Résumé du contenu de la page N° 1
Xerox WorkCentre 3550
Information Assurance Disclosure Paper
Version 1.2
Prepared by:
Mark Bixler
Xerox Corporation
800 Phillips Road
Webster, New York 14580
Résumé du contenu de la page N° 2
XEROX WorkCentre 3550 Information Assurance Disclosure Paper ©2011 Xerox Corporation. All rights reserved. Xerox and the sphere of connectivity design are trademarks of Xerox Corporation in the United States and/or other counties. Other company trademarks are also acknowledged. Document Version: 1.3 (March 2011). 2 Ver. 1.3, March 2011 Page 2 of 32
Résumé du contenu de la page N° 3
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 1. INTRODUCTION ..................................................................................................................................5 1.1. Purpose .................................................................................................................................................................................... 5 1.2. Target Audience .....................................................................
Résumé du contenu de la page N° 4
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 3.2. Login and Authentication Methods ........................................................................................................................... 21 3.2.1. System Administrator Login [All product configurations] ........................................................................................... 21 3.2.2. User authentication ......................................................................................
Résumé du contenu de la page N° 5
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 1. Introduction The WorkCentre 3550 multifunction systems are among the latest versions of Xerox copier and multifunction devices for the general office. 1.1. Purpose The purpose of this document is to disclose information for the WorkCentre products with respect to device security. Device Security, for this paper, is defined as how image data is stored and transmitted, how the product behaves in a networked environment, and
Résumé du contenu de la page N° 6
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2. Device Description This product consists of an input document handler and scanner, marking engine including paper path, controller, and user interface. Document Feeder & Scanner (IIT) User Interface (UI) The Network Controller is located on the left rear side of the machine in WorkCentre 3550 products. USB Host Port Marking Engine (IOT) Output Bin Paper Trays Figure 2-1 WorkCentre Multifunction System 6
Résumé du contenu de la page N° 7
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.1. Security-relevant Subsystems 2.1.1. Physical Partitioning The security-relevant subsystems of the product are partitioned as shown in Figure 2-2. Figure 2-2 System functional block diagram 7 Ver. 1.3, March 2011 Page 7 of 32
Résumé du contenu de la page N° 8
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.1.2. Security Functions allocated to Subsystems Security Function Subsystem Controller System Authentication Graphical User Interface Controller Network Authentication Graphical User Interface Controller Cryptographic Operations Controller User Data Protection – SSL Controller User Data Protection – IP Filtering Controller User Data Protection – IPSec Controller Network Management Security Fax Module Fax Flow Se
Résumé du contenu de la page N° 9
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.2. Controller 2.2.1. Purpose The controller provides both network and direct-connect external interfaces, and enables copy, print, email, network scan and LanFAX functionality. Network scanning and LanFAX are standard features. The controller also incorporates a proprietary web server that exports a Web User Interface (WebUI) through which users can submit jobs and check job and machine status, and through which system admini
Résumé du contenu de la page N° 10
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.2.3. External Connections Interface Description / Usage 1 Foreign Device Interface (FDI) Allows connection of optional access control hardware 2 PEK (Product Enablement Key) Used for initial product configuration. Reader Slot 3 USB 2.0 Target Port Direct-connect printing 4 Ethernet 10/100/1000 Network connectivity 5 FAX line 1, RJ-11 Supports FAX Modem T.30 protocol only 6 Extension Telephone Socket Allow
Résumé du contenu de la page N° 11
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.3 Fax Module 2.3.1. Purpose The embedded FAX service uses the installed embedded fax card to send and receive images over the telephone interface. 2.3.2. Hardware The fax card connects directly to the Main Controller processor card. The fax card does not have its own processor and local memory but uses the Main processor and reserved Flash memory. The card contains a fax-only modem that supports the T.30 protocol. If an
Résumé du contenu de la page N° 12
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.5. Local User Interface (LUI) 2.5.1. Purpose The LUI detects hard button actuations, and provides text and graphical prompts to the user. Images are not transmitted to or stored in the LUI. The Start hard button is located on the LUI panel. 2.5.2. Hardware Volatile Memory Description Type (SRAM, DRAM, etc) Size User Modifiable Function or Use Process to Clear: (Y/N) RAM 2KB N User Interface volatile memory; no Power Off
Résumé du contenu de la page N° 13
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.7. System Software Structure 2.7.1. Open-source components Open-source components in the connectivity layer implement high-level protocol services. The security-relevant connectivity layer components are: • Apache 2.2.11, with mod_ssl integrated • Expat XML Parser (http and https) • Unicode • Apache Xerces2 Java • Kerberos 5 • Open1x • sorttable • OpenSLP • Little CMS v1.15 • NetBSD Project • libstdc++ • libupnp • C
Résumé du contenu de la page N° 14
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.7.3. Network Protocols Figure 2- is an interface diagram depicting the protocol stacks supported by the device, annotated according to the DARPA model. Figure 2-4 IPv4 Network Protocol Stack 14 Ver. 1.3, March 2011 Page 14 of 32
Résumé du contenu de la page N° 15
XEROX WorkCentre 3550 Information Assurance Disclosure Paper Figure 2-5 IPv6 Network Protocol Stack 2.8. Logical Access 2.8.1. Network Protocols The supported network protocols are listed in Appendix C and are implemented to industry standard specifications (i.e. they are compliant to the appropriate RFC) and are well-behaved protocols. There are no ‘Xerox unique’ additions to these protocols. 2.8.1.1. IPSec The device supports IPSec tunnel mode. The print channel can be secured b
Résumé du contenu de la page N° 16
XEROX WorkCentre 3550 Information Assurance Disclosure Paper device-initiated operations (like scanning) cannot assume the existence of the tunnel unless a print job (or other client initiated action) has been previously run since the last boot at either end of the connection. 2.8.2. Ports The following table summarizes all potential open ports and subsequent sections discuss each port in more detail. Default Type Service name Port # 25 TCP SMTP 53 UDP DNS 68 UDP BOOTP/DHCP 80 TCP H
Résumé du contenu de la page N° 17
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.8.2.3. Port 68, DHCP This port is used only when performing DHCP, and is not open all of the time. To permanently close this port, DHCP must be explicitly disabled. This is done in User Tools via the Local User Interface or via the TCP/IP page in the Properties tab on the WebUI. 2.8.2.4. Port 80, HTTP The embedded web pages communicate to the machine through a set of unique APIs and do not have direct access to machine infor
Résumé du contenu de la page N° 18
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.8.2.5. Port 88, Kerberos This port is only open when the device is communicating with the Kerberos server to authenticate a user, and is only used only to authenticate users in conjunction with the Network Scanning feature. To disable this port, authentication must be disabled, and this is accomplished via the Local User Interface. This version of software has Kerberos 5.1.1 with DES (Data Encryption Standard) and 64-bit encryp
Résumé du contenu de la page N° 19
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.8.2.7. Ports 161, 162, SNMP These ports support the SNMPv1, SNMPv2c, and SNMPv3 protocols. Please note that SNMP v1 does not have any password or community string control. SNMPv2 relies on a community string to keep unwanted people from changing values or browsing parts of the MIB. This community string is transmitted on the network in clear text so anyone sniffing the network can see the password. Xerox strongly recommends t
Résumé du contenu de la page N° 20
XEROX WorkCentre 3550 Information Assurance Disclosure Paper 2.8.2.15. Port 636, sLDAP This is the standard LDAP port when using SSL for address book queries in the Scan to Email feature. 2.8.2.16. Port 1124, Network Scan Utility This port supports the Xerox Network Scan utility. It is not configurable and cannot be disabled. 2.8.2.17. Port 1900, SSDP This port behaves similarly to the SLP port. When activated, this port is used for service discovery and advertisement. The device will