Operation Manual, Data Security Kit Notice
Table Of Contents
- Use in Advanced Security Mode
- CA Certificate Management Function
- Response when various operation is executed
- Powering ON of the machine
- Powering OFF of the machine
- User Authentication
- Printing with the Printer Driver
- Copy
- Scan Sending (E-mail, File Server)
- Fax Sending
- Fax Receiving
- Document Filing
- Display of Job Status
- Stopping/Deleting of Job in Job Queue
- Addition/Change of User for Internal Authentication
- Deletion of User for Internal Authentication
- Addition/Change of Authority Group
- Return Authority Group to Factory Default State
- Addition/Change of Address Book
- Deletion of Address Book
- Change of Date/Time
- Creation of Device Certificate
- Deletion of Device Certificate
- Creation of Certificate Signing Request (CSR)
- Deletion of Certificate Signing Request (CSR)
- Installation of Public Key Certificate
- Selection of Device Certificate
- Removal of Device Certificate
- Change of Minimum Password Length
- Change of Identification and Authentication Method
- Setting of Automatic Logout Time
- Setting of Audit Log Sending Destination
- Addition/Change of LDAP Server
- Setting of IP Address
- Setting of E-mail Sending Server
- Import of Certificate Authority certificate
- Deletion of Certificate Authority certificate
- Query of Firmware Version
- Firmware Update
- Initialize Private Data/Data in Machine
2
Procedure before operation
● Changing into the Advanced Security Mode should be
performed by the administrator.
● It is better to change into the Advanced Security
Mode before putting the machine with the data
security kit installed into operation than after.
● If you change the machine which has already been in
use into the Advanced Security Mode, execute [Clear
All Memory] and [Clear Address Book and Registered
Data], by referring to the "Data Clearance Settings" of
the Operation Manual of the data security kit, to
eliminate any unencrypted data or residue on deletion
before changing into the Advanced Security Mode.
And if any programs of Copy/Fax Send/Scan, device
certificates, and certificate signing requests (CSRs)
are registered, delete them all.
● Perform the following operation before changing into
the Advanced Security Mode.
• Perform initial installation settings of the machine by
referring to the "User’s Manual" bundled with the
machine.
• Disable [IPv6] in [System Settings]→[Network
Settings]→[Interface Settings] of "Settings
(administrator)".
• Change the password of default administrator
(admin) into the one with 5 letters or longer.
• Prepare a syslog server which supports TLS 1.2 as
the audit server, and change [Storage/Send
Settings] of audit log into the audit server by
referring to the "SYSTEM SETTINGS" of the “User’s
Manual”. In addition, if the setting before change is
[Stored to Storage], export the audit logs stored so
far to PC by [Save/Delete Audit Log].
• If user authentication by the external account
application of Sharp OSA is used, change into the
internal authentication or the network authentication.
• When the machine is connected with Fax line or
network, keep the modular cable or the LAN cable
disconnected until the changing into the Advanced
Security Mode is completed.
● Operation of changing into the Advanced Security
Mode can be performed on the operation panel by the
default administrator (admin) only.
• Start the changing into the Advanced Security Mode
by tapping [Execute] key in [System
Settings]→[Security Settings]→[Advanced Security
Settings] of "Settings (administrator)".
• It takes some times from start to end of the
changing into the Advanced Security Mode. Be sure
not to leave the spot until the processing is
completed and pay sufficient attention to the
breakage of power supply of the machine during the
processing.
• After completing the changing into the Advanced
Security Mode, check to see that the item of
[Advanced Security Settings] is not displayed in
[System Settings] → [Security Settings] of "Settings
(administrator)", for the purpose of confirming that
the Advanced Security Mode has been changed.
● After completing the changing into the Advanced
Security Mode, perform the following operations.
• Connect the LAN cable and connect it to the
network, import the Certificate Authority certificate
that signed the server certificate used in the audit
server as the sending destination of the audit log on
the web page, then reboot the machine.
• In order to operate securely, specify [Minimum
Password Length] into 15 digits or more from
[System Settings] → [Security Settings] →
[Password Change] of "Settings (administrator)"
after login with the default administrator (admin).
Further change the length of administrator’s
password including the default administrators into
the value which satisfies the specified minimum
password length.
• The password requirements are changed as below
by changing into the Advanced Security Mode
including the change of the minimum password
length.
Password length: Minimum password length
specified above or more and 255 digits or less
Users of which password don’t satisfy the
requirement cannot log in. The administrator should
change their passwords so that they should satisfy
the requirements and inform the users the changed
passwords.
• In [System Settings] → [Common Settings] →
[Operation Settings] → [Condition Settings] of
"Settings (administrator)", set the time of [Auto Clear
Setting] as short as possible to the extent that there
is no inconvenience with use.
• If you use an external server as the user
authentication, prepare a LDAP server which
supports TLS 1.2 as the authentication server, and
register the authentication server by [System
Settings] → [Network Settings] → [LDAP Settings]
of "Settings (administrator)", then import the
Certificate Authority certificate that signed the server
certificate of the registered authentication server on
[System Settings] → [Security Settings] →
[Certificate Management] → [CA Certificate
Management] of "Settings (administrator)" on the
web page. Further, in [System Settings] →
[Authentication Settings] → [Default Settings] of
"Settings (administrator)", select [LDAP] for
[Authentication Server Settings], select the
registered authentication server for [Default Network
Authentication Server Settings], check [Specify
network server access control], then execute
[Submit].