Xerox Workcentre 3550 Technical manual

Xerox WorkCentre

3550

Information Assurance Disclosure Paper

Version 1.2

Prepare by:

Mark Bixler

Xerox Corporation

800 Phillips Roa

Webster

, New York 14

580

XEROX WorkCentre

3550

Information Assurance Disclosure Paper

Ver. 1.3, March 2011 Page 2 of 32

Xerox Corporation in the Unite States an /or other counties.

Other company tra emarks are also acknowle ge .

Document Version: 1.3 (March 2011).

XEROX WorkCentre

3550

Information Assurance Disclosure Paper

Ver. 1.3, March 2011 Page 3 of 32

1. INTRODUCTION ..................................................................................................................................5

1.1.

Purpose .................................................................................................................................................................................... 5

1.2.

Target Audience ................................................................................................................................................................... 5

1.3.

Disclai er ............................................................................................................................................................................... 5

2. DEVICE DESCRIPTION .......................................................................................................................6

2.1.

Security-relevant Subsyste s ......................................................................................................................................... 7

2.1.1.

Physical Partitioning .......................................................................................................................................................................7

2.1.2.

Security Functions allocate to Subsystems ........................................................................................................................8

2.2.

Controller ................................................................................................................................................................................ 9

2.2.1.

Purpose ................................................................................................................................................................................................9

2.2.2.

Memory Components ....................................................................................................................................................................9

2.2.3.

External Connections .................................................................................................................................................................. 10

2.2.4.

USB Ports ......................................................................................................................................................................................... 10

2.3

Fax Module .......................................................................................................................................................................... 11

2.3.1.

2.3.2.

Har ware ......................................................................................................................................................................................... 11

2.4.

Scanner ................................................................................................................................................................................. 11

2.4.1.

2.4.2.

Har ware ......................................................................................................................................................................................... 11

2.5.

Local User Interface (LUI) ............................................................................................................................................. 12

2.5.1.

2.5.2.

Har ware ......................................................................................................................................................................................... 12

2.6.

Marking Engine (also known as the I age Output Ter inal or IOT) .......................................................... 12

2.6.1.

2.6.2.

Har ware ......................................................................................................................................................................................... 12

2.6.3.

Control an Data Interfaces .................................................................................................................................................... 12

2.7.

Syste Software Structure ........................................................................................................................................... 13

2.7.1.

Open-source components ......................................................................................................................................................... 13

2.7.2.

OS Layer in the Controller ......................................................................................................................................................... 13

2.7.3.

Network Protocols ........................................................................................................................................................................ 14

2.8.

Logical Access ..................................................................................................................................................................... 15

2.8.1.

Network Protocols ........................................................................................................................................................................ 15

2.8.2.

Ports ................................................................................................................................................................................................... 16

2.8.3.

IP Filtering ....................................................................................................................................................................................... 20

3. SYSTEM ACCESS ................................................................................................................................ 21

3.1.

Authentication Model ..................................................................................................................................................... 21

XEROX WorkCentre

3550

Information Assurance Disclosure Paper

Ver. 1.3, March 2011 Page 4 of 32

3.2.

Login and Authentication Methods ........................................................................................................................... 21

3.2.1.

System A ministrator Login [All pro uct configurations] ........................................................................................... 21

3.2.2.

User authentication ..................................................................................................................................................................... 21

3.3.

Syste Accounts ............................................................................................................................................................... 24

3.3.1.

Printing [Multifunction mo els only] .................................................................................................................................... 24

3.3.2.

Network Scanning [Multifunction mo els only] .............................................................................................................. 24

3.4.

Diagnostics .......................................................................................................................................................................... 24

4. SECURITY ASPECTS OF SELECTED FEATURES ...................................................................... 25

4.1.

SMart eSolutions ............................................................................................................................................................... 25

4.2.1

Meter Assistant .............................................................................................................................................................................. 25

4.2.2

Supplies Assistant ......................................................................................................................................................................... 25

4.2.3

Summary .......................................................................................................................................................................................... 25

5. RESPONSES TO KNOWN VULNERABILITIES ......................................................................... 26

5.1.

Security @ Xerox (www.xerox.co /security) .......................................................................................................... 26

6. APPENDICES ....................................................................................................................................... 27

6.1.

Appendix A – Abbreviations ......................................................................................................................................... 27

6.2.

Appendix B – Supported MIB Objects ....................................................................................................................... 29

6.3.

Appendix C –Standards .................................................................................................................................................. 31

6.4.

Appendix E – References ................................................................................................................................................ 32

XEROX WorkCentre

3550

Information Assurance Disclosure Paper

Ver. 1.3, March 2011 Page 5 of 32

1. Intro uction

The

WorkCentre 3550 multifunction systems

are among the latest versions of Xerox copier an multifunction

evices for the general office.

1.1. Purpose

The purpose of this ocument is to isclose information for the WorkCentre pro ucts with respect to evice security.

Device Security, for this paper, is efine as how image ata is store an transmitte , how the pro uct behaves in a

networke environment, an how the pro uct may be accesse , both locally an remotely. Please note that the

customer is responsible for the security of their network an the WorkCentre pro ucts o not establish security for

any network environment.

The purpose of this ocument is to inform Xerox customers of the esign, functions, an features of the WorkCentre

pro ucts relative to Information Assurance (IA).

This ocument oes NOT provi e tutorial level information about security, connectivity, PDLs, or WorkCentre

pro ucts features an functions. This information is rea ily available elsewhere. We assume that the rea er has a

working knowle ge of these types of topics. However, a number of references are inclu e in the Appen ix.

1.2. Target Au ience

The target au ience for this ocument is Xerox fiel personnel an customers concerne with IT security.

1.3. Disclaimer

The information in this ocument is accurate to the best knowle ge of the authors, an is provi e without warranty

of any kin . In no event shall Xerox Corporation be liable for any amages whatsoever resulting from user's use or

isregar of the information provi e in this ocument inclu ing irect, in irect, inci ental, consequential, loss of

business profits or special amages, even if Xerox Corporation has been a vise of the possibility of such amages.

XEROX WorkCentre

3550

Information Assurance Disclosure Paper

Ver. 1.3, March 2011 Page 6 of 32

2. Device Description

This pro uct consists of an input ocument han ler an scanner, marking engine inclu ing paper path, controller,

an user interface.

Figure 2-1 WorkCentre Multifunction Syste

Document Fee er & Scanner (IIT)

Marking Engine (IOT)

Paper Trays

User Interface (UI)

The Network Controller is

located on the left rear side of

the machine in WorkCentre

3550 products.

Output Bin

USB Host Port

XEROX WorkCentre

3550

Information Assurance Disclosure Paper

Ver. 1.3, March 2011 Page 7 of 32

2.1. Security-relevant Subsystems

2.1.1. Physical Partitioning

The security-relevant subsystems of the pro uct are partitione as shown in Figure 2-2.

Figure 2-2 Syste functional block diagra

XEROX WorkCentre

3550

Information Assurance Disclosure Paper

Ver. 1.3, March 2011 Page 8 of 32

2.1.2. Security Functions allocate to Subsystems

Security Function Subsyste

System Authentication

Controller

Graphical User Interface

Network Authentication

Controller

Graphical User Interface

Cryptographic Operations

Controller

User Data Protection – SSL

Controller

User Data Protection – IP Filtering

Controller

User Data Protection – IPSec

Controller

Network Management Security

Controller

Fax Flow Security

Fax Mo ule

Controller

Graphical User Interface

Security Management

Controller

Graphical User Interface

Table 1 Security Functions allocated to Subsyste s

XEROX WorkCentre

3550

Information Assurance Disclosure Paper

Ver. 1.3, March 2011 Page 9 of 32

2.2. Controller

2.2.1. Purpose

The controller provi es both network an irect-connect external interfaces, an enables copy, print, email, network

scan an LanFAX functionality. Network scanning an LanFAX are stan ar features. The controller also

incorporates a proprietary web server that exports a Web User Interface (WebUI) through which users can submit

jobs an check job an machine status, an through which system a ministrators can remotely a minister the

machine.

The controller contains the image path, which uses proprietary har ware an algorithms to process the scanne

images into high-quality repro uctions. Scanne images may be temporarily buffere in DRAM to enable electronic

pre-collation, sometimes referre to as scan-once/print-many. When pro ucing multiple copies of a ocument, the

scanne image is processe an buffere in the DRAM in a proprietary format. The buffere bitmaps are then rea

from DRAM an sent to the Image Output Terminal (IOT) for marking on har copy output. For long ocuments, the

pro uction of har copy may begin before the entire original is scanne , achieving a level of concurrency between the

scan an mark operations.

The controller operating system is pSOS v2.5. The controller works with the User Interface (UI) assembly to provi e

system configuration functions. A System A ministrator PIN must be entere at the UI in or er to access these

functions.

2.2.2. Memory Components

Volatile Me ory

Type (SRAM, DRAM,

etc)

Size

User

Modifiable

(Y/N)

Function or U

Process to Sanitize

SDRAM 256/512

Expan able

to 512 MB

Main Memory Remove power

Additional Infor ation:

Non-Volatile Me ory

Type (

Flash, EEPROM,

etc)

Size

User

Modifiable

(Y/N)

Function or Use

Process to Sanitize

Flash 32 MB No Operating System, PDL

Interpreters, Fonts, MIB, Fax

Journal List, Fax Dialing, Co e

use for sche uling the

marking of jobs

None

Flash ROM 1 MB No Backup None

Flash 8 MB No Fax/Font Backup None

Additional Infor ation:

All memory liste above contains co e for execution an configuration information. No user or job

ata is permanently store in this location.

Table 2 Controller e ory co ponents

XEROX WorkCentre

3550

Information Assurance Disclosure Paper

Ver. 1.3, March 2011 Page 10 of 32

2.2.3. External Connections

Table 3 Controller External Connections

Figure 2-3 Back panel connections

2.2.4. USB Ports

The WorkCentre 3550 contains a host connector for a USB flash rive, enabling printing from USB, scanning to USB

an uploa of software upgra e files.

Autorun is isable on this port. No executable files will be accepte by the port.

Mo ifying the software upgra e or save machine settings files will make the files unusable on a WorkCentre 3550.

The machine settings that can be save an restore by a service technician are limite to controller parameters that

are nee e for normal operation.

Both ports can be isable by an A min via the WebUI.

USB

USB port and location Purpose

USB 2.0 Host port Printing from USB, scanning to USB, uploa of software upgra e files

USB 2.0 Target port Direct-connect printing

Table 4 USB Ports

Interface Description / Usage

Foreign Device Interface (FDI) Allows connection of optional access

control har ware

PEK (Pro uct Enablement Key)

Rea er Slot

Use for initial pro uct configuration.

USB 2.0 Target Port Direct-connect printing

Ethernet 10/100/1000 Network connectivity

FAX line 1, RJ-11 Supports FAX Mo em T.30 protocol

only

Extension Telephone Socket

(EXT), RJ11

Allows connection of telephone

USB 2.0 Host Port (Not Picture

– see Figure 2-1)

Printing from USB, scanning to USB,

uploa of software upgra e files

Other manuals for WorkCentre 3550

Other Xerox All In One Printer manuals

Xerox

Xerox Legacy 4112 User manual

Xerox

Xerox WORKCENTRE 7425 Quick start guide

Xerox

Xerox 8860MFP - Phaser Color Solid Ink User manual

Xerox

Xerox WorkCentre 5955 User manual

Xerox

Xerox WORKCENTRE 5030 Owner's manual

Xerox

Xerox Document WorkCentre 450c User manual

Xerox

Xerox WorkCentre 5330 User manual

Xerox

Xerox WorkCentre Pro 385 User manual

Xerox

Xerox versalink C7020 Operating manual

Xerox

Xerox VersaLink C605 User manual

Xerox

Xerox WorkCentre 3215 User manual

Xerox

Xerox Phaser 6500 User manual

Xerox

Xerox WorkCentre PE120 User manual

Xerox

Xerox WorkCentre 6605DN User manual

Xerox

Xerox Document WorkCentre 450c User manual

Xerox

Xerox AltaLink B8045 Guide

Xerox

Xerox WorkCentre 5020 Operating manual

Xerox

Xerox WorkCentre 6015NI User manual

Xerox

Xerox WORKCENTRE 7425 Service manual

Xerox

Xerox WORKCENTRE 7120 User manual

Xerox

Xerox FaxCentre 2121 User manual

Xerox

Xerox WorkCentre 7225 User manual

Xerox

Xerox WorkCentre 3025 Operating manual

Xerox

Xerox WorkCentre 6027 Operating manual

Popular All In One Printer manuals by other brands

Brother

Brother MFC-J220 Basic user's guide

Brother

Brother MFC-8510DN Basic user's guide

Ricoh

Ricoh Aficio FX200 Service training

Olivetti

Olivetti d-Copia 16W Operation manual

Konica Minolta

Konica Minolta bizhub C3850FS user guide

Konica Minolta

Konica Minolta bizhub 758 manual

Lexmark

Lexmark MX310 Series Service manual

Ricoh

Ricoh Aficio 3224C operating instructions

Sagem

Sagem MF 3625 user manual

Epson

Epson Epson Stylus NX530 quick guide

Brother

Brother MFC9800 - MFC 9800 B/W Laser owner's manual

Konica Minolta

Konica Minolta 7033 instruction manual

Ricoh

Ricoh Aficio MP 161F operating instructions

Epson

Epson WorkForce WF-2510 Basic guide

Epson

Epson Stylus Scan 2000 Product information guide

Epson

Epson PictureMate Snap PM 240 Start here

Brother

Brother MFC-J430w user guide

Konica Minolta

Konica Minolta BIZHUB 558 Quick reference guide

Xerox WorkCentre 3550 Technical manual

Popular All In One Printer manuals by other brands