Manualshelf

Specifications

ManualsBrandsCannon ManualsComputer equipmentimageRunner 3025
11121314151617181920
11
White Paper: Canon imageRUNNER/imagePRESS Security
Authentication and Encryption Method:
At least one of the following methods must be set for the device. You cannot set both methods
at the same time.
AH (Authentication Header)
A protocol for certifying authentication by detecting modifications to the communicated
data, including the IP header. The communicated data is not encrypted.
ESP (Encapsulating Security Payload)
A protocol that provides confidentiality via encryption while certifying the integrity and
authentication of only the payload part of communicated data.
Key Exchange Protocol:
Supports IKEv1 (Internet Key Exchange version 1) for exchanging keys based on ISAKMP
(Internet Security Association and Key Management Protocol). IKE includes two phases; in
phase 1 the SA used for IKE (IKE SA) is created, and in phase 2 the SA used for IPSec (IPSec SA)
is created.
To set authentication with the pre-shared key method, it is necessary to decide upon a
pre-shared key in advance, which is a keyword (24 characters or less) used for both devices to
send and receive data. Use the control panel of the device to set the same pre-shared key as
the destination to perform IPSec communications with, and perform authentication with the
pre-shared key method.
To select authentication with the digital signature method, it is necessary to install a key pair
file and CA certificate file created on a PC in advance using the Remote UI, and then register
the installed files using the control panel of the device. Authentication is conducted with the
destinations for IPSec communication using the CA certificate.
The types of key pair and CA certificate that can be used for authentication with the digital sig-
nature method are indicated below.
• RSA algorithm
X.509 certificate
PKCS#12 format key pair
Wireless LAN
The latest imageRUNNER devices can also support wireless networking through the installation
of an optional Wireless LAN Board.
The Wireless LAN Board is IPv6 compliant and supports the latest wireless traffic encryption
standards, including WEP, WPA and WPA2, in addition to support the IEEE802.1X
authentication standard.
The Wireless LAN Board and the standard network interface of imageRUNNER devices cannot
be used simultaneously, eliminating the possibility of maliciously using the device as a router
or bridge to inter-connect two networks. Network communication functionality is automatically
disabled for the standard network interface when the Wireless LAN Board is enabled.
Section 2 — Canon’s Imaging & Printing Security Framework