XEROX VERSALINK B7030 (02) PDF MANUAL

FREE ENGLISH XEROX VERSALINK B7030 (02) PDF USER GUIDE

FREE ENGLISH XEROX VERSALINK B7030 (02) PDF USER MANUAL

FREE ENGLISH XEROX VERSALINK B7030 (02) PDF OWNER GUIDE

FREE ENGLISH XEROX VERSALINK B7030 (02) PDF OWNER MANUAL

FREE ENGLISH XEROX VERSALINK B7030 (02) PDF REFERENCE GUIDE

FREE ENGLISH XEROX VERSALINK B7030 (02) PDF INSTRUCTION GUIDE

FREE ENGLISH XEROX VERSALINK B7030 (02) PDF REFERENCE MANUAL

FREE ENGLISH XEROX VERSALINK B7030 (02) PDF INSTRUCTION MANUAL

FREE ENGLISH XEROX VERSALINK B7030 (02) PDF OPERATING INSTRUCTIONS

CLICK HERE TO DOWNLOAD XEROX VERSALINK B7030 (02) PDF MANUAL

If this is not the document you want for this product, click here to see if we have any other documents for this product.

XEROX VERSALINK B7030 (02) PDF SUMMARY:

What is the purpose of the “Xerox® Product Security Guide and Information Assurance Disclosure”?

The purpose of this document is to disclose information for Xerox® Office Class printers and multi-function products (referred to as “the product” or “the system”) regarding product security. Product Security, in this context, pertains to how image data is stored and transmitted, how the product operates in a network environment, and how the product can be accessed locally and remotely. The document aims to inform Xerox customers about the design, functions, and features of the product concerning Information Assurance. It is assumed that the reader possesses a working knowledge of security, connectivity, and the product’s features and functions, as the document does not provide tutorial-level information on these topics.

Who is the target audience for the “Xerox® Product Security Guide and Information Assurance Disclosure”?

The target audience for this document includes Xerox field personnel and customers who are concerned with IT security.

What is the disclaimer provided in the “Xerox® Product Security Guide and Information Assurance Disclosure”?

The information provided in this document is believed to be accurate to the best of the authors’ knowledge and is provided without any warranty. Xerox shall not be held liable for any damages resulting from the user’s use or disregard of the information provided, including direct, indirect, incidental, consequential, loss of business profits, or special damages, even if Xerox has been advised of the possibility of such damages.

What physical components are included in AltaLink® and VersaLink® products?

AltaLink® and VersaLink® products consist of an input document handler and scanner, marking engine, controller, and user interface. A typical configuration includes a stabilizer, bypass paper feed tray, front USB port(s), touch screen user interface, upper paper tray, lower paper tray, paper feed trays, caster wheels, rear USB port(s), optional Wi-Fi dongle port, RJ45 Ethernet connection, service port, and AC Power.

What is the function of the user interface in Xerox products?

The user interface detects soft and hard button presses and provides text and graphical prompts to the user. It is sometimes referred to as the Graphical User Interface (GUI) or Local UI (LUI) to differentiate it from the remote web server interface (WebUI). The user interface allows users to access product services and functions, and users with administrative privileges can manage the product configuration settings. User permissions are configurable through Role Based Access Control (RBAC) policies.

What is the role of the scanner in Xerox products?

The scanner converts documents from hardcopy to electronic data. A document handler moves originals into a position to be scanned. The scanner provides image processing for signal conditioning and formatting but does not store scanned images.

What is the function of the marking engine in Xerox products?

The Marking Engine performs copy/print paper feeding and transport, image marking, fusing, and document finishing. It comprises paper supply trays and feeders, paper transport, LED scanner, xerographics, and paper output and finishing. The marking engine is only accessible to the Controller via inter-chip communication with no other access and does not store user data.

What is the role of the controller in Xerox products?

The controller manages document processing using proprietary hardware and algorithms to process documents into high-quality electronic and/or printed reproductions. Documents may be temporarily buffered in RAM during processing. Some models may be equipped with additional storage options such as magnetic Hard Disk Drive (HDD), Solid State Disk (SSD), SD Card, or Flash media. The controller manages all network functions and services. It also handles all I/O communications with connected products.

What are the functions supported by the Front Panel USB (Type A) port(s) in Xerox products?

One or more USB ports may be located on the front of the product, near the user interface. Front USB ports may be enabled or disabled by a system administrator. The front USB port supports the following:

  • Walk-up users may insert a USB thumb drive to store or retrieve documents for scanning and/or printing from a FAT formatted USB device. The controller will only allow reading/writing of a limited set of known document types (such as DOC, PDF, PNG, JPEG, TIFF, etc.). Other file types including binary executables are not supported. Features that use the front USB ports (such as Scan To USB) can be disabled independently or restricted using role-based access controls.
  • Connection of optional equipment such as NFC or CAC readers.
  • Firmware updates may be submitted through the front USB ports. The product must be configured to allow local firmware updates, or the update will not be processed.

What functions are supported by the Rear USB (Type B) Target port in Xerox products?

A USB type B port located on the controller board at the rear of the product supports the following:

  • USB target connector used for printing.

This port can be disabled completely by a system administrator.

What is the function of the RJ-11 Analog Fax and Telephone connection in Xerox products?

The analog fax module connects to the controller. The fax connection supports the Fax Modem T.30 protocol only and will not accept data or voice communication attempts. An external (EXT) is available to connect an external handset. In this configuration, the FAX card acts as a passive relay.

What is the purpose of the Wireless Network Connector in Xerox products?

VersaLink® products accept an optional wireless module via a proprietary port. AltaLink® products accept an optional wireless kit that can be installed in the rear USB port.

What information is shared over NFC (Near Field Communications) in Xerox products?

Information shared over NFC includes: IPv4 Address, IPv6 Address, MAC Address, UUID (a unique identifier on the NFC client), and Fully qualified domain name.

What is the purpose of the Foreign Product Interface in Xerox products?

This port is used to connect optional equipment to control access to the machine. A typical application is a coin-operated product where a user must deposit money to enable the machine to print. The information available via the Foreign Product Interface is limited to optically-isolated pulses that can be used to count impressions marked on hardcopy sheets. No user data is transmitted to or from this interface.

How do Xerox products protect user data?

Xerox printers and multifunction products receive, process, and may optionally store user data from several sources including local print, scan, fax, or copy jobs or mobile and cloud applications. Xerox products protect user data being processed by employing strong encryption. When the data is no longer needed, the Image Overwrite (IIO) feature automatically erases and overwrites the data on magnetic media, rendering it unrecoverable. As an additional layer of protection, an extension of IIO called On-Demand Image Overwrite (ODIO) can be invoked to securely wipe all user data from magnetic media.

How is user data protected while within the product?

All user data being processed or stored to the product is encrypted by default. The algorithm used in the product is AES-256. The encryption key is automatically created at start up and stored in the RAM. The key is deleted by a power-off, due to the physical characteristics of the RAM. Some models include a Trusted Platform Module (TPM) that is compliant with ISO/IEC 11889 and used to securely hold the product storage encryption key.

What is Media Sanitization (Image Overwrite) in Xerox products?

AltaLink® and VersaLink® products equipped with magnetic hard disk drives are compliant with NIST Special Publication 800-88 Rev1: Guidelines for Media Sanitization. User data is securely erased using a three-pass algorithm. Immediate Image Overwrite (IIO), when enabled, overwrites any temporary files that were created on the magnetic hard disk that may contain user data. On-Demand Overwrite (ODIO) complements the Immediate Image Overwrite. While IIO overwrites individual files, ODIO overwrites entire partitions.

What security measures are in place for user data in transit?

In addition to supporting network-level encryption, including IPSec and WPA, Xerox products also support encryption of print job data at the time of submission. This can be used to securely transmit print jobs over unencrypted connections or to enhance existing network-level security controls. Protocols like IPPS (TLS) and HTTPS (TLS) are used for secure print job submission. The Xerox Global Print Driver® supports document encryption when submitting Secure Print jobs to enabled products.

What security features are available for scanning to network repositories, email, and fax servers?

AltaLink® and VersaLink® multifunction products support scanning of hardcopy documents to external network locations, including file repositories, email, and facsimile services. In addition to supporting network-level encryption, including IPSec and WPA, Xerox products support protocols like HTTPS (TLS) and SFTP (SSH). Email authentication, encryption, and signing are supported using S/MIME.

What security measures are in place for scanning to a user’s local USB storage product?

Scan data is transferred directly to the user’s USB product. Filesystem encryption of user products is not supported.

What security considerations apply to add-on apps like Cloud, Google, and Dropbox?

The Xerox App Gallery® contains several additional applications that extend the capabilities of Xerox products. Xerox Apps utilize the security framework provided by the 3rd party vendor. Consult documentation for individual Apps and 3rd party security for details.

What are the local data encryption standards for AltaLink® and VersaLink® devices?

Local Data Encryption (HDD, SDD, IC, SD Card): AES-256.

What print submission methods are supported by AltaLink® and VersaLink® devices?

The following print submission methods are supported:

  • IPPS (TLS)
  • HTTPS (TLS)
  • Xerox Print Stream Encryption

What scan to repository server methods are supported by AltaLink® and VersaLink® devices?

The following scan to repository server methods are supported:

  • HTTPS (TLS) 1.2
  • SFTP (SSH) SSH-2
  • SMB (unencrypted) v1, v2, v3
  • SMB (with share encryption enabled) V3
  • HTTP (unencrypted)
  • FTP (unencrypted)

What scan to fax server methods are supported by AltaLink® and VersaLink® devices?

The following scan to fax server methods are supported:

  • HTTPS (TLS) 1.2
  • SFTP (SSH) SSH-2
  • SMB (unencrypted) v1, v2, v3
  • SMB (with share encryption enabled) V3
  • S/MIME
  • HTTP (unencrypted)

What scan to email methods are supported by AltaLink® and VersaLink® devices?

The following scan to email methods are supported:

  • S/MIME
  • SMTP (unencrypted)

What is IPSec and how is it supported in Xerox products?

Internet Protocol Security (IPsec) is a network security protocol capable of providing encryption and authentication at the packet level. AltaLink® and VersaLink® products support IPSec for both IPv4 and IPv6 protocols.

What key exchange authentication methods are supported by AltaLink® and VersaLink® devices for IPSec?

The following key exchange authentication methods are supported:

  • Preshared Key & digital signature, device authentication certificate, server validation certificate
  • Preshared Key & digital signature

What security protocols are supported by AltaLink® and VersaLink® devices for IPSec?

The following security protocols are supported:

  • ESP & AH
  • ESP only

What ESP encryption methods are supported by AltaLink® and VersaLink® devices for IPSec?

The following ESP encryption methods are supported:

  • AES, 3DES, Null
  • AES, 3DES, DES

What ESP authentication methods are supported by AltaLink® and VersaLink® devices for IPSec?

The following ESP authentication methods are supported:

  • SHA1, SHA256, None

What versions of TLS (Transport Layer Security) do AltaLink® and VersaLink® products support?

AltaLink® and VersaLink® products support TLS versions 1.2, 1.1, and 1.0 for the Product Web Interface, Product Web Services, and Product IPPS printing. Remote control supports TLS 1.2.

What data is included in a digital certificate?

A digital certificate includes the following data:

  • Information about the owner of the certificate
  • The certificate serial number and expiration date
  • The name and digital signature of the certificate authority (CA) that issued the certificate
  • A public key
  • A purpose defining how the certificate and public key can be used

What types of certificates are there?

There are four types of certificates:

  • A Product Certificate is a certificate for which the printer has a private key. The purpose specified in the certificate allows it to be used to prove identity.
  • A CA Certificate is a certificate with authority to sign other certificates.
  • A Trusted Certificate is a self-signed certificate from another product that you want to trust.
  • A domain controller certificate is a self-signed certificate for a domain controller in your network. Domain controller certificates are used to verify the identity of a user when the user logs in to the product using a Smart Card.

What certificate lengths are supported by AltaLink® and VersaLink® devices?

AltaLink® and VersaLink® devices support certificate lengths of 1024 and 2048.

What supported hashes do AltaLink® and VersaLink® devices use?

The supported hashes are SHA1, SHA256, SHA384, SHA512.

What is S/MIME and what does it provide?

S/MIME (Secure/Multipurpose Internet Mail Extensions) provides Authentication, Message integrity, Non-repudiation, and encryption of email.

What versions of S/MIME are supported by AltaLink® and VersaLink® devices?

AltaLink® devices support S/MIME version v3, while VersaLink® devices support versions v2, v3, and v3.2.

What digest algorithms are supported by AltaLink® and VersaLink® devices for S/MIME?

AltaLink® devices support SHA1, SHA256, SHA384, and SHA512, while VersaLink® devices support MD5, SHA1, and SHA256.

What encryption algorithms are supported by AltaLink® and VersaLink® devices for S/MIME?

AltaLink® devices support 3DES, AES128, AES192, and AES256, while VersaLink® devices support 3DES, RC2, AES128, AES192, and AES256.

What security features does SNMPv3 provide?

SNMPv3 provides three important security features:

  • Message integrity to ensure that a packet has not been tampered with in transit
  • Authentication to verify that the message is from a valid source
  • Encryption of packets to prevent unauthorized access

What digest algorithms are supported by AltaLink® and VersaLink® devices for SNMPv3?

SHA1 and MD5.

What encryption algorithms are supported by AltaLink® and VersaLink® devices for SNMPv3?

DES and AES128.

How does 802.1x authentication work?

In 802.1X authentication, when the product is connected to the LAN port of Authenticator such as the switch, the Authentication Server authenticates the product, and the Authenticator controls access of the LAN port according to the authentication result. The product starts authentication processing at startup when the startup settings for 802.1X authentication are enabled.

What authentication methods are supported by AltaLink® and VersaLink® devices for 802.1x?

The following authentication methods are supported:

  • PSK, AES (CCMP)/TKIP, PEAPv0/MS-CHAPv2, EAP-TLS, EAP-TTLS/PAP, EAP-TTLS/MS-CHAPv2, EAP-TTLS/EAP-TLS
  • MD5, MS-CHAPv2, PEAP/MS-CHAPv2, EAP-TLS

What is Cisco Identity Services Engine (ISE)?

Cisco ISE is an intelligent security policy enforcement platform that mitigates security risks by providing a complete view of which users and what products are being connected across the entire network infrastructure. It also provides control over what users can access your network and where they can go.

What controls and monitoring of Xerox products does Cisco ISE allow you to deploy?

Cisco ISE allows you to deploy the following controls and monitoring of Xerox products:

  • Automatically provision and grant network access rights to printers and MFPs to prevent inappropriate access (including automatically tracking new printing products connecting to the network)
    • Block non-printers from connecting on ports assigned to printers
    • Prevent impersonation (aka spoofing) of a printer/MFP
    • Automatically prevent connection of non-approved print products
    • Smart rules-based policies to govern user interaction with network printing products
  • Provide simplified implementation of security policies for printers and MFPs by:
    • Providing real-time policy violation alerts and logging
    • Enforcing network segmentation policy
    • Isolating the printing products to prevent general access to printers and MFPs in restricted areas
  • Automated access to policy enforcement
  • Provide extensive reporting of printing product network activity

What is Contextual Endpoint Connection Management?

Connectivity of AltaLink® and VersaLink® devices can be fully managed contextually by Cisco TrustSec. TrustSec uses Security Group Tags (SGT) that are associated with an endpoint’s user, device, and location attributes. SG-ACLs can also block unwanted traffic so that malicious reconnaissance activities and even remote exploitation from malware can be effectively prevented.

What happens when FIPS140-2 Compliance Validation is enabled?

When enabled, the product will validate its current configuration to identify cryptographic modules in use. Modules which are not FIPS 140-2 (Level 1) compliant will be reported.

What endpoint firewall options are available for AltaLink® and VersaLink® devices?

The following endpoint firewall options are available:

  • Firewall
  • Stateful Packet Filter
  • IP Whitelisting

What is IP Whitelisting (IP Address Filtering)?

When enabled all traffic is prohibited regardless of interface (wired/wireless) unless enabled by IP filter rule. IPv4 and IPv6 are enabled separately. If IP Filter and IPsec are both enabled, IPsec is evaluated first. Up to 25 addresses can be enabled for IPv4 and an additional 25 for IPv6. Addresses include IP and subnet allowing individual system or subnets to be enabled. A system administrator can disable this feature using the embedded web server.

What security controls are in place for Xerox devices?

AltaLink® and VersaLink® products have robust security features that are designed to protect the system from a wide range of threats. Some of the key security controls include:

  • Pre-Boot BIOS Protection: The BIOS is inaccessible and can only be modified by a digitally signed firmware update.
  • Embedded Encryption: Configuration settings and user data are encrypted using AES with a unique key for each device.
  • Firmware Integrity & Verification: Firmware is digitally signed and verified against a whitelist using cryptographic hashing.
  • Runtime Intrusion Prevention & Detection: McAfee Embedded Control prevents unauthorized software from executing and protects running processes from malicious attempts.
  • Event Monitoring & Logging: The Audit Log feature records security-related events.
  • Firmware and Diagnostic Security Controls: Firmware installation controls limit who can install firmware and from where.

What does “Fail Secure” mean in the context of AltaLink® and VersaLink® products?

AltaLink® and VersaLink® products are designed to fail secure. When a security control is compromised, the control is no longer trustworthy, and a system is at risk of further compromise. In such a scenario, security products may either fail safe [open] or fail secure [closed].

How is the BIOS protected in AltaLink® and VersaLink® products?

The BIOS used in AltaLink® and VersaLink® products is embedded and cannot be accessed directly. AltaLink® and VersaLink® products do not offer a method to clear or reset the BIOS using a reset button. BIOS updates are applied by device firmware updates, which are protected from tampering by use of digital signatures.

How is firmware integrity ensured in AltaLink® and VersaLink® products?

Firmware updates use a special format and each firmware update is digitally signed to protect the integrity of the contents. Firmware that is corrupt or has been illicitly modified will be rejected. AltaLink® and VersaLink® products include a built-in firmware software validation that compares the security hashes of currently installed firmware to a secured whitelist that was installed when the signed firmware was installed.

What runtime security measures are implemented in AltaLink® devices?

Each AltaLink® device comes with McAfee Embedded Control built-in and enabled by default. McAfee Embedded Control prevents unauthorized code from executing by using a whitelist of executable programs. Memory control monitors memory and running processes, detecting and preventing unauthorized code from being injected into a running process.

What information is contained in the Audit Log?

The Audit Log contains the following information:

  • Index: A unique value that identifies the event.
  • Date: The date that the event happened in mm/dd/yy format.
  • Time: The time that the event happened in hh:mm:ss format.
  • ID: The type of event. The number corresponds to a unique description.
  • Description: An abbreviated description of the type of event.
  • Additional Details: Other information about the event, such as User Name, Job Name, Computer Name, Printer Name, Folder Name, or Accounting Account ID.

What firmware restrictions are in place?

Supported firmware delivery methods and applicable access controls include:

  • Local Firmware Upgrade via USB port: Can be restricted by enabling the Customer Service Engineer Restriction feature, requiring entry of a unique, customer-designated password.
  • Network Firmware Update: Restricted to roles with system administrator or Xerox service permissions and can be disabled by a system administrator.
  • Xerox Remote Services Firmware Update: Can be disabled, scheduled, and includes optional email alerts for system administrators.

What is the CSE (Customer Service Engineer) Access Restriction?

The CSE (Customer Service Engineer) Access Restriction allows customers to create an additional password that is independent of existing administrator passwords. This password must be supplied to allow service of the product and is not accessible to Xerox support.

How are Xerox products serviced?

Xerox products are serviced by a tool referred to as the Portable Service Workstation (PWS). Only Xerox authorized service technicians are granted access to the PSW. Customer documents or files cannot be accessed during a diagnostic session, nor are network servers accessible through this port.

What is the purpose of clone files in Xerox products?

Certain system settings can be captured in a ‘clone’ file that may be applied to other systems that are the same model. Access to both create and apply a clone file can be restricted using role-based access controls. Clone files can only be created and applied through the Embedded Web Server.

What is the Xerox Extensible Interface Platform (EIP)?

Xerox products can offer additional functionality through the Xerox Extensible Interface Platform (EIP). Third party vendors can create Apps that extend the functionality of a product. Xerox signs EIP applications that are developed by Xerox or Xerox partners. Products can be configured to prevent installation of unauthorized EIP applications.

What is the eXtensible Customizable Platform (XCP)?

VersaLink® products offer additional functionality through the eXtensible Customizable Platform (XCP) plug-in interface. Plug-ins can alter current functionality and add new functionality that may impact the security of the product. XCP Plug-ins are signed and encrypted by Xerox; products can be configured to reject unsigned plug-ins.

What solutions are available for configuration and security policy management?

Xerox Device Manager and Xerox CentreWare® Web centrally manage Xerox Devices. AltaLink® products come with McAfee built-in and can be managed with McAfee ePO™.

What authentication modes do AltaLink® and VersaLink® devices support?

AltaLink® and VersaLink® devices support the following authentication modes:

  • Local Authentication
  • Network Authentication
  • Smart Card Authentication (CAC, PIV, SIPR, .Net)
  • Convenience Authentication

What password policy attributes can be configured?

The following password attributes can be configured:

  • Minimum Length
  • Maximum Length
  • Password cannot contain User Name
  • Password complexity options

What network authentication providers are supported by AltaLink® and VersaLink® devices?

The following network authentication providers are supported:

  • Kerberos (Microsoft Active Directory)
  • Kerberos (MIT)
  • SMB NTLM Versions
  • LDAP Versions

What types of Smart Cards are supported by AltaLink® and VersaLink® devices?

The following types of Smart Cards are supported:

  • Common Access Card (CAC)
  • PIV / PIV II
  • Net (Gemalto .Net v1, Gemalto .Net v2)
  • Gemalto MD

Where can I find the latest security information pertaining to Xerox products?

Xerox maintains an evergreen public web page that contains the latest security information pertaining to its products. Please see http://www.xerox.com/security.

What is the Xerox Vulnerability Management and Disclosure Policy?

Xerox has created a document which details the Xerox Vulnerability Management and Disclosure Policy used in discovery and remediation of vulnerabilities in Xerox software and hardware. It can be downloaded from this page: http://www.xerox.com/information-security/information-security-articles-whitepapers/enus.html.

What non-volatile storage is present in the controller of VersaLink® products B400, B405?

The controller non-volatile storage includes IC and optional HDD. The IC is required and the HDD is optional. The non-volatile storage contains user data, such as print, scan, and fax data. Encryption support is always-on. NIST 800-171 Overwrite Support is available. It also contains configuration settings. Encryption support is always-on. It can be erased by performing a factory reset. IC stands for Integrated Circuit, HDD stands for Magnetic Hard Disk Drive, SSD stands for Solid State Disk and SD Card stands for Secure Digital Card.

What volatile memory is present in the controller of VersaLink® products B400, B405?

The controller volatile memory has a size of 2GB DDR3 DRAM. It is used for executable code, printer control data, and temporary storage of job data. It contains user data. To clear the volatile memory, power off the system. The controller operating system memory manager allocates memory dynamically between OS, running processes, and temporary data which includes jobs in process. When a job is complete, the memory pages in use are freed and reallocated as required by the OS.

What non-volatile storage is present in the marking engine of VersaLink® products B400, B405?

The marking engine does not contain any non-volatile storage.

What volatile memory is present in the marking engine of VersaLink® products B400, B405?

The marking engine volatile memory does not store or process user data.

What security-related interfaces are available on VersaLink® products B400, B405?

The security related interfaces include:

  • Ethernet 10/100/1000 MB Ethernet interface.
  • Optional Wi-Fi Dongle: Supports optional 802.11 Dongle.
  • Rear USB 3.0 (Type B): USB target connector used for printing. This port can be disabled completely by a system administrator.
  • Front Panel Optional USB 2.0 (Type A) port(s): Users may insert a USB thumb drive to print from or store scanned files to (Physical security of this information is the responsibility of the user or operator.) Features that leverage USB ports (such as Scan To USB) can be disabled independently or restricted using role based access controls. Firmware upgrades may be applied using this port. Connection of optional equipment such as NFC or CAC readers. This port can be disabled completely by a system administrator.

What encryption and overwrite options are available for VersaLink® products B400, B405?

  • Encryption: AES-256
  • TPM Chip: TPM chip is standard and cannot be disabled.
  • Media Sanitization: Immediate and On-Demand Image Overwrite.

What non-volatile storage is present in the controller of VersaLink® products C400, C405?

The controller non-volatile storage includes IC and optional HDD. The IC is required and the HDD is optional. The non-volatile storage contains user data, such as print, scan, and fax data. Encryption support is always-on. NIST 800-171 Overwrite Support is available. It also contains configuration settings. Encryption support is always-on. It can be erased by performing a factory reset. IC stands for Integrated Circuit, HDD stands for Magnetic Hard Disk Drive, SSD stands for Solid State Disk and SD Card stands for Secure Digital Card.

What volatile memory is present in the controller of VersaLink® products C400, C405?

The controller volatile memory has a size of 2GB DDR3 DRAM. It is used for executable code, printer control data, and temporary storage of job data. It contains user data. To clear the volatile memory, power off the system. The controller operating system memory manager allocates memory dynamically between OS, running processes, and temporary data which includes jobs in process. When a job is complete, the memory pages in use are freed and reallocated as required by the OS.

What non-volatile storage is present in the marking engine of VersaLink® products C400, C405?

The marking engine does not contain any non-volatile storage.

What volatile memory is present in the marking engine of VersaLink® products C400, C405?

The marking engine volatile memory does not store or process user data.

What security-related interfaces are available on VersaLink® products C400, C405?

The security related interfaces include:

  • Ethernet 10/100/1000 MB Ethernet interface.
  • Optional Wi-Fi Dongle: Supports optional 802.11 Dongle.
  • Rear USB 3.0 (Type B): USB target connector used for printing. This port can be disabled completely by a system administrator.
  • Front Panel Optional USB 2.0 (Type A) port(s): Users may insert a USB thumb drive to print from or store scanned files to (Physical security of this information is the responsibility of the user or operator.) Features that leverage USB ports (such as Scan To USB) can be disabled independently or restricted using role based access controls. Firmware upgrades may be applied using this port. Connection of optional equipment such as NFC or CAC readers. This port can be disabled completely by a system administrator.

What encryption and overwrite options are available for VersaLink® products C400, C405?

  • Encryption: AES-256
  • TPM Chip: TPM chip is standard and cannot be disabled.
  • Media Sanitization: Immediate and On-Demand Image Overwrite.

What non-volatile storage is present in the controller of VersaLink® products C500, C600, C505, C605?

The controller non-volatile storage includes IC and optional HDD. The IC is required and the HDD is optional. The non-volatile storage contains user data, such as print, scan, and fax data. Encryption support is always-on. NIST 800-171 Overwrite Support is available. It also contains configuration settings. Encryption support is always-on. It can be erased by performing a factory reset. IC stands for Integrated Circuit, soldered to circuit board HDD stands for Magnetic Hard Disk Drive, SSD stands for Solid State Disk and SD Card stands for Secure Digital Card.

What volatile memory is present in the controller of VersaLink® products C500, C600, C505, C605?

The controller volatile memory has a size of 2/4GB DDR3 DRAM. It is used for executable code, printer control data, and temporary storage of job data. It contains user data. To clear the volatile memory, power off the system. The controller operating system memory manager allocates memory dynamically between OS, running processes, and temporary data which includes jobs in process. When a job is complete, the memory pages in use are freed and reallocated as required by the OS.

What non-volatile storage is present in the marking engine of VersaLink® products C500, C600, C505, C605?

The marking engine does not contain any non-volatile storage.

What volatile memory is present in the marking engine of VersaLink® products C500, C600, C505, C605?

The marking engine volatile memory does not store or process user data.

What security-related interfaces are available on VersaLink® products C500, C600, C505, C605?

The security related interfaces include:

  • Ethernet 10/100/1000 MB Ethernet interface.
  • Optional Wi-Fi Dongle: Supports optional 802.11 Dongle.
  • Rear USB 3.0 (Type B): USB target connector used for printing. This port can be disabled completely by a system administrator.
  • Front Panel Optional USB 2.0 (Type A) port(s): Users may insert a USB thumb drive to print from or store scanned files to (Physical security of this information is the responsibility of the user or operator.) Features that leverage USB ports (such as Scan To USB) can be disabled independently or restricted using role based access controls. Firmware upgrades may be applied using this port. Connection of optional equipment such as NFC or CAC readers. This port can be disabled completely by a system administrator.

What encryption and overwrite options are available for VersaLink® products C500, C600, C505, C605?

  • Encryption: AES-256
  • TPM Chip: TPM chip is standard and cannot be disabled.
  • Media Sanitization: Immediate and On-Demand Image Overwrite.

What non-volatile storage is present in the controller of VersaLink® products B600, B605, B610, B615?

The controller non-volatile storage includes IC and optional HDD. The IC is required and the HDD is optional. The non-volatile storage contains user data, such as print, scan, and fax data. Encryption support is always-on. NIST 800-171 Overwrite Support is available. It also contains configuration settings. Encryption support is always-on. It can be erased by performing a factory reset. IC stands for Integrated Circuit, soldered to circuit board HDD stands for Magnetic Hard Disk Drive, SSD stands for Solid State Disk and SD Card stands for Secure Digital Card.

What volatile memory is present in the controller of VersaLink® products B600, B605, B610, B615?

The controller volatile memory has a size of 2GB DDR3 DRAM. It is used for executable code, printer control data, and temporary storage of job data. It contains user data. To clear the volatile memory, power off the system. The controller operating system memory manager allocates memory dynamically between OS, running processes, and temporary data which includes jobs in process. When a job is complete, the memory pages in use are freed and reallocated as required by the OS.

What non-volatile storage is present in the marking engine of VersaLink® products B600, B605, B610, B615?

The marking engine does not contain any non-volatile storage.

What volatile memory is present in the marking engine of VersaLink® products B600, B605, B610, B615?

The marking engine volatile memory does not store or process user data.

What security-related interfaces are available on VersaLink® products B600, B605, B610, B615?

The security related interfaces include:

  • Ethernet 10/100/1000 MB Ethernet interface.
  • Optional Wi-Fi Dongle: Supports optional 802.11 Dongle.
  • Rear USB 3.0 (Type B): USB target connector used for printing. This port can be disabled completely by a system administrator.
  • Front Panel Optional USB 2.0 (Type A) port(s): Users may insert a USB thumb drive to print from or store scanned files to (Physical security of this information is the responsibility of the user or operator.) Features that leverage USB ports (such as Scan To USB) can be disabled independently or restricted using role based access controls. Firmware upgrades may be applied using this port. Connection of optional equipment such as NFC or CAC readers. This port can be disabled completely by a system administrator.

What encryption and overwrite options are available for VersaLink® products B600, B605, B610, B615?

  • Encryption: AES-256
  • TPM Chip: TPM chip is standard and cannot be disabled.
  • Media Sanitization: Immediate and On-Demand Image Overwrite.

What non-volatile storage is present in the controller of VersaLink® products C8000, C9000?

The controller non-volatile storage includes N/A, optional HDD, N/A, and Required SD Card. It contains user data (e.g. Print, Scan, Fax). Encryption Support is Always-On for HDD and SD Card. NIST 800-171 Overwrite Support is available for HDD. It contains configuration settings. Encryption Support is Always-On for HDD and SD Card. Customer Erasable via Factory Reset.

What volatile memory is present in the controller of VersaLink® products C8000, C9000?

The controller volatile memory has a size of 4GB DDR3 DRAM. It is used for executable code, printer control data, temporary storage of job data and contains user data. It can be cleared by powering off the system. When a job is complete, the memory pages in use are freed and reallocated as required by the OS.

What non-volatile storage is present in the marking engine of VersaLink® products C8000, C9000?

The marking engine does not contain any non-volatile storage.

What volatile memory is present in the marking engine of VersaLink® products C8000, C9000?

The marking engine volatile memory does not store or process user data.

What security-related interfaces are available on VersaLink® products C8000, C9000?

The security related interfaces include:

  • Ethernet 10/100/1000 MB Ethernet interface.
  • Optional Wi-Fi Dongle: Supports optional 802.11 Dongle.
  • Rear USB 3.0 (Type B): USB target connector used for printing. This port can be disabled completely by a system administrator.
  • Front Panel Optional USB 2.0 (Type A) port(s): Users may insert a USB thumb drive to print from or store scanned files to (Physical security of this information is the responsibility of the user or operator.) Features that leverage USB ports (such as Scan To USB) can be disabled independently or restricted using role based access controls. Firmware upgrades may be applied using this port. Connection of optional equipment such as NFC or CAC readers. This port can be disabled completely by a system administrator.
  • Product Service Port: Used only by Xerox service technicians. Port is covered by a metal plate.

What encryption and overwrite options are available for VersaLink® products C8000, C9000?

  • Encryption: AES-256
  • TPM Chip: TPM chip is standard and cannot be disabled.
  • Media Sanitization: Immediate and On-Demand Image Overwrite.

What security events are logged by Xerox AltaLink® and VersaLink® devices?

The Xerox AltaLink® Security Events include:

  • System startup: Includes device name and serial number.
  • System shutdown: Includes device name and serial number.
  • Manual ODIO Standard started: Includes device name and serial number.
  • Manual ODIO Standard complete: Includes device name, serial number, and overwrite status.
  • Print job: Includes job name, user name, completion status, IIO status, accounting user ID, accounting account ID.
  • Network scan job: Includes job name, user name, completion status, IIO status, accounting user ID, accounting account ID, total-number-net-destination, and net-destination.
  • Server fax job: Includes job name, user name, completion status, IIO status, accounting user ID, accounting account ID, total-fax-recipient-phone-numbers, fax-recipient-phone-numbers, and net-destination.
  • IFAX: Includes job name, user name, completion status, IIO status, accounting user ID, accounting account ID, total-number-of-smtp-recipients, and smtp-recipients.
  • Email job: Includes job name, user name, completion status, IIO status, accounting user ID, accounting account ID, total-number-of-smtp-recipients, and smtp-recipients.
  • Audit Log Disabled: Includes device name and serial number.
  • Audit Log Enabled: Includes device name and serial number.
  • Copy: Includes job name, user name, completion status, IIO status, accounting user ID, accounting account ID, total-fax-recipient-phone-numbers, and fax-recipient-phone-numbers.
  • Efax: Includes job name, user name, completion status, IIO status, accounting user ID, accounting account ID, total-fax-recipient-phone-numbers, and fax-recipient-phone-numbers.
  • Lan Fax Job: Includes job name, user name, completion status, IIO status, accounting user ID, accounting account ID, total-fax-recipient-phone-numbers, and fax-recipient-phone-numbers.
  • Data Encryption enabled: Includes device name and serial number.
  • Manual ODIO Full started: Includes device name and serial number.
  • Manual ODIO Full complete: Includes device name, serial number, and overwrite status.
  • Data Encryption disabled: Includes device name and serial number.
  • Scan to Mailbox job: Includes job name or directory name, user name, completion status, and IIO status.
  • Delete File/Dir: Includes job name or directory name, user name, and completion status, IIO status.
  • Scan to Home: Includes user name, device name, serial number, and completion status (Enabled/Disabled).
  • Scan to Home job: Includes job name or directory name, user name, completion status (Normal/Error), IIO status, accounting user ID-Name, accounting account ID-Name, total-number-net-destination, and net-destination.
  • Copy store job: Includes job name or directory name, user name, completion status (Normal/Error), and IIO status.
  • PagePack login: Includes device name, serial number, completion status (Success, Failed, Locked out), and time remaining for next attempt.
  • Postscript Passwords: Includes device name, serial number, startup mode (enabled/disabled), system params password changed, and start job password changed.
  • Network User Login: Includes user name, device name, serial number, and completion status (Success, Failed).
  • SA login: Includes user name, device name, serial number, and completion status (Success or Failed).
  • User Login: Includes user name, device name, serial number, and completion status (Success or Failed).
  • Service Login: Includes service name, device name, serial number, and completion status (Success or Failed).
  • Audit log download: Includes user name, device name, serial number, and completion status (Success or Failed).
  • IIO feature status: Includes user name, device name, serial number, and IIO status (enabled or disabled).
  • SA pin changed: Includes user name, device name, and serial number, completion status.
  • Audit log Saved: Includes user name, device name, and serial number, completion status.
  • SSL: Includes user name, device name, serial number, and completion status (Enabled/Disabled/Terminated).
  • X509 certificate: Includes user name, device name, serial number, and completion status (Created/uploaded/Downloaded).
  • IP sec Enable/Disable/Configure: Includes user name, device name, serial number, and completion status (Configured/enabled/disabled/Terminated).
  • SNMPv3: Includes user name, device name, serial number, and completion status (Configured/enabled/disabled).
  • IP Filtering Rules: Includes user name, device name, serial number, and completion status (Configured/enabled/disabled).
  • Network Authentication Enable/Disable/Configure: Includes user name, device name, serial number, and completion status (Enabled/Disabled).
  • Device clock: Includes user name, device name, serial number, and completion status (time changed/date changed).
  • SW upgrade: Includes device name, serial number, and completion status (Success, Failed).
  • Cloning: Includes device name, serial number, and completion status (Success, Failed).
  • Scan Metadata Validation: Includes device name, serial number, and completion status (Metadata Validation Success or Failed).
  • Xerox Secure Access Enable/Disable/Configure: Includes device name, serial number, and completion status (Configured/enabled/disabled).
  • Service login copy mode: Includes service name, device name, serial number, and completion status (Success, Failed).
  • Smartcard (CAC/PIV) access: Includes user name, device name, serial number, and process name.
  • Process terminated: Includes device name, serial number, and process name.
  • ODIO scheduled: Includes device name, serial number, ODIO type (Full or Standard), scheduled time, ODIO status (Started/Completed/canceled), and completion status (Success/Failed/Canceled).
  • CPSR Backup: Includes file name, user name, completion status (Normal / Error) and IIO Status.
  • CPSR Restore: Includes file name, user name, completion status (Normal / Error) and IIO Status.
  • SA Tools Access: Includes Admin Device serial number and Completion Status (Locked/Unlocked).
  • Session Timer Logout: Includes Device Name, Device Serial Number, Interface (Web, LUI), User Name, and Session IP (if available).
  • Session Timer Interval Change: Includes Device Name, Device Serial Number, Interface (Web, LUI), User Name, Session IP (if available) and Completion Status.
  • Feature Access Control: Includes User Name, Device Name, Device Serial Number, Completion Status (Enabled/Disabled/Configured), Interface (Web, Local, CAC, SNMP) and Session IP address (if available).
  • Device Clock NTP Enable/Disable: Includes Device Name, Device serial number, Enable/Disable NTP, NTP Server IP Address and Completion Status (Success/Failed).
  • Grant / Revoke Admin: Includes Device Name, Device Serial Number, User Name, Grant or Revoke and Completion Status (Success/Failed).
  • Smartcard (CAC/PIV) Enable/Disable/Configure: Includes UserName, Device Name, Device Serial Number and Completion Status (Success/Failed).
  • IPv6 Enable/Disable/Configure: Includes UserName Device Name Device Serial Number and Completion Status (Success/Failed).
  • 802.1x Enable/Disable/Configure: Includes UserName Device Name Device Serial Number and Completion Status (Success/Failed).
  • Abnormal System Termination: Includes Device Name and Device Serial Number.
  • Local Authentication: Includes UserName Device Name Device Serial Number and Completion Status (Enabled/Disabled).
  • Web User Interface Authentication: Includes UserName Device Name Device Serial Number and Authentication Method Enabled (Network/Local).
  • FIPS Mode Enable/Disable/Configure: Includes User Name Device name Device Serial Number Enable/Disable/Configure.
  • Xerox Secure Access Login: Includes User Name Device Name Device Serial Number and Completion Status (Success/Failed).
  • Print from USB Enable/Disable: Includes User Name Device Name Device Serial Number and Completion Status (Enabled/Disabled).
  • USB Port Enable/Disable: Includes User Name Device Name Device Serial Number, USB Port (Front/Rear) and Completion Status (Enabled/Disabled).
  • Scan to USB Enable/Disable: Includes User Name Device Name Device Serial Number and Completion Status (Enabled/Disabled).
  • System Log Download: Includes Username, IP of requesting device (if available), File names downloaded, Destination (IP address or USB device) and Completion status (Success/failed).
  • Scan to USB Job: Includes Job Name, User Name, Completion Status, IIO Status, Accounting User ID-Name and Accounting Account ID-Name.
  • Remote UI feature: Includes User Name, Device Name, Device Serial Number and Completion Status (Enabled/Disabled/Configured).
  • Remote UI session: Includes User Name, Device Name, Device Serial Number, Completion Status (Initiated/Terminated) and Remote Client IP Address.
  • Remote Scan Feature Enable/Disable: Includes User Name, Device Name, Device Serial Number and Competion Status (Enable/Disable).
  • Remote Scan Job Submitted: Includes UserName, IP address of submitting client, Device name, Device serial number, Job name and Completion status.
  • Scan to Web Service Job: Includes Job name, UserName, Accounting User ID-Name, Accounting Account ID-Name, Completion status and Destination.
  • SMTP Connection Encryption: Includes User Name, Device name, Device serial number and Completion Status.
  • Email Domain Filtering Rule: Includes User name, Device Name, Device Serial Number and Completion Status.
  • Software Self Test Started: Includes Device Name and Device Serial Number.
  • Software Self Test Complete: Includes Device Name, Device Serial Number and Completion Status.
  • McAfee Security State: Includes UserName, Device name, Device serial number, Security Mode and Completion Status.
  • McAfee Security Event: Includes Device name, Device serial number, Type and McAfee message text.
  • McAfee Agent: Includes User name, Device name, Device serial number and Completion Status.
  • Digital Certificate Import Failure: Includes Device name and Device serial number.
  • User Name Add/Delete: Includes Device serial number.
  • User Name Password Change: Includes Security Mode.
  • EFax Job Secure Print Passcode: Includes UserName, Device name, Device serial number and Completion Status.
  • Scan2Mailbox Folder Password Change: Includes UserName, Device name, Device serial number, Folder Name and Completion Status.
  • EFax Mailbox Passcode: Includes UserName, Device name, Device serial number and Completion Status.
  • FTP/SFTP Filing Passive Mode: Includes User Name, Device Name, Device Serial Number and Completion Status.
  • EFax Forwarding Rule: Includes User Name, Device Name, Device Serial Number, Fax Line and Completion Status.
  • EIP Weblets Allow Install: Includes UserName, Device name, Device serial number and Completion Status.
  • EIP Weblets Install: Includes UserName, Device name, Device serial number, Weblet Name, Action and Completion.
  • EIP Weblets Enable / Disable: Includes UserName, Device name, Device serial number, Weblet Name and Completion Status.
  • Network Connectivity Enable / Disable: Includes UserName, Device name, Device serial number and Completion Status.
  • Address Book Permissions: Includes UserName, Machine Name and Machine serial number and Completion Status.
  • Address Book Export: Includes UserName, Machine Name and Machine serial number.
  • SW upgrade enable / disable: Includes UserName, Device name, Device serial number and Completion Status.
  • Supplies Plan Activation: Includes Device name, Device serial number and Completion Status.
  • Plan Conversion: Includes Device name, Device serial number and Completion Status.
  • IPv4 Enable/Disable/Configure: Includes UserName, Device name, Device serial number and Completion Status.
  • SA PIN Reset: Includes Device serial number and Completion Status.
  • Convenience Authentication Login: Includes UserName, Device name, Device serial number and Completion Status.
  • Convenience Authentication Enable/Disable/Configure: Includes UserName, Device name, Device serial number and Completion Status.
  • Efax Passcode Length: Includes UserName, Device name, Device serial number and Completion Status.
  • Custom Authentication Login: Includes UserName, Device name, Device serial number and Completion Status.
  • Custom Authentication Enable/Disable/Configure: Includes UserName, Device name, Device serial number and Completion Status.
  • Billing Impression Mode: Includes UserName, Device name, Device serial number, Mode Set to and Completion Status.
  • Airprint Enable/Disable/Configure: Includes UserName, Device name, Device serial number and Completion Status.
  • Device cloning enable / disable: Includes UserName, Device name, Device serial number and Completion Status.
  • Save for reprint job: Includes UserName, Device name, Device serial number and Completion Status.
  • Web UI Access/Configure: Includes UserName, Device name, Device serial number and Completion Status.
  • System log push to Xerox: Includes Username, Server destination URL, Log identifier string and Completion Status.
  • Scan to WebDAV Job: Includes Job name, User Name, Completion Status, IIO status, Accounting User ID-Name, Accounting Account ID-Name and WebDAV destination.
  • Mopria Print enable / disable: Includes UserName, Device name, Device serial number and Completion Status.
  • PoS credit card API enable / disable: Includes UserName, Device name, Device serial number and Completion Status.
  • PoS CC data transfer data transfer: Includes Job name or number, Machine Name, Machine serial number, Destination server and Completion status.
  • Invalid Login Attempt Lockout: Includes Device name, Device serial number and Interface and Session IP Address if available.
  • Protocol audit Log enable/Disable: Includes UserName, Device Name, Device serial number and Completion Status.
  • Display Device information configure: Includes UserName, Device Name, Device serial number and Completion Status.
  • Invalid Login Lockout Expires: Includes Device name, Device serial number, Interface, Session IP Address if available and Count of invalid attempts.
  • Erase Customer Data: Includes Device serial number and Success / Failed.
  • Audit log SFTP scheduled Configure: Includes UserName Device Name Device serial number and Completion status.
  • Audit Log SFTP Transfer: Includes UserName Device Name Device serial number, Destination server and Completion Status.
  • Remote Software Download Enable Disable: Includes UserName Device name Device serial number and Completion Status.
  • Airprint & Mopria Scanning Enable/Disable/Configure: Includes UserName Device Name Device serial number and Completion Status.
  • Airprint & Mopria Scan Job Submitted: Includes Job name, UserName, IP address of submitting client, Device name, Device serial number and Completion status.
  • Airprint & Mopria Scan Job Completed: Includes Job name, UserName and Completion status.
  • Remote Services NVM Write: Includes Device Name Device Serial and Completion Status.
  • Remote Services FIK Install: Includes Device Name Device Serial, Completion Status and User-readable names for the features being installed.
  • Remote Services Data Push: Includes Device Name Device Serial and Completion Status.
  • Remote Services: Includes User Name, Device Name, Device Serial and Status.
  • Restore enable/disable: Includes User Name Device name Device serial number and Completion status.
  • Backup-Restore file downloaded: Includes File Name, User Name, Interface, IP Address of the destination and Completion Status.
  • Backup-Restore restore installed: Includes File Name, User name, Device name, Device IP address, Interface and Completion Status.
  • Google Cloud Services: Includes User name, Device name, Device serial number and Completion Status.
  • User or Group Role Assignment: Includes User name, Device name, Device serial number, User or group name, Role name and Action.
  • User Permission Role: Includes User name, Device name, Device serial number, Role name and Completion status.
  • Admin Password Policy Configure: Includes User name, Device name and Device serial number.
  • Local user account password policy: Includes User name, Device name and Device serial number.
  • Restricted admin login: Includes User name, Device name, Device serial number and Completion status.
  • Grant / revoke restricted admin rights: Includes User name, Device name, Device serial number, User name and Action.
  • Manual session logout: Includes Device Name, Device Serial Number, Interface, User Name and Session IP.
  • IPP Enable/Disable/Configure: Includes User name Device name Device serial number and Completion status.
  • HTTP Proxy Server Enable/Disable/Configure: Includes User name Device name Device serial number and Completion status.
  • Remote Services Software Download: Includes Device Name Device Serial number and File Name.
  • Restricted Admin Permission Role: Includes User name Device name Device serial number, Restricted admin role name and Completion status.
  • EIP Weblet Installation Security Policy: Includes User name Device name Device serial number and Policy.
  • Send Engineering Logs on Data Push: Includes User name, Device name, Device serial number and Current setting.
  • Allow the Print Submission of Clone Files: Includes UserName Device name Device serial number and Completion status.
  • Network Troubleshooting Start, Stop: Includes User name Device Name Device Serial Number and Completion Status.
  • Network Troubleshooting Data Download: Includes User name, File name, Device Name, Device Serial Number, Destination and Completion Status.
  • dns-sd text file download: Includes User name, File name, Device Name, Device Serial Number, Destination and Completion Status.
  • One-Touch App Management: Includes User Name, Device name, Device serial number, Onetouch application, Display Name, Action and Completion.

CLICK HERE TO DOWNLOAD XEROX VERSALINK B7030 (02) PDF MANUAL

Visitors also searched:

  1. XEROX VERSALINK C600 (01) PDF MANUAL
  2. XEROX VERSALINK C605 (01) PDF MANUAL
  3. XEROX VERSALINK C7130 (01) PDF MANUAL
  4. XEROX VERSALINK B405 (01) PDF MANUAL
  5. XEROX VERSALINK B7035 (02) PDF MANUAL
  6. XEROX VERSALINK B600 (02) PDF MANUAL
  7. XEROX VERSALINK C400 (02) PDF MANUAL
  8. XEROX VERSALINK C405 (01) PDF MANUAL
  9. XEROX VERSALINK C7000 (01) PDF MANUAL
  10. XEROX VERSALINK C8000 (01) PDF MANUAL

Leave comments, questions, reviews, tips, tricks, hacks or page errors below. Account not required.