use and access scanned files and the files in Document Server.
You can prevent activities such as the downloading of stored files by unauthorized users. For details
about protecting stored files from theft, see "Specifying Access Permission for Stored Files".
Protecting Registered Information in the Address Book
You can specify who is allowed to access the data in the Address Book. You can prevent the data in
the Address Book being used by unregistered users.
Security Measures Provided by this Machine
13
1
To protect the data from unauthorized reading, you can also encrypt the data in the Address Book.
For details about protecting registered information in the Address Book, see "Protecting the Address
Book".
Encrypting Data on the Hard Disk
Encrypt data stored on the hard disk to prevent information leakage. The HDD Encryption Unit is
required for hard disk data encryption. For details about encrypting data on the hard disk, see
"Encrypting Data on the Hard Disk".
Overwriting the Data on the Hard Disk
Before disposing of the machine, make sure all data on the hard disk is deleted.
To overwrite the hard disk data, the optional DataOverwriteSecurity Unit is required. For details about
overwriting the data on the hard disk, see "Deleting Data on the Hard Disk".
• p.67 "Specifying Access Permission for Stored Files"
• p.74 "Protecting the Address Book"
• p.77 "Encrypting Data on the Hard Disk"
• p.87 "Deleting Data on the Hard Disk"
Limiting and Controlling Access
Preventing Modification or Deletion of Stored Data
You can allow selected users to access files stored in Document Server.
You can permit selected users who are allowed to access stored files to modify or delete the files. For
details about limiting and controlling access, see "Specifying Access Permission for Stored Files".
Preventing Modification of Machine Settings
The machine settings that can be modified according to the type of administrator account.
Register the administrators so that users cannot change the administrator settings. For details about
preventing modification of machine settings, see "Preventing Modification of Machine Settings".
Limiting Available Functions
To prevent unauthorized operation, you can specify who is allowed to access each of the machine's
functions. For details about limiting available functions for users, see "Limiting Available Functions".
• p.67 "Specifying Access Permission for Stored Files"
• p.95 "Preventing Modification of Machine Settings"
• p.99 "Limiting Available Functions"
1. Getting Started
14
1
Enhanced Network Security
Preventing Unauthorized Access
You can limit IP addresses or disable ports to prevent unauthorized access over the network and
protect the Address Book, stored files, and default settings. For details about preventing unauthorized
access, see "Preventing Unauthorized Access".
Encrypting Transmitted Passwords
Prevent login passwords, from being revealed by encrypting them for transmission.
Also, encrypt the login password for administrator authentication and user authentication. For details
about encrypting transmitted passwords, see "Encrypting Transmitted Passwords".
Safer Communication Using SSL, SNMPv3 and IPsec
You can encrypt this machine's transmissions using SSL, SNMPv3, and IPsec. By encrypting transmitted
data and safeguarding the transmission route, you can prevent sent data from being intercepted,
analyzed, and tampered with. For details about safer communication using SSL, SNMPv3 and IPsec,
see "Protection Using Encryption".
• p.103 "Preventing Unauthorized Access"
• p.112 "Encrypting Transmitted Passwords"
• p.113 "Protection Using Encryption"
Security Measures Provided by this Machine
15
1
1. Getting Started
16
1
2. Authentication and its Application
This chapter describes how to register the administrator and specify the authentication methods. How to
log on and log off once authentication is enabled is also described here.
Administrators and Users
When controlling access using the authentication method specified by an administrator, select the machine's
administrator, enable the authentication function, and then use the machine.
The administrators manage access to the allocated functions, and users can use only the functions they are
permitted to access. When the authentication function is enabled, the login user name and login password
are required in order to use the machine.
Specify administrator authentication, and then specify user authentication.
For details about specifying a login user name and password, see "Specifying Login User Name and Login
Password".
• If user authentication is not possible because of a problem with the hard disk or network, you can use
the machine by accessing it using administrator authentication and disabling user authentication. Do
this if, for instance, you need to use the machine urgently.
• p.43 "Specifying Login User Name and Login Password"
Administrators
There are four types of administrators: machine administrator, network administrator, file administrator,
and user administrator.
Sharing administrator tasks eases the burden on individual administrators while also limiting unauthorized
operation by administrators. You can also specify a supervisor who can change each administrator's
password. Administrators are limited to managing the machine's settings and controlling user access, so
they cannot use functions such as copying. To use these functions, the administrator must register as a user
in the Address Book and then be authenticated as the user.
User Administrator
This is the administrator who manages personal information in the Address Book.
A user administrator can register/delete users in the Address Book or change users' personal
information.
Users registered in the Address Book can also change and delete their own information.
17
2
If any of the users forget their password, the user administrator can delete it and create a new one,
allowing the user to access the machine again.
For instructions on registering the user administrator, see "Registering the Administrator".
Machine Administrator
This is the administrator who mainly manages the machine's default settings. You can set the machine
so that the default for each function can only be specified by the machine administrator. By making
this setting, you can prevent unauthorized people from changing the settings and allow the machine
to be used securely by its many users.
For instructions on registering the machine administrator, see "Registering the Administrator".
Network Administrator
This is the administrator who manages the network settings. You can set the machine so that network
settings such as the IP address can only be specified by the network administrator.
By making this setting, you can prevent unauthorized users from changing the settings and disabling
the machine, and thus ensure correct network operation.
For instructions on registering the network administrator, see "Registering the Administrator".
File Administrator
This is the administrator who manages permission to access stored files. You can specify passwords
to allow only registered users with permission to view and edit files stored in Document Server. By
making this setting, you can prevent data leaks and tampering due to unauthorized users viewing and
using the registered data.
For instructions on registering the file administrator, see "Registering the Administrator".
Supervisor
The supervisor can delete an administrator's password and specify a new one. The supervisor cannot
specify defaults or use normal functions. However, if any of the administrators forget their password
and cannot access the machine, the supervisor can provide support.
For instructions on registering the supervisor, see "Supervisor Operations".
• p.28 "Registering the Administrator"
• p.179 "Supervisor Operations"
User
Users are managed using the personal information in the machine's Address Book.
By enabling user authentication, you can allow only people registered in the Address Book to use the
machine. Users can be managed in the Address Book by the user administrator.
2. Authentication and its Application
18
2
This manual suits for next models
1
Table of contents
Other Aficio Printer manuals
Popular Printer manuals by other brands
Lexmark
Lexmark MX710 Series Specifications
Datamax
Datamax M-Class Mark II M-4206 Operator's manual
Mitsubishi
Mitsubishi CP8000DW Operation manual
Sierra Monitor Corporation
Sierra Monitor Corporation Sentry 5301-10 Specification sheet
Lexmark
Lexmark All Quick reference guide
Citizen
Citizen CD-S500A user manual