Xerox WORKCENTRE 5735 Technical manual
Xerox WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Version 2.0
Pre ared by:
Larry Kovnat
Xerox Cor oration
1350 Jefferson Road
Rochester, New York 14623
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 2 of 50
©2010 Xerox Cor oration. All rights reserved. Xerox and the s here of connectivity design are trademarks of
Xerox Cor oration in the United States and/or other counties.
Other com any trademarks are also acknowledged.
Document Version: 1.00 (May 2010).
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 3 of 50
1. INTRODUCTION ..................................................................................................................................5
1.1.
Purpose .................................................................................................................................................................................... 5
1.2.
Target Audience ................................................................................................................................................................... 5
1.3.
Disc aimer ............................................................................................................................................................................... 5
2. DEVICE DESCRIPTION .......................................................................................................................6
2.1.
Security-re evant Subsystems ......................................................................................................................................... 6
2.1.1.
Physical Partitioning .......................................................................................................................................................................6
2.1.2.
Security Functions allocated to Subsystems ........................................................................................................................7
2.2.
Contro er ................................................................................................................................................................................ 8
2.2.1.
Pur ose ................................................................................................................................................................................................8
2.2.2.
Memory Com onents ....................................................................................................................................................................8
2.2.3.
External Connections .................................................................................................................................................................. 10
2.2.4.
USB Ports ......................................................................................................................................................................................... 10
2.2.
Fax Modu e .......................................................................................................................................................................... 11
2.3.1.
Pur ose ............................................................................................................................................................................................. 11
2.3.2.
Hardware ......................................................................................................................................................................................... 11
2.4.
Scanner ................................................................................................................................................................................. 11
2.4.1.
Pur ose ............................................................................................................................................................................................. 11
2.4.2.
Hardware ......................................................................................................................................................................................... 11
2.5.
Graphica User Interface (GUI) ................................................................................................................................... 12
2.5.1.
Pur ose ............................................................................................................................................................................................. 12
2.5.2.
Hardware ......................................................................................................................................................................................... 12
2.6.
Marking Engine (a so known as the Image Output Termina or IOT) .......................................................... 13
2.6.1.
Pur ose ............................................................................................................................................................................................. 13
2.6.2.
Hardware ......................................................................................................................................................................................... 13
2.6.3.
Control and Data Interfaces .................................................................................................................................................... 13
2.7.
System Software Structure ........................................................................................................................................... 13
2.7.1.
O en-source com onents ......................................................................................................................................................... 13
2.7.2.
OS Layer in the Controller ......................................................................................................................................................... 13
2.7.3.
Network Protocols ........................................................................................................................................................................ 15
2.8.
Logica Access ..................................................................................................................................................................... 16
2.8.1.
Network Protocols ........................................................................................................................................................................ 16
2.8.2.
Ports ................................................................................................................................................................................................... 17
2.8.3.
IP Filtering ....................................................................................................................................................................................... 21
3. SYSTEM ACCESS ................................................................................................................................ 22
3.1.
Authentication Mode ..................................................................................................................................................... 22
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 4 of 50
3.2.
Login and Authentication Methods ........................................................................................................................... 24
3.2.1.
System Administrator Login [All roduct configurations] ........................................................................................... 24
3.2.2.
User authentication ..................................................................................................................................................................... 24
3.3.
System Accounts ............................................................................................................................................................... 26
3.3.1.
Printing [Multifunction models only] .................................................................................................................................... 26
3.3.2.
Network Scanning [Multifunction models only] .............................................................................................................. 26
3.4.
Diagnostics .......................................................................................................................................................................... 27
3.4.1.
Service [All roduct configurations] ...................................................................................................................................... 27
3.4.2.
Alternate Boot via Serial Port .................................................................................................................................................. 27
3.4.3.
tty Mode ........................................................................................................................................................................................... 27
3.4.4.
Diagnostics via Portable Service Workstation (PSW) Port ........................................................................................... 27
3.4.5.
Summary .......................................................................................................................................................................................... 30
4. SECURITY ASPECTS OF SELECTED FEATURES ...................................................................... 31
4.1.
Audit Log .............................................................................................................................................................................. 31
4.2.
Xerox Standard Accounting .......................................................................................................................................... 39
4.3.
Automatic Meter Reads ................................................................................................................................................. 40
4.4.
Encrypted Partitions ........................................................................................................................................................ 40
4.5.
Image Overwrite ............................................................................................................................................................... 40
4.5.1.
Algorithm ......................................................................................................................................................................................... 41
4.5.2.
User Behavior ................................................................................................................................................................................. 41
4.5.3.
Overwrite Timing .......................................................................................................................................................................... 41
5. RESPONSES TO KNOWN VULNERABILITIES ......................................................................... 42
5.1.
Security @ Xerox (www.xerox.com/security) .......................................................................................................... 42
6. APPENDICES ....................................................................................................................................... 43
6.1.
Appendix A – Abbreviations ......................................................................................................................................... 43
6.2.
Appendix B – Supported MIB Objects ....................................................................................................................... 45
6.3.
Appendix C –Standards .................................................................................................................................................. 48
6.4.
Appendix E – References ................................................................................................................................................ 50
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 5 of 50
1. Introduction
The
WorkCentre 5735/5740/5745/5755/5765/5775/5790 multifunction systems
are among the latest
versions of Xerox co ier and multifunction devices for the general office.
1.1. Pur ose
The ur ose of this document is to disclose information for the WorkCentre roducts with res ect to device security.
Device Security, for this a er, is defined as how image data is stored and transmitted, how the roduct behaves in a
networked environment, and how the roduct may be accessed, both locally and remotely. Please note that the
customer is res onsible for the security of their network and the WorkCentre roducts do not establish security for
any network environment.
The ur ose of this document is to inform Xerox customers of the design, functions, and features of the WorkCentre
roducts relative to Information Assurance (IA).
This document does NOT rovide tutorial level information about security, connectivity, PDLs, or WorkCentre
roducts features and functions. This information is readily available elsewhere. We assume that the reader has a
working knowledge of these ty es of to ics. However, a number of references are included in the A endix.
1.2. Target Audience
The target audience for this document is Xerox field ersonnel and customers concerned with IT security.
1.3. Disclaimer
The information in this document is accurate to the best knowledge of the authors, and is rovided without warranty
of any kind. In no event shall Xerox Cor oration be liable for any damages whatsoever resulting from user's use or
disregard of the information rovided in this document including direct, indirect, incidental, consequential, loss of
business rofits or s ecial damages, even if Xerox Cor oration has been advised of the ossibility of such damages.
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 6 of 50
2. Device Descri tion
This roduct consists of an in ut document handler and scanner, marking engine including a er ath, controller,
and user interface.
Figure 2-1 WorkCentre Mu tifunction System
2.1. Security-relevant Subsystems
2.1.1. Physical Partitioning
The security-relevant subsystems of the roduct are artitioned as shown in Figure 2-2.
Document Feeder & Scanner
(IIT)
Marking Engine (IOT)
Pa er Trays
Gra hical User
Interface
(GUI)
High-ca acity
feeder accessory
High-volume finisher and
booklet maker accessories
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 7 of 50
PCI Bus
Optical
interface
Buttons and Display
Physical external
interface
Button and TOE internal wiring
(proprietary)
Figure 2-2 System functiona b ock diagram
2.1.2. Security Functions allocated to Subsystems
Security Function Subsystem
Image Overwrite
Controller
Gra hical User Interface
System Authentication
Controller
Gra hical User Interface
Network Authentication
Controller
Gra hical User Interface
Security Audit
Controller
Cry togra hic O erations
Controller
User Data Protection – SSL
Controller
User Data Protection – IP Filtering
Controller
User Data Protection – IPSec
Controller
User Data Protection – Disk Encry tion
Controller
Network Management Security
Controller
Fax Flow Security
Fax Module
Controller
Gra hical User Interface
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 8 of 50
Security Function Subsystem
Security Management
Controller
Gra hical User Interface
Tab e 1 Security Functions a ocated to Subsystems
2.2. Controller
2.2.1. Pur ose
The controller rovides both network and direct-connect external interfaces, and enables co y, rint, email, network
scan, server fax, internet FAX, and LanFAX functionality. Network scanning, server fax, internet fax, and LanFax, are
standard features.
NOTE: The Copier on y version inc udes a hard drive which is used to ho d Operating System software, printing
app ications, and jam c earance videos. Job Image data is not stored on this disk.
Image Overwrite, which is included as a standard feature, enables both Immediate and On-Demand overwrite of any
tem orary image data created on disk. The controller also incor orates an o en-source web server (A ache) that
ex orts a Web User Interface (WebUI) through which users can submit jobs and check job and machine status, and
through which system administrators can remotely administer the machine.
The controller contains the image ath, which uses ro rietary hardware and algorithms to rocess the scanned
images into high-quality re roductions. Scanned images may be tem orarily buffered in DRAM to enable electronic
re-collation, sometimes referred to as scan-once/ rint-many. When roducing multi le co ies of a document, the
scanned image is rocessed and buffered in the DRAM in a ro rietary format. Extended buffer s ace for very large
documents is rovided on the network disk. The buffered bitma s are then read from DRAM and sent to the Image
Out ut Terminal (IOT) for marking on hardco y out ut. For long documents, the roduction of hardco y may begin
before the entire original is scanned, achieving a level of concurrency between the scan and mark o erations.
The controller o erating system is Wind River Linux, kernel v. 2.6.20+. (Note: Consistent with Flaw Remediation, this
baseline may be u dated as indicated by the ‘+’ sign. Unnecessary services such as rsh, telnet and finger are disabled
in the OS. FTP is used in client-only mode by the network scanning feature for the filing of scanned images and the
retrieval of Scan Tem lates; however the controller does not contain an FTP server.
The controller works with the Gra hical User Interface (GUI) assembly to rovide system configuration functions. A
System Administrator PIN must be entered at the GUI in order to access these functions.
2.2.2. Memory Com onents
Vo ati e Memory
Type (SRAM, DRAM,
etc)
Size
User
Modifiab e
(Y/N)
Function or Use
Process to Sanitize
DDR2 SDRAM
U gradeable to
1GB
2GB
N Single Board Controller
(System and user image stored)
Subsequent jobs overwrite
the data and all images are
lost at ower off or reboot.
Additiona Information:
There are also a number of RAM buffers in the video ath that are used for image
mani ulation (Reduce/Enlarge, etc.), and all have no data retention ca ability. When ower is removed all data is lost.
These buffers are ty ically built into the ASICs. Ty ical bleed down time for all volatile memory is 10 seconds.
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 9 of 50
Non-Vo ati e Memory
Type (F ash, EEPROM,
etc)
Size
User
Modifiab e
(Y/N)
Function or Use
Process to Sanitize
Flash ROM 128MB N Single Board Controller
(Boot code and system file)
No user image data stored
NVRAM 128KB N Single Board Controller
(Xerogra hic set oints)
No user image data stored.
Additiona Information:
There are other non volatile memory devices in the system, but these are used solely for
low level I/O control. Some exam les of this distributed control are:
•Power distribution, Photorece tor and main drive motors control
•Raster Out ut Scanner (ROS)
•Pa er Registration
•
Finisher
Tab e 2 Contro er memory components
Media and Storage
Type (disk drives,
tape drives, CF/SD/XD
memory cards, etc.):
Removab e
Y / N
Size:
User
Modifiab e:
Y / N
Function:
Process to Sanitize:
Disk drive N 80GB N Network Controller
A lication and Co y
Controller A lication
software. Image
storage, rocessing and
Overflow EPC image
storage.
On Demand Image
Overwrite
Fax Card N 512MB N User FAX image data
stored
User image data
overwritten at the
com letion of each fax
job.
Overwritten by
Standard or Full
ODIO o eration
Tab e 3 Hard Disk Drives
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 10 of 50
2.2.3. External Connections
Figure 2-3 Back pane connections
Interface Description / Usage
FAX line 1, RJ-11 Su orts FAX Modem T.30 rotocol only
FAX line 2, RJ-11 Su orts FAX Modem T.30 rotocol only
USB Host Port
Software u grade
PSW USB Target Port
Direct-connect rinting; Xerox diagnostic tools (PSW and CAT)
and Xerox co ier assistant
Ethernet 10/100/1000 Network connectivity
Scanner Pro rietary connection between the scanner and controller
carrying ower and communications
Serial Port Engineering develo ment debug; default state is disabled
Foreign Device Interface (FDI) Allows connection of o tional access control hardware
Tab e 4 Contro er Externa Connections
2.2.4. USB Ports
The WorkCentre contains a host connector for a USB flash drive, enabling u load of software u grades and
download of network logs or machine settings files.
Autorun is disabled on this ort. No executable files will be acce ted by the ort.
Modifying the software u grade, network logging or saved machine settings files will make the files unusable on a
WorkCentre .
The data in the network logging file is encry ted and can only be decry ted by Xerox service.
The machine settings that can be saved and restored by a service technician are limited to controller and fax
arameters that are needed for normal o eration. For exam le, the fax address book can be saved and restored by a
service technician.
There is no method for a user, administrator or technician to move image data from the WorkCentre to a USB device.
USB
USB port and ocation Purpose
USB Host orts Software u grade
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 11 of 50
USB Target ort Direct-connect rinting; Xerox diagnostic tools (PSW and CAT) and Xerox co ier assistant
Tab e 5 USB Ports
2.2. Fax Module
2.3.1. Pur ose
The embedded FAX service uses the installed embedded fax card to send and receive images over the tele hone
interface.
2.3.2. Hardware
The Fax module contains the fax modem and RJ-11 connector. The Fax modem im lements the T.30 fax rotocol.
The Fax module contains a CPU, BIOS, RAM, and Non-Volatile Memory.
Vo ati e Memory Description
Type (SRAM, DRAM, etc)
Size
User Modifiab e
(Y/N)
Function or Use
Process to C ear:
SDRAM 80MB N FAX Card volatile memory No user image data
stored
Additiona Information:
All memory listed above contains code for execution and configuration information. No user or job data is ermanently stored
in this location.
Non-Vo ati e Memory Description
Type (F ash, EEPROM, etc)
Size
User Modifiab e
(Y/N)
Function or Use
Process to C ear:
Flash ROM
4MB
N
FAX executable code.
No user image data
stored.
Additiona Information:
All memory listed above contains code for execution and configuration information. No user or job data is stored in this location.
Tab e 6 Fax Modu e memory components
2.4. Scanner
2.4.1. Pur ose
The ur ose of the scanner is to rovide mechanical trans ort of hardco y originals and to convert hardco y
originals to electronic data.
2.4.2. Hardware
The scanner converts the image from hardco y to electronic data. An o tional document handler moves originals
into a osition to be scanned. The scanner rovides enough image rocessing for signal conditioning and
formatting. The scanner does not store scanned images. All other image rocessing functions are in the co y
controller.
The DADF/Scanner contains a CPU, BIOS, RAM, and Non-Volatile Memory
.
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 12 of 50
Vo ati e Memory Description
Type (SRAM, DRAM, etc)
Size
User Modifiab e
(Y/N)
Function or Use
Process to C ear:
SRAM 6KB N Scanner volatile memory; no user
image data stored
Power Off System
Additiona Information:
All memory listed above contains code for execution and configuration information. No user or job data is ermanently stored in this location.
Non-Vo ati e Memory Description
Type (F ash, EEPROM, etc)
Size
User Modifiab e
(Y/N)
Function or Use
Process to C ear:
Flash ROM 128MB N Scanner executable code No user image data
stored
Additiona Information:
All memory listed above contains code for execution and configuration information. No user or job data is stored in these locations.
Tab e 7 Scanner memory components
2.5. Gra hical User Interface (GUI)
2.5.1. Pur ose
The GUI detects soft and hard button actuations, and rovides text and gra hical rom ts to the user. The GUI is
sometimes referred to as the Local UI (LUI) to distinguish it from the WebUI, which is ex orted by the web service
that runs in theccontroller. Images are not transmitted to or stored in the GUI. The Start hard button is located on
the GUI anel.
2.5.2. Hardware
The user interface contains a FPGA that contains RAM and Non-Volatile Memory
.
Vo ati e Memory Description
Type (SRAM, DRAM, etc)
Size
User Modifiab e
(Y/N)
Function or Use
Process to C ear:
DRAM 2KB N User Interface volatile memory; no
user image data stored
Power Off System
Additiona Information:
All memory listed above contains code for execution and configuration information. No user or job data is ermanently stored in this location.
Non-Vo ati e Memory Description
Type (F ash, EEPROM, etc)
Size
User Mo
difiab e
(Y/N)
Function or Use
Process to C ear:
Flash ROM 32KB N no user image data stored No user image data
stored
Additiona Information:
All memory listed above contains code for execution and configuration information. No user or job data is stored in this location.
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 13 of 50
Tab e 8 User Interface memory components
2.6. Marking Engine (also known as the Image
Out ut Terminal or IOT)
2.6.1. Pur ose
The Marking Engine erforms co y/ rint a er feeding and trans ort, image marking and fusing, and document
finishing. Images are not stored at any oint in these subsystems.
2.6.2. Hardware
The marking engine is com rised of a er su ly trays and feeders, a er trans ort, laser scanner, xerogra hics, and
a er out ut and finishing. The marking engine contains a CPU, BIOS, RAM and Non-Volatile Memory.
2.6.3. Control and Data Interfaces
Images and control signals are transmitted from the co y controller to the marking engine across a ro rietary
interface.
2.7. System Software Structure
2.7.1. O en-source com onents
O en-source com onents in the connectivity layer im lement high-level rotocol services. The security-relevant
connectivity layer com onents are:
•A ache 2.2.11, with mod_ssl integrated (htt and htt s)
•PHP 5.3.1
•O enSSL 0.9.8l (SSL)
•SAMBA 3.0.30 (SMB)
•Netsnm 5.0.9 (SNMPv3)
2.7.2. OS Layer in the Controller
The OS layer includes the o erating system, network and hysical I/O drivers. The controller o erating system is
Wind River Linux, kernel v. 2.6.20+. Xerox may issue security atchesfor the OS, in which case the Xerox ortion of
the version number (i.e.. after the ‘+’ sign) will be incremented.
The cry to library for IPSec is rovided by the kernel.
IP Filtering is also rovided by the kernel.
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 14 of 50
Figure 2-4 Contro er Operating System ayer components
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 15 of 50
2.7.3. Network Protocols
Figure 2-5 is an interface diagram de icting the rotocol stacks su orted by the device, annotated according to the
DARPA model.
Figure 2-5 IPv4 Network Protoco Stack
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 16 of 50
Figure 2-6 IPv6 Network Protoco Stack
2.8. Logical Access
2.8.1. Network Protocols
The su orted network rotocols are listed in A endix D and are im lemented to industry standard s ecifications
(i.e. they are com liant to the a ro riate RFC) and are well-behaved rotocols. There are no ‘Xerox unique’
additions to these rotocols.
2.8.1.1. IPSec
The device su orts IPSec tunnel mode. The rint channel can be secured by establishing an IPSec association
between a client and the device. A shared secret is used to encry t the traffic flowing through this tunnel. SSL must
be enabled in order to set u the shared secret.
When an IPSec tunnel is established between a client and the machine, the tunnel will also be active for
administration with SNMPv2 tools (HP O en View, etc.), roviding security for SNMP SETs and GETS with an
otherwise insecure rotocol. SNMP Tra s may not be secure if either the client or the device has just been rebooted.
IP Filtering can be useful to revent SNMP calls from non-IPSec clients.
Once an IPSec channel is established between two oints, it stays o en until one end reboots or goes into ower
saver,. Only network clients and servers will have the ability to establish an IPSec tunnel with the machine. Thus
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 17 of 50
device-initiated o erations (like scanning) cannot assume the existence of the tunnel unless a rint job (or other
client initiated action) has been reviously run since the last boot at either end of the connection.
2.8.2. Ports
The following table summarizes all otential o en orts and subsequent sections discuss each ort in more detail.
Default
Port #
Ty e Service name
25
TCP SMTP
53
UDP DNS
68
UDP BOOTP/DHCP
80
TCP HTTP
88
UDP Kerberos
110
TCP POP-3 client
137
UDP NETBIOS- Name Service
138
UDP NETBIOS-Datagram Service; SMB filing and Scan tem late retrieval
139
TCP NETBIOS; SMB filing and Scan tem late retrieval
161
UDP SNMP
162
UDP SNMP tra
389
UDP LDAP
396
TCP Netware
427
UDP SLP
443
TCP SSL
515
TCP LPR
631
TCP IPP
1900
UDP SSDP
3003
TCP htt /SNMP re ly
9100
TCP raw IP
Tab e 9 Network Ports
Please note that there is no ft ort in this list. ft is only used to ex ort scanned images and to retrieve Scan Job
Tem lates, and will o en ort 21 on the remote device. An ft ort is never o en on the controller itself.
2.8.2.1. Port 25, SMTP
This unidirectional ort is o en only when Scan to E-mail or Internet Fax (I-Fax) is ex orting images to an SMTP
server, or when email alerts are being transmitted. SMTP messages & images are transmitted to the SMTP server
from the device.
2.8.2.2. Port 53, DNS
Designating a DNS server will allow the device to resolve domain names. This can be configured via the LocalUI or
WebUI.
2.8.2.3. Port 68, DHCP
This ort is used only when erforming DHCP, and is not o en all of the time. To ermanently close this ort, DHCP
must be ex licitly disabled. This is done in User Tools via the Local User Interface or via the TCP/IP age in the
Pro erties tab on the WebUI.
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 18 of 50
2.8.2.4. Port 80, HTTP
The embedded web ages communicate to the machine through a set of unique APIs and do not have direct access
to machine information:
The HTTP ort can only access the HTTP server residing in the controller. The embedded HTTP server is A ache. The
ur ose of the HTTP server is to:
•Give users information of the status of the device;
•View the job queue within the device and delete jobs;
•Allow users to download rint ready files and rogram Scan to File Job Tem lates;
•Allow remote administration of the device. Many settings that are on the Local UI are re licated in the
device’s web ages. Users may view the ro erties of the device but not change them without logging into the
machine with administrator rivileges.
The HTTP server can only host the web ages resident on the hard disk of the device. It does not and cannot act as a
roxy server to get outside of the network the device resides on. Hence the server cannot access any networks (or
web servers) outside of the customer firewall.
When the device is configured with an IP address, it is as secure as any device inside the firewall. The web ages are
accessible only to authorized users of the network inside the firewall.
This service (and ort) may be disabled in User Tools via the Local User Interface or via the TCP/IP age in the
Pro erties tab on the WebU. Please note that when this is disabled, IPP Port 631 is also disabled.
HTTP may be secured by enabling Secure Sockets Layer.
2.8.2.4.1. Proxy Server
The device can be configured to communicate through a roxy server. Features that can make use of a roxy server
include the Automatic Meter Read feature, scanning to a remote re ository, or retrieving scan tem lates from a
remote tem late ool.
Network
Network Controller
http
server
I
n
t
e
r
n
a
l
A
P
I
machine
information
request
response
request
response
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 19 of 50
2.8.2.5. Port 88, Kerberos
This ort is only o en when the device is communicating with the Kerberos server to authenticate a user, and is only
used only to authenticate users in conjunction with the Network Scanning feature. To disable this ort,
authentication must be disabled, and this is accom lished via the Local User Interface.
This version of software has Kerberos 5.1.1 with DES (Data Encry tion Standard) and 64-bit encry tion. The Kerberos
code is limited to user authentication, and is used to authenticate a user with a given Kerberos server as a valid user
on the network. Please note that the Kerberos server (a 3rd arty device) needs to be set u for each user. Once the
user is authenticated, the Kerberos software has com leted its task. This code will not and cannot be used to encry t
or decry t documents or other information.
This feature is based on the Kerberos rogram from the Massachusetts Institute of Technology (MIT). The Kerberos
network authentication rotocol is ublicly available on the Internet as freeware at
htt ://web.mit.edu/kerberos/www/. Xerox has determined that there are no ex ort restrictions on this version of the
software. However, there are a few deviations our version of Kerberos takes from the standard Kerberos
im lementation from MIT. These deviations are:
1) The device does not kee a user’s initial authentication and key after the user has been authenticated. In a
standard Kerberos im lementation, once a user is authenticated, the device holds onto the authentication for a
rogrammed timeout (the usual default is 12 hours) or until the user removes it ( rior to the timeout eriod). In
the Xerox im lementation, all traces of authentication of the user are removed once they have been
authenticated to the device. The user can send any number of jobs until the user logs off the system, either
manually or through system timeout.
2) The device ignores clock skew errors. In a standard im lementation of Kerberos, authentication tests will fail if a
device clock is 5 minutes (or more) different from the Kerberos server. The reason for this is that given enough
time, someone could reverse engineer the authentication and gain access to the network. With the 5-minute
timeout, the erson has just 5 minutes to reverse engineer the authentication and the key before it becomes
invalid. It was determined during the im lementation of Kerberos for our device that it would be too difficult for
the user/SA to kee the device clock in sync with the Kerberos server, so the Xerox instantiation of Kerberos has
the clock skew check removed. The disadvantage is that this gives malicious users unlimited time to reverse
engineer the user’s key. However, since this key is only valid to access the Network Scanning features on a
device, ossession of this key is of little use for nefarious ur oses.
3) The device ignores much of the information rovided by Kerberos for authenticating. For the most art, the
device only ays attention to information that indicates whether authentication has assed. Other information
that the server may return (e.g. what services the user is authenticated for) is ignored or disabled in the Xerox
im lementation. This is not an issue since the only service a user is being authenticated for is access to an e-
mail directory. No other network services are accessible from the Local UI.
Xerox has received an o inion from its legal counsel that the device software, including the im lementation of a
Kerberos encry tion rotocol in its network authentication feature, is not subject to encry tion restrictions based on
Ex ort Administration Regulations of the United States Bureau of Ex ort Administration (BXA). This means that it
can be ex orted from the United States to most destinations and urchasers without the need for revious a roval
from or notification to BXA. At the time of the o inion, restricted destinations and entities included terrorist-
su orting states (Cuba, Iran, Libya, North Korea, Sudan and Syria), their nationals, and other sanctioned entities
such as ersons listed on the Denied Parties List. Xerox rovides this information for the convenience of its customers
and not as legal advice. Customers are encouraged to consult with legal counsel to assure their own com liance with
a licable ex ort laws.
2.8.2.6. Port 110, POP-3 C ient
This unidirectional ort is used when receiving an Internet Fax (I-Fax) or E-Mail. These jobs may only be rinted, and
the ort is only o en if I-Fax is enabled and while receiving the job. It is not configurable.
XEROX WorkCentre
5735/5740/5745/5755/5765/5775/5790
Information Assurance Disclosure Pa er
Ver. 2.00, March 2011 Page 20 of 50
2.8.2.7. Ports 137, 138, 139, NETBIOS
For rint jobs, these orts su ort the submission of files for rinting as well as su ort Network Authentication
through SMB. Port 137 is the standard NetBIOS Name Service ort, which is used rimarily for WINS. Port 138
su orts the CIFS browsing rotocol. Port 139 is the standard NetBIOS Session ort, which is used for rinting. Ports
137, 138 and 139 may be configured in the Pro erties tab of the device’s web age.
For Network Scanning features, orts 138 and 139 are used for both outbound (i.e. ex orting scanned images and
associated data) and inbound functionality (i.e. retrieving Scan Tem lates). In both instances, these orts are only
o en when the files are being stored to the server or tem lates are being retrieved from the Tem late Pool. For these
features, SMB rotocol is used.
2.8.2.8. Ports 161, 162, SNMP
These orts su ort the SNMPv1, SNMPv2c, and SNMPv3 rotocols. Please note that SNMP v1 does not have any
assword or community string control. SNMPv2 relies on a community string to kee unwanted eo le from
changing values or browsing arts of the MIB. This community string is transmitted on the network in clear text so
anyone sniffing the network can see the assword. Xerox strongly recommends that the customer change the
community string u on roduct installation. SNMP is configurable, and may be ex licitly enabled or disabled in the
Pro erties tab of the device’s web ages.
SNMP traffic may be secured if an IPSec tunnel has been established between the agent (the device) and the
manager (i.e. the user’s PC).
The device su orts SNMPv3, which is an encry ted version of the SNMP rotocol that uses a shared secret. Secure
Sockets Layer must be enabled before configuring the shared secret needed for SNMPv3.
2.8.2.9. Port 389, LDAP
This is the standard LDAP ort used for address book queries in the Scan to Email feature.
2.8.2.10. Port 396, Netware
This configurable ort is used when Novell Netware is enabled to run over IP.
2.8.2.11. Port 427, SLP
When activated, this ort is used for service discovery and advertisement. The device will advertise itself as a rinter
and also listen for SLP queries using this ort. It is not configurable. This ort is ex licitly enabled / disabled in the
Pro erties tab of the device’s web ages.
2.8.2.12. Port 443, SSL
This is the default ort for Secure Sockets Layer communication. This ort can be configured via the device’s web
ages. SSL must be enabled before setting u either SNMPv3 or IPSec or before retrieving the audit log (see Sec.
4.1). SSL must also be enabled in order to use any of the Web Services (Scan Tem late Management, Automatic
Meter Reads, or Network Scanning Validation Service).
SSL should be enabled so that the device can be securely administered from the web UI. When scanning, SSL can be
used to secure the filing channel to a remote re ository.
SSL uses X.509 certificates to establish trust between two ends of a communication channel. When storing scanned
images to a remote re ository using an htt s: connection, the device must verify the certificate rovided by the
remote re ository. A Trusted Certificate Authority certificate should be u loaded to the device in this case.
To securely administer the device, the user’s browser must be able to verify the certificate su lied by the device. A
certificate signed by a well-known Certificate Authority (CA) can be downloaded to the device, or the device can
generate a self-signed certificate. In the first instance, the device creates a Certificate Signing Request (CSR) that
can be downloaded and forwarded to the well-known CA for signing. The signed device certificate is then u loaded
to the device. Alternatively, the device will generate a self-signed certificate. In this case, the generic Xerox root CA
certificate must be downloaded from the device and installed in the certificate store of the user’s browser.
The device su orts only server authentication.
Other manuals for WORKCENTRE 5735
8
This manual suits for next models
6
Other Xerox All In One Printer manuals
Xerox
Xerox WorkCentre 7220 User manual
Xerox
Xerox WorkCentre M15 User manual
Xerox
Xerox Phaser 6110MFP User manual
Xerox
Xerox WorkCentre Pro 412 Instruction Manual
Xerox
Xerox WorkCentre 5325 User manual
Xerox
Xerox WorkCentre PE120i User manual
Xerox
Xerox Phaser 3010 User manual
Xerox
Xerox WorkCentre PE16 User manual
Xerox
Xerox WorkCentre 3345 Operating manual
Xerox
Xerox PHASER 8560MFP User manual
Xerox
Xerox WorkCentre 7228 User manual
Xerox
Xerox ColorQube 8900 series User manual
Xerox
Xerox B215 User manual
Xerox
Xerox 3635MFP - Phaser B/W Laser User manual
Xerox
Xerox Phaser 6180MFP Operating manual
Xerox
Xerox 4150 - WorkCentre B/W Laser User manual
Xerox
Xerox Phaser 6140N Installation instructions
Xerox
Xerox WorkCentre 4260S User manual
Xerox
Xerox Nuvera Digital Production System Paper Quick reference guide
Xerox
Xerox Document Centre 432 User manual
