Dell™ C7765dn/Dell™ C5765dn Security Function Supplementary Guide Regulatory Model: C7765dn/C5765dn
Information in this document is subject to change without notice. © 2014 Dell Inc. All rights reserved. This publication could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in later editions. Improvements or changes in the products or the programs described may be made at any time. For Dell technical support and downloads, visit dell.
Table of Contents Table of Contents Table of Contents .....................................................................................................................3 Before Using the Security Features.......................................................................................5 Preface...................................................................................................................................5 Security Features .........................................................
Before Using the Security Features Before Using the Security Features This section describes the security features and items to be confirmed. Preface This guide describes the setup procedures related to security. This guide is mainly intended for the manager and system administrator of the organization where the machine is installed. This guide also describes useful information for general users about the operations related to security features.
Security Features Dell C7765dn and C5765dn have the following security features: • Hard Disk Data Overwrite • Hard Disk Data Encryption • User Authentication • System Administrator's Security Management • Customer Engineer Operation Restriction • Security Audit Log • Internal Network Data Protection • Self Test • FAX Flow Security Settings for the Secure Operation For the effective use of the security features, the System Administrator (Machine Administrator) must configure settings by referring to the fol
Before Using the Security Features • Maximum Login Attempts Set to [5] times. • Access Control Set to [Locked] for [Device Access] and [Lock All] for [Service Access]. • User Passcode Minimum Length Set to [9] characters. • SMB Set to disabled for [NetBEUI]. • WebDAV Set to disabled (when remote authentication is used). • IPP Set to enabled. • SSL/TLS Set to enabled. • Service Representative Restricted Operation Set to [Enabled], and enter a passcode of 9 or more characters. • Audit Log Set to enabled.
• If the machine is on the internal network that connects to external networks, configure the network properly to block any unauthorized external access. • Set passcode and encryption key according to the following rules. - Do not use an easily guessable passcode. - A passcode needs to contain both numeric and alphabetic characters. • Administrators need to set the account policies on the remote authentication server as follows. - Set password policy to 9 or more characters.
Before Using the Security Features Important • While you are using Dell Printer Configuration Web Tool, do not access other web sites, and do not use other applications. • When you change [Authentication Type] or prior to disposing the machine, initialize the hard disk by resetting [Data Encryption] and changing [encryption key]. • For preventing SSL vulnerability, set the machine address in the proxy exclusion list of browser.
11 12 10 Select [Save]. To exit the [Tools] screen, select [Close] twice.
Settings for the Secure Operation 1 (Initial Settings Procedures Using Control Panel) Settings for the Secure Operation 1 (Initial Settings Procedures Using Control Panel) This section describes the initial settings related to security features, and how to set them on the machine's control panel. Authentication for entering System Administration mode To change or customize the system settings, enter the System Administration mode. 1 2 3 4 5 6 Press the button on the control panel.
Set Data Encryption Follow the procedure below to encrypt data recorded on the machine’s hard disk. 1 2 3 4 5 6 7 8 9 10 11 12 13 Select [System Settings] on the [Tools] screen. Select [Common Service Settings]. Select [Other Settings]. On the [Other Settings] screen, select [Data Encryption]. Select [Change Settings]. Select [On]. Select [New Encryption Key]. Enter a new 12 character encryption key, and then select [Save]. Select [Re-enter Encryption Key]. Enter the same passcode, and then select [Save].
Settings for the Secure Operation 1 (Initial Settings Procedures Using Control Panel) Set Private Print Follow the procedure below to configure the Private Print settings. 1 2 3 4 5 Select [Authentication/Security Settings] on the [Tools] screen. Select [Authentication]. Select [Charge/Private Print Settings]. Select [Receive Control]. Select [Change Settings]. When [Login to Local Accounts] is selected 1) Select [According to Print Accounting].
Set Direct Fax When remote authentication is used, follow the procedure below to set [Direct Fax] to [Disabled]. 1 2 3 4 5 6 7 8 Select [System Settings] on the [Tools] screen. Select [Fax Service Settings]. Select [Fax Control]. Select [Direct Fax]. Select [Change Settings]. Select [Disabled]. Select [Save]. To exit the [Fax Control] screen, select [Close]. Set Self Test Follow the procedure below to configure the Self Test settings. 1 2 3 4 5 6 7 Select [System Settings] on the [Tools] screen.
Settings for the Secure Operation 2 (Initial Settings Procedures Using Dell Printer Configuration Web Tool) Settings for the Secure Operation 2 (Initial Settings Procedures Using Dell Printer Configuration Web Tool) This section describes the initial settings related to security features, and how to set them on Dell Printer Configuration Web Tool.
3 4 5 6 7 8 9 10 11 12 Click [Next]. Click [Configure] for [Device Access]. Select [Locked] for [Device Access]. Click [Apply]. Click [Authentication Configuration]. Click [Next]. Click [Configure] for [Service Access]. Click [Lock All]. Click [Apply]. Click [Reboot Machine]. Set User Passcode Minimum Length Follow the procedure below to specify the minimum number of digits allowed for a passcode. This feature is only applicable to Local Authentication mode.
Settings for the Secure Operation 2 (Initial Settings Procedures Using Dell Printer Configuration Web Tool) 4 Click [Apply]. Set IPP Follow the procedure below to configure the IPP settings. 1 2 3 4 Click [Connectivity] on the [Properties] screen. Click [Port Settings]. Check the [Enabled] box for [IPP]. Click [Apply]. Set SSL/TLS Dell Configuration Web Tool requires SSL/TLS communication between a networkconnected computer and the machine. 1 2 3 Click [Security] on the [Properties] screen.
6 Click [Apply]. Set Audit Log Follow the procedure below to configure the Audit Log settings. 1 2 3 4 Click [Security] on the [Properties] screen. Click [Audit Log]. Check the [Enabled] box for [Audit Log]. Click [Apply]. Configuring Machine Certificates Import the Certificates for SSL, IPSec, S/MIME. 1 2 3 4 5 6 Click [Security] on the [Properties] screen. Click [Machine Digital Certificate Management]. Click [Upload Signed Certificate].
Settings for the Secure Operation 2 (Initial Settings Procedures Using Dell Printer Configuration Web Tool) 4) Click [Certificate Details]. 5) Click [Use this certificate]. 6) Click [IPSec] under [Security]. 7) Check the [Enabled] box for [Protocol]. 8) Select [Digital Signature] for [IKE Authentication Method]. Make sure the IPSec address is correct. Set IPSec Address 1 2 3 4 5 Enter the IP Address in the [Specify Destination IPv4 Address] box on the [IPSec] screen.
• Since the machine cannot communicate by SNMP v1/v2c, you need to uncheck [SNMP status Enabled] for the port setting on the client's printer driver. Set S/MIME Enable the S/MIME communication to use the e-mail encryption and digital signature features. To use E-mail with this machine, the E-mail function needs to be enabled and configured as described in the User’s Guide's "18 E-mail Environment Settings".
Settings for the Secure Operation 2 (Initial Settings Procedures Using Dell Printer Configuration Web Tool) Set WSD (Scan) For the secure operation of the machine, follow the procedure below to set [WSD (Scan)] to [Disabled]. 1 2 3 4 Click [Connectivity] on the [Properties] screen. Click [Port Settings]. Uncheck the [Enabled] box for [WSD (Scan)]. Click [Apply]. Set LDAP Server Configure the LDAP server settings for directory service. 1 2 3 4 5 6 Click [Connectivity] on the [Properties] screen.
Settings for the Secure Operation 3 (Regular Review by Audit Log) This section describes the Audit Log feature and the settings available via Dell Printer Configuration Web Tool. The Audit Log is regularly reviewed by the Security Administrator, often with the aid of third party analyzing tools. The audit log helps to assess attempted security breaches, identify actual breaches, and prevent future breaches.
Settings for the Secure Operation 3 (Regular Review by Audit Log) e.g.: Sample audit log when someone tried to login as User1 and failed due to an invalid password.
User Authentication This section describes the operation of user authentication. Before using all services and configuring settings, a user must be authenticated with an ID and a passcode. 1 2 3 4 5 Press the button on the control panel. Enter the "User ID" from keypad. Select [Next] on the touch screen. Enter the "Passcode" from keyboard. Select [Enter] on the touch screen. All features on the control panel will be available.
Appendix Appendix List of Operation Procedures Item Using Control Panel Using Dell Printer Configuration Web Tool Default Check the machine’s Clock [System Settings] > [Common Service Settings] > [Machine Clock/Timers] - - Set Use Passcode Entry for Control Panel Login [Authentication/Security Settings] > [Authentication] > [Passcode Policy] > [Passcode Entry for Control Panel Login] or [Passcode Entry from Control Panel] - Off Set Overwrite Hard Disk [Authentication/Security Settings] > [Over
Using Control Panel Item Using Dell Printer Configuration Web Tool Default Set Access Control [Authentication/Security Settings] > [Authentication] > [Access Control] [Security] > [Authentication Configuration] Off Set User Passcode Minimum Length [Authentication/Security Settings] > [Authentication] > [Passcode Policy] > [Minimum Passcode Length] [Security] > [User Details Setup] > [Minimum Passcode Length] 0 Set SMB - [Connectivity] > [Port Settings] On Set WebDAV [System Settings] > [Con
w w w. d e l l . c o m | d e l l .