bizhub PRO C6500 · 2019. 11. 5. · bizhub PRO C6500 1 1 Security Functions The bizhub PRO C6500 device has two security modes. Normal mode Use this mode if the machine is used by

bizhub PRO C6500

SecurityUser’s Guide

The Control Software version is as follows.

Image control program (Image Control l1) version: A03U0Y0-00I1-G00-11, A03U0Y0-00l1-G00-12

About the Firmware version display function:

The bizhub PRO Control Software (Image control program) version

mentioned above can be confirmed by using the service representative (CE)

service mode ROM version display function.

When you display the firmware version, the Image control program version

will be displayed as follows.

Image control program (Image Control l1) version:

G00 + 2 digits following the hyphen (Ex: G00-**)

Please keep this in mind when checking the software version.

Copyright © 2006 KONICA MINOLTA BUSINESS TECHNOLOGIES, Inc.

Pre.fm Page 1 Monday, September 11, 2006 3:49 PM

ACKNOWLEDGEMENTS:

- KONICA MINOLTA, KONICA MINOLTA Logo, and The essentials of

imaging are registered trademarks or trademarks of KONICA MINOLTA

HOLDINGS, INC.

- bizhub PRO are registered trademarks of KONICA MINOLTA BUSINESS

TECHNOLOGIES, Inc.

EXEMPTION:

- No part of this manual may be used or duplicated without permission.

- Manufacturer and Sales Company will have no liability for any influences

caused by using the printing system and this User’s Guide.

- The information written in this is subject to change without prior notice.

Pre.fm Page 2 Monday, September 11, 2006 3:49 PM

Composition of User’s Guide

This machine is provided with the following user’s guides as printed matters.

*bizhub PRO C6500 User’s Guide - Copier

This guide describes an outline of the machine and copy operations.

Please refer to this guide for safety information, turning on/off the machine, paper supply, dealing with machine trouble such as paper jam, and copy op-eration available on the machine.

* bizhub PRO C6500 User’s Guide - POD Administrator’s Reference

This guide provides you with detailed information about the machine man-agement and how to customize the machine according to your daily use.

Please refer to this guide for a setup and management of the machine includ-ing registration of copy paper and tray setting.

* bizhub PRO C6500 User’s Guide - Security (This book)

This guide describes the security functions.

Please refer to this guide for how to use the Security Strengthen mode, and for detailed machine operation in Security Strengthen mode.

To operate safely, be sure to read "Section 1 Safety Information" in "bizhub PRO C6500 User’s Guide - Copier" before using the machine.

bizhub_C6500.book Page 3 Monday, September 11, 2006 1:56 PM


Contents

1 Security Functions ............................................................1

2 Security Strengthen Mode ...............................................3

2.1 Description of Security Strengthen mode ..........................................3

2.2 Data protected by Security Strengthen mode ...................................4

3 Machine Administrator Security Functions ....................5

3.1 Turn Security Strengthen mode ON/OFF ...........................................6

3.2 HDD lock password ............................................................................10

3.3 Print audit log ......................................................................................14

3.4 Analyze audit log ................................................................................17

3.5 Table of items saved in audit log ......................................................19

4 Index.................................................................................21



Security Functions 1

bizhub PRO C6500 1

1 Security Functions

The bizhub PRO C6500 device has two security modes.

Normal mode

Use this mode if the machine is used by a single person and there is a low possibility of illicit access and operations. This is the default mode when shipped from the factory.

To use regular mode, please see the user’s guide for each individual machine.

Security Strengthen mode

Use this mode if the machine is connected to a local area network, or to external networks through a telephone line or other means. A machine administrator manages the device according to this user’s guide, so that users can have a safe operating environment.Your machine administrator is the only one who can turn the Security Strengthen mode ON and OFF, and make other changes, and your service representative will designate an machine administrator.

To turn the Security Strengthen mode ON, the service representative should set a CE authentication password and machine administrator password for the device.Please contact your service representative when using the Security Strengthen mode.

Please be sure to use the Security Strengthen mode to prevent data from being accessed or tampered with.

The Security icon is displayed on the touch panel if the Security Strengthen mode is activated.

Environments in which Security Strengthen mode is recommended- The machine is monitored by a telephone line or a network.


1 Security Functions

2 bizhub PRO C6500

Creating a secure environment

For security, we recommend that supervisors and a machine administrator use Security Strengthen mode and establish an environment as follows.- Qualifications to be a machine administrator

A supervisor must select a reliable person who has adequate knowledge, technical ability, and experience as a machine administrator, to whom to delegate administration of the device.

- Guarantee of service representative (CE)A supervisor or a machine administrator can use Security Strengthen mode after confirming that a service contract was signed with the service representative (CE). Clearly state in the service contract that the service representative will not engage in any fraudulent actions.

- Secure LANBe sure to connect the machine to the LAN protected by firewall in order to prevent access from an external network.


Security Strengthen Mode 2

bizhub PRO C6500 3

2 Security Strengthen Mode

2.1 Description of Security Strengthen mode

The following items will have enhanced security.- Machine NIC setting

While the Security Strengthen mode is activated, available function is limited to CS Remote Care.

- External access prohibitedNo access is allowed over telephone lines other than CS Remote Care.

- Create, save and analyze an audit logA history of security function operations will be created and saved. Date and time, information identifying the person who made the operation, details of the operation, and results of the operation will be saved, enabling analysis of unauthorized access. This log will be overwritten if the audit area is depleted.

- Machine Administrator authenticationA service representative will set up an authentication data for a machine administrator. The machine administrator must input a password to gain authorized access. Only one authentication string can be registered per machine.

- Machine Administrator Setting modeIf the machine administrator Setting mode has been entered by successful Administrator authentication, the setting change of various machine functions will be available on the machine.Be sure to exit the machine administrator Setting mode if you leave in front of the machine while using the machine administrator Setting mode.


2 Security Strengthen Mode

4 bizhub PRO C6500

2.2 Data protected by Security Strengthen mode

The data protected by Security Strengthen mode is the document data stored in the machin.

To turn Security Strengthen mode ON/OFF

The machine administrator can turn Security Strengthen mode ON/OFF.

If Security Strengthen mode is OFF, data can potentially be accessed, so be careful.


Machine Administrator Security Functions 3

bizhub PRO C6500 5

3 Machine Administrator Security

Functions

The machine administrator turns Security Strengthen mode ON/OFF.

To do so, an 8-digit CE authentication password and Machine Administrator password must be set for the machine. Ask your authorized service representative to set up a Machine Administrator password. To change this password, the machine administrator himself should operate the procedure described in the User’s Guide of POD Administrator’s reference.

To protect data in the machine from access and tampering, please be sure to designate a machine administrator and use Security Strengthen mode.

2Reminder

Do not use your name, birthday, employee number, etc. for a password that others can easily figure out.

Be careful not to inform anybody else of the password, or not to let it known to others.


3 Machine Administrator Security Functions

6 bizhub PRO C6500

3.1 Turn Security Strengthen mode ON/OFF

The following is an explanation of how to turn Security Strengthen mode ON/OFF.

2Note

Passwords are case sensitive.

If a wrong password or fewer than 8 alphanumerical characters are entered and the [OK] key is touched, the warning message "Password does not match" will appear, and no key will work for five seconds. Enter the right password after five seconds.

If authentication fails, the information will be saved in the audit log.

Procedure

1 Press [Utility/Counter] on the control panel to display the Utility Screen.

2 Touch [03 Machine Admin. Setting].

The Input Password Screen will be displayed.



bizhub PRO C6500 7

3 Enter the password.Use the touch screen keypad to enter the 8-digit Machine Administrator password, then touch [OK].

The Machine Administrator Setting Menu Screen will be displayed.

4 Touch [10 Security Setting].



8 bizhub PRO C6500

5 Touch [04 Security Strengthen Set]

6 Turn Security Strengthen mode ON or OFFIf you want to turn Security Strengthen mode ON, touch [On] to highlight it. If you want to turn it OFF, touch [Off] to highlight it.



bizhub PRO C6500 9

7 Touch [OK].

The Restart Confirmation popup screen will appear

8 Touch [Yes].

The machine will restart and the new setting will be activated.



10 bizhub PRO C6500

3.2 HDD lock password

While the Security Strengthen mode is turned ON, a lock password (8 to 32 alphanumerical characters, case sensitive) can be set up on the HDD to protect the data stored on it.

If the HDD itself is externally accessed, the data readout will not be available until the correct lock password is entered.

2Reminder

Do not use your name, birthday, employee number, etc. for a password that others can easily figure out.

Be careful not to inform anybody else of the password, or not to let it known to others.

2Note

The HDD lock password functions only when the Security Strengthen mode is ON. When turned OFF, the message "Please set Security Strengthen mode" will be displayed.

2Note




!Detail

The main body serial number will be printed at the upper right corner of the audit log. For details, see the next section "Print audit log" and p. 17 for the sample log.


The current password cannot be used again as a new password.



bizhub PRO C6500 11

Procedure




3 Enter the password.Use the touch screen keypad to enter the 8-digit Machine Administrator password, then touch [OK].




12 bizhub PRO C6500

4 Touch [10 Security Setting].

5 Touch [02 HDD Lock Password].

The HDD Lock Password Menu Screen will be displayed.



bizhub PRO C6500 13

6 Touch [Current Password] to enter the password currently used, then touch [OK].The first password: 13-digit alphanumeric serial number of the main body

7 If authentication is succeeded, touch [New Password] to enter the new password.The key will not be active until authentication is succeeded.

– Touch [OK] to return to the previous screen.

8 Touch [Check Input] to re-enter the same password as above.

– Touch [OK] to return to the previous screen.

9 Touch [OK].



14 bizhub PRO C6500

3.3 Print audit log

An audit log will be automatically created when the data saved in the machine have been accessed.

All the audit log data can be output as follows.

2Note




2Note

To stop printing, press [Stop] on the control panel, then touch [Cancel] on the confirmation popup screen.

Procedure






bizhub PRO C6500 15

3 Enter the [password].Use the touch screen keypad to enter the 8-digit Machine Administrator password, then touch [OK].


4 Touch [01 System Setting].



16 bizhub PRO C6500

5 Touch [06 List/Count].

The Management List Print Screen will be displayed.

6 Touch [Audit Log Report], then touch [COPY].

7 Press [Start] on the control panel.



bizhub PRO C6500 17

3.4 Analyze audit log

Audit logs need to be analyzed by the Machine Administrator regularly (once per month) or when unauthorized access and tampering of data saved in the machine in Security Strengthen mode is noticed.

The machine is supposed to store up 750 logs per month.

If more than 750 logs are assumed to be stored in a month, carry out the analysis in a shorter period before the unanalyzed logs reach that number.



18 bizhub PRO C6500

Audit Log Information

The audit log contains the following information.1. date/time: date and time when an operation was made that results in the

creation of a log entry.2. id: the person who made the operation or who is subject to security

protection can be specified."-1": Operation by CE (service representative)."-2": Operation by the machine administrator.Other integer: Indicates subjects for security protection.

3. action: Used to specify the operation.Check details of operation that action indicates in the following table.

4. result: Result of an operation.For password authentication, success or failure will be indicated as OK and NG.For operations without password authentication, all log entries will be indicated as OK.



bizhub PRO C6500 19

3.5 Table of items saved in audit log

The purpose of analyzing the audit log is to understand the following and implement countermeasures:

Whether or not data was accessed or tampered with Subject of attackDetails of attackResults of attackFor specific analysis methods, see the next page.

No. Operation ID Stored

action

Result

1 CE authentication CE ID 01 OK/NG

2 Manager authentication Machine Administrator ID

02 OK/NG

3 Set/change Security Strengthen mode

Machine Administrator ID

03 OK

4 Print audit log Machine Administrator ID

04 OK

5 Change/register CE password CE ID 05 OK

6 Change/register Machine Adminis-trator password password

CE ID/ Machine Admin-istrator ID

06 OK

13 Change HDD lock password Machine Administrator ID

19 OK



20 bizhub PRO C6500

Specify unauthorized actions: password authentication

If logs have NG as the result of password authentication (action: 01, 02), items protected by passwords may have been attacked.- Failed password authentication (NG) log entries specify who made the

operation, and show if unauthorized actions were made when password authentication failed.

- Even if password authentication succeeded (OK), it shows whether a legitimate user created the action. You need to check carefully when successful authentication occurs after series of failures especially during times other than normal operating hours.

Specify unauthorized actions: actions other than password

authentication under security

All operation results other than password authentication will be indicated as successful (OK), so determine if there were any unauthorized actions by ID and action.- Check the time, and see if the user who operated the specific subject

made any unauthorized actions.

Actions to take if unauthorized operations are found

If it's found that a password has been leaked after analyzing the audit log, change the password immediately.


Index 4

bizhub PRO C6500 21

4 Index

A

Audit logAnalyze 3-17Print 3-14

E

Enhanced security modeAudit log 2-3Normal mode 1-1

M

Machine Administrator Security Functions 3-5

HDD lock password 3-10

S

Security strengthen modeData protected 2-4Environments 1-1Machine Administrator authentication 2-3Machine Administrator setting mode 2-3Turn ON/OFF 2-4



Documents

bizhub PRO C6500 · 2019. 11. 5. · bizhub PRO C6500 1 1 Security Functions The bizhub PRO C6500 device has two security modes. Normal mode Use this mode if the machine is used by