Administrator's Guide
Table Of Contents
- Introduction
- Initial Setup
- Physically Connecting the Printer
- Assigning a Network Address
- Connecting the Printer to a Wireless Network
- Accessing Administration and Configuration Settings
- Initial Setup at the Control Panel
- Initial Setup in CentreWare Internet Services
- Changing the System Administrator Password
- Setting the Date and Time
- Network Connectivity
- Security
- Setting Access Rights
- Configuring Authentication Settings
- Configuring Authorization Settings
- Setting the Authorization Method
- Configuring Local Authorization Settings
- Configuring Network Authorization Settings
- User Permissions
- User Roles
- Editing Print Permissions for the Non-Logged-In Users Role
- Editing Services and Tools Permissions for the Non-Logged-In Users Role
- Creating a New Role
- Assigning Users to a Role for Local Authorization
- Assigning User Groups to a Role for Network Authorization
- Editing a Logged-In User Role
- Specifying Job Override Policies
- Troubleshooting Conflicting Permissions
- Secure HTTP (SSL)
- FIPS 140-2
- Stored Data Encryption
- IP Filtering
- Audit Log
- Installation Policies
- McAfee Embedded Control
- IPsec
- Security Certificates
- Installing Certificates
- Creating and Installing a Xerox® Device Certificate
- Installing the Generic Xerox® Trusted CA Certificate
- Creating a Certificate Signing Request
- Installing Root Certificates
- Installing Domain Controller Certificates
- Viewing, Saving, or Deleting a Certificate
- Specifying the Minimum Certificate Key Length
- 802.1X
- System Timeout
- Overwriting Image Data
- PostScript Passwords
- USB Port Security
- Displaying or Hiding Network Settings
- Hiding User Names on the Control Panel
- Verifying the Software
- Restricting Print File Software Updates
- Specifying Email and Internet Fax Recipient Restrictions
- Disabling the System Administrator Password Reset
- Printing
- Paper Management
- Saving and Reprinting Jobs
- Printing Jobs from CentreWare Internet Services
- Configuring General Print Settings
- Printing an Error Sheet
- Managing Banner Page Printing Options
- Configuring Secure Print Settings
- Hold All Jobs
- UNIX, Linux, and AS/400 Printing
- Print from USB
- Print from Mailbox
- AirPrint
- Allowing Users to Interrupt Active Print Jobs
- Specifying Output Settings
- Copying
- Scanning
- Scanning to a Folder on the Printer
- Scanning to an Email Address
- Workflow Scanning
- Enabling Workflow Scanning
- Configuring File Repository Settings
- Configuring the Default Template
- Configuring a Template to Create a Password-Protected PDF
- Configuring Workflow Scanning General Settings
- Setting Scanned Image File Naming Conventions
- Configuring Custom File Naming
- Configuring Template Pool Repository Settings
- Updating the List of Templates at the Control Panel
- Setting Template Display Settings for the Control Panel
- Configuring a Validation Server
- Scan to USB
- Scanning to a User Home Folder
- Configuring the Printer for the Xerox Scan Utility
- Enabling Remote Scanning using TWAIN
- Configuring Scan To Destination
- Faxing
- Fax Overview
- Fax
- Configuring Required Fax Settings
- Configuring Address Book Settings
- Fax Security
- Setting Fax Defaults
- Setting Fax Feature Defaults
- Fax Forwarding
- Fax Polling
- Fax Mailboxes
- Fax Reports
- Setting Up Fax Reports
- Printing a Fax Report
- Deleting Sent Fax Jobs from Memory
- Server Fax
- Internet Fax
- LAN Fax
- Accounting
- Xerox Standard Accounting
- Network Accounting
- Accounting Using an Auxiliary Access Device
- Enabling Accounting in Print Drivers
- Printing a Copy Activity Report
- Administrator Tools
- Monitoring Alerts and Status
- Energy Saving Settings
- Remote Control Panel
- Entry Screen Defaults
- Setting the Date and Time
- Smart eSolutions and Billing Information
- Cloning
- Address Books
- Font Management Utility
- Network Logs
- Customizing Printer Contact Information
- Display Device Information
- Xerox Online Support
- Restarting the Printer in CentreWare Internet Services
- Taking the Printer Offline
- Resetting the Printer to Factory Default Settings
- Updating the Printer Software
- Adjusting Color, Image, and Text Detection Settings
- Customization and Expansion
- Xerox Extensible Interface Platform
- Auxiliary Interface Kit
- Driver Download Link
- Creating a Custom Single-Touch Scan Service
- Weblet Management
- Configuring Weblet Settings
- Audit Log Event Identification Numbers
- External Keyboard
Security
98 ColorQube 8700/8900 Color Multifunction Printer
System Administrator Guide
4. In the Security Parameter Index: IN field, type a 32-bit number larger than 256 that identifies the
inbound Security Association (SA).
5. In the Security Parameter Index: OUT field, type a 32-bit number larger than 256 that identifies the
outbound Security Association (SA).
6. If you selected ESP under IPsec security, under Hash, select an option.
7. Under Enter Keys as, select ASCII format or Hexadecimal number.
8. For Hash Key: IN and Hash Key: OUT, type a 20-character ASCII key or 40-character Hexadecimal
key.
9. If you selected ESP or BOTH for the IPsec Security type, under Encryption, select an option.
Note: If you are configuring an IPsec security policy to communicate with a Linux computer, and
you selected BOTH for the security type, select 3DES encryption. If you select AES encryption, the
data transfer rate is reduced.
10. For Encryption Key: IN and Encryption Key: OUT, type a 24-character ASCII key or 48-character
Hexadecimal key.
11. Click Save.
Configuring Internet Key Exchange Settings
IKE is a keying protocol that allows automatic negotiation and authentication, anti-replay services, and
CA support. It can also change encryption keys during an IPsec session. IKE is used as part of virtual
private networking.
IKE Phase 1 authenticates the IPsec peers and sets up a secure channel between the peers to enable IKE
exchanges. IKE Phase 2 negotiates IPsec SAs to set up the IPsec tunnel.
1. Under IKE Phase 1, in the Key Lifetime field, type the length of time until the key expires in Seconds,
Minutes, or Hours. When a key reaches this lifetime, the SA is renegotiated and the key is
regenerated or refreshed.
2. Select the DH Group from the following options:
− Group 2 provides a 1024-bit Modular Exponential (MODP) keying strength.
− Group 14 provides a 2048-bit MODP keying strength.
3. Under IKE Phase 2, select the IPsec Mode. Options are Transport Mode or Tunnel Mode.
Note: Transport mode only encrypts the IP payload, whereas Tunnel mode encrypts the IP header
and the IP payload. Tunnel mode provides protection for an entire IP packet by treating it as an
Authentication Header (AH), or Encapsulating Security Payload (ESP).
4. If you selected Tunnel Mode, under Enable Security End Point Address, select the address type.
Options are Disabled, IPv4 Address, or IPv6 Address.
5. Under IPsec Security, select ESP, AH, or BOTH.
6. Type the Key Lifetime, and select Seconds, Minutes, or Hours.
7. Under Perfect Forward Secrecy (PFS), select None, Group 2, or Group 14.
Note: PFS is disabled by default. PFS allows faster IPsec setup, but is less secure.
8. Under Hash, select from the following:
− SHA1
− None