Océ Remote Service - Canon Global › media › Assets › PDFs › ... · OCÉ REMOTE SERVICE Technology - Security Whitepaper R4-Public 6 2 Océ Remote Service General Architecture

OCÉ REMOTE SERVICE

Technology - Security WhitepaperR4-Public

1

Océ Remote Service

IT Whitepaper

Version 3.0

OCÉ REMOTE SERVICE


2

Table of Contents

1 OVERVIEW.............................................................................................................................................................. 3

1.1 ABOUT THIS WHITEPAPER ................................................................................................................................... 31.2 ABOUT OCÉ REMOTE SERVICE (ORS)................................................................................................................. 3

2 OCÉ REMOTE SERVICE GENERAL ARCHITECTURE ................................................................................ 6

2.1 PRINCIPLES .......................................................................................................................................................... 62.2 OCÉ REMOTE SERVICE SCHEMATIC OVERVIEW .................................................................................................. 62.3 OCÉ REMOTE SERVICE - HOW IT WORKS............................................................................................................. 7

3 OCÉ REMOTE SERVICE COMPONENTS......................................................................................................... 9

3.1 REMOTE METER READ COLLECTION ................................................................................................................... 93.2 REMOTE DIAGNOSTICS ........................................................................................................................................ 9

3.2.1 Diagnostics Data Request........................................................................................................................... 93.2.2 Controller Backup Request ......................................................................................................................... 93.2.3 Remote Service Auditing Information ......................................................................................................... 9

3.3 REMOTE ASSISTANCE .......................................................................................................................................... 93.4 EVENT FORWARDING ........................................................................................................................................ 10

3.4.1 Remote Event Forwarding ........................................................................................................................ 103.4.2 Mobile Alerting ......................................................................................................................................... 10

3.5 REMOTE SOFTWARE DISTRIBUTION................................................................................................................... 103.6 CONTENT SERVICES........................................................................................................................................... 103.7 SERVICE TOOLS DATA & DOCUMENTATION...................................................................................................... 11

4 OCÉ REMOTE SERVICE NETWORKING SECURITY INFORMATION................................................... 12

4.1 OCÉ REMOTE SERVICE ACTIVATION ................................................................................................................. 124.2 OCÉ REMOTE SERVICE PLUG-IN COMMUNICATION FROM THE CUSTOMER SITE TO OCÉ..................................... 12

5 DATA FORMATS AND CONTENT.................................................................................................................... 13

6 SERVICE ORGANIZATIONS ............................................................................................................................. 15

7 OCÉ DATA SECURITY POLICY ....................................................................................................................... 16

8 GLOSSARY ............................................................................................................................................................ 17

ADDENDUM .................................................................................................................................................................. 19

REMOTE SERVICE CONNECTIVITY INFORMATION .......................................................................................................... 19

OCÉ REMOTE SERVICE


3

1 Overview

1.1 About this Whitepaper

This IT Whitepaper & Data Security Policy (this �Whitepaper�) is intended for IT administrators and others who would like to study the security features, system architecture and network impact of OcéRemote Service.

This W hitepaper includes the followingtopics:

Communication method(s)used by OcéRemote Service in a customer network environment.Communication method(s)used by OcéRemote Service for data transfer between print devices(�Devices�) and/or the applicable PRISMA-brand software (�Software�, and together with the Devices, the �Products�) in a customer network and Océ Remote Service Server. Description of the Service Diagnostics Software on the Device and data gathered and sent by OcéRemote Service.Security environment for installingand usingOcéRemote Service.

Statement of Océ / Canon�s data security policies.

1.2 About Océ Remote Service (ORS)

Introduction

OcéRemote Service is a service developed by OcéTechnologies B.V. (�Océ�) that is being made available for Canon National Sales Organizations (collectively, �Canon�) and their authorized retail dealers (�Dealers�) to enhance support for certain Products.

Océhas incorporated several security measures, controls and customer interaction aspects in the developmentof the OcéRemote Service functionality:

OcéRemote Services uses industry standard HTTPS connection methods to communicate between theProduct and the OcéRemote Service Servers.The customer is always in control as it determines when and if Océ/Canon or its servicingDealer isallowed to connect to the Product to perform adjustment actions.OcéRemote Service automated data collection module retrieves only Device meter and service data.Except as may otherwise be permissioned by a customer duringa Remote Assistance session, noimage data about customer print jobs or documents can be collected.

Data traffic between the Product at the customer site and the OcéRemote Service Servers and then from theOcéRemote Service Servers via webbrower to the Dealer�s PC (see diagram in Section 2.2 below) is primarily outbound, except when a Remote Assistance session is ongoingor Remote Software Distribution pulls softwareupgrades to the Product. In regards to Remote Assistance, the customer is always in control and can initiate orturn-off the Remote Assistance session at its own discretion. Remote Assistance requires acquisition by Dealerof a license from TeamViewer.

OcéRemote Service consists of seven main functions:1. Remote Meter Read Collection2. Remote Diagnostics3. Remote Assistance4. Event Forwarding5. Remote Software Distribution6. Content Services7. Service Tools & Documentation

Not all Products support all of the OcéRemote Service functions and capabilities. Some functions involveautomatic, scheduled data transmissions;others are invoked in specific service situations.

OCÉ REMOTE SERVICE


4

Remote Meter Read Collection

W ith Remote Meter Read Collection, Device meter count information is requested remotely on a periodic basisfrom the Device, thereby eliminatingthe need for manual collection and reportingof the meter readings back toOcé/Canon or the Dealer by the customer.

Remote Diagnostics

Remote Diagnostics offers the customer considerable advantages by allowingOcé/Canon or the Dealer toautomatically retrieve via a webbrowser service related data for analysis and troubleshootingof a Device assoon as the customer submits a service request with Océ.

W ith the Device service data Océ/Canon or the Dealer will be able to remotely identify the source of aproblem and possibly solve the problem via telephone and/or with Remote Assistance (if supported bythe Device).By analyzingthe service data in advance the Océ/Canon or Dealer Field Service Technician will beable to prepare for his or her visit in detail before visitingthe customer, for example, by bringingthe rightparts to avoid a second visit or to perform preventive maintenance.By analyzingpost visit and Device population data Océ/Canon will also be able to define productimprovement initiatives. The data is collected and stored anonymously without identification of individualcustomers or Device data.The time to fixthe problem may also be reduced, thereby resultingin increased Device uptime, whichwill facilitate the customer�s enhanced usage of the Device.

Remote Assistance

In the event questions related to configuration or settings arise, Remote Assistance enables an Océ/CanonService & Support representative or Dealer, upon customer�s consent and with the use of TeamViewer licensed software, to connect to the Product, observe Product current status and function and to make adjustmentsremotely to the Product whenever possible. The customer may in its sole and absolute discretion permission(through the provision of a specific system admin password)the Océ/Canon Service & Support representativeor Dealer to retrieve print jobfiles duringa Remote Assistance session for diagnostics /troubleshootingpurposes.

Event Forwarding

A Device can be programmed to communicate its status when a certain event or error status change occurs,thereby givingOcé/Canon or the Dealer a preview of how the Device is performing.

Remote Software Distribution

Remote Software Distribution offers the customer the possibility to update the Product with the latest software,thereby improvingthe function of the Product over time. The software is retrieved from the OcéRemote ServiceServices, only upon customer�s demand, through this remote channel.

Automatic product license updates are also part of Remote Software Distribution. Product licenses are updatedautomatically on the customer�s Product when the customer purchases new features from, or extends its serviceagreement with Océ/Canon or the Dealer, as the case may be. Remote Software Distribution also ensures thatcustomers with service agreements automatically receive maintenance updates for their remote connectedProducts for the duration of their service agreements.

Content Services

Detailed functional loggingof a product can be requested by Océ/Canon or the Dealer for troubleshootingpurposes or duringan extended period of time for performance analysis. This detailed loggingcan be used bythe Océ/Canon service department or Dealer to monitor in real-time the performance of a Product and to handleproblems/questions with information at hand. The logged information consists of sensory and timing-data of theProduct as well as internal workflow information (e.g., software and operatingsystem logs). Based on this data a

OCÉ REMOTE SERVICE


5

print run in which a customer has experienced problems can be inspected, thereby facilitatingissue identificationand resolution time. This logginginformation contains no print jobcontent data (e.g. print jobfiles or jobnames).

Service Tools & Service Documentation

The OcéRemote Service infrastructure will maintain data used by the Service Diagnostics Software and servicedocumentation up to date on the Device.

Data Confidentiality

If a Dealer is removed from an account or terminated in its entirety, all Product data specifically associated withsuch Dealer is changed to �undisclosed� (i.e., anonymized)so that no Dealer-identifyinginformation remainsvisible to Océ/Canon for that terminated Dealer.

OCÉ REMOTE SERVICE


6

2 Océ Remote Service General Architecture

2.1 Principles

Every network communication is initiated from the customer s Product to the Remote Service DataRequest Server.Enablingand disablingof OcéRemote Service connection is always within the customer s control.Product data is transferred through encrypted internet channels.Customer Products only connect to known and dedicated servers.Remote Assistance access to the customer s Products always has to be initiated by the customer at theProduct itself.OcéRemote Service retrieves only Device meter read and Product service information.Except as may otherwise be permissioned by a customer duringa Remote Assistance session, no printjobcontent data (e.g., jobnames or files)is retrieved nor sent back to Océat any time by OcéRemoteService.Names and address details are neither retrieved nor sent back to Océ/Canon at any time by OcéRemote Service.

2.2 Océ Remote Service Schematic Overview

The image depicted below is a schematic overview of the OcéRemote Service solution and the networkcommunication takingplace between the OcéRemote Service Plug-in (includinga TeamViewer component)andthe OcéRemote Service Servers.

CustomerFirewall

Microsoft© Azure HostedOcéOnline Services W ebSite

Online ServicesSecured Data Channel

Remote Assistance Serverhosted byTeamViewer©

Direct ServiceOrganizations

ProxyFirewall

OcéCanon Datacenter LAN

Remote ServiceData Request Server

Remote ServiceFirmware Distribution

Server

Robin ServerService Manuals

Océ Remote Service Servers

Remote ServiceFunctional Logging

ServerRemote Service Plug-in

PRISMAprepare&

PRISMAdirect

Dealer ServiceOrganizations

Customer Network

3rd Party Systems for Remote Service

service.oce.comORS Dashboard

Teamviewer © Host Plug-in

Remote Control App

ORS service datachannel for outboundInternet trafficHTTPS – SecuredTunnel

Remote AssistanceHTTPS - Secured DataChannel Initated bycustomer – rendevous onthe Internet

Remote SoftwareDistributionHTTP - Outboundtraffic

The OcéRemote Services Servers consist of the followingcluster of servers:OcéRemote Service Data Request Server

OCÉ REMOTE SERVICE


7

OcéRemote Service Robin ServerOcéRemote Service Firmware Distribution ServerOcéRemote Service Functional LoggingServer

Océ Remote Service Communication over the Internet

Communication is initiated by the OcéRemote Service Plug-in to most of the OcéRemote Services Servers overthe HTTPS protocol, with AES 256Bit session encryption.

W hen the OcéRemote Service Plug-in retrieves software and firmware updates from the OcéRemote FirmwareDistribution Server this occurs over the HTTP protocol. The HTTP protocol supports auto-recovery duringaninterrupted firmware download session.

Océ Remote Service Plug-in Solution

The OcéRemote Service Plug-in solution has been embedded in the followingOcécomponents and products:1. The controller of the OcéDevice2. OcéPRISMAprepare and PRISMAdirect Software Suite.

The OcéRemote Service Plug-in is always the initiator of the connection to the OcéRemote Service Servers orto the Remote Assistance HostingServer Infrastructure. Accordingly, the connection is always outbound bynature.

2.3 Océ Remote Service - How it Works

The OcéRemote Service Plug-in always establishes an outbound connection to the OcéRemote ServiceServers.

The principle of OcéRemote Service is always based on the OcéRemote Service Server requestinganoperation and the OcéRemote Service Plug-in respondingto the request when the heartbeat establishes aconnection and polls the request.

There are several types of requests such as:1. Request for the Device to send its meter reads for billingpurposes2. Request for the Device to send machine diagnostics data3. Request for the Product to send the remote service audit logging4. Request for the Product to retrieve a new license for the product5. Request for the Product to retrieve software/firmware update instructions6. Request for the Device to send trace logfiles7. Request for the Device to send the most recent controller system settings backup8. Request for the Device to update its meter read configuration rules9. Request for the Device to update its alert (events)subscription profile10. Request for the Device to update its service tools configuration file

The poll signal contains only the relevant Product identification data for the remote infrastructure and possiblyevents occurringat that moment on the Product. The latter data stream is only present on the poll signal, if anevent is detected on a Product for which a notification request to the OcéRemote Service Server exists.

The OcéRemote Service plug-in will poll the OcéRemote Service Data Request Server on a regular basis(every 5 minutes)for a new data request on its address. If it encounters a request that is targeted to its specificaddress, it will process the request and act upon it accordingly.

The OcéRemote Service Data Request Server will automatically create requests to update the Meter ReadConfiguration File, the Alert Configuration File and the Service Tools Configuration File on the Product when newProduct configuration data becomes available.

OCÉ REMOTE SERVICE


8

The �Meter Read Configuration File� contains the latest SNMP recognition rules and meter readingdefinitions.

The �Alert Configuration File� only contains the list of error codes per Product type to which theCanon/Océback office personnel is subscribingto receive notifications from the Product. Thenotifications could result in a telephone call by a service technician to either resolve a problem remotelyor to plan a corrective maintenance visit.

The �Service Tools Configuration File� contains a list of preventive maintenance triggers as well as othererrors relevant for the service diagnostics process.

W hen Remote Assistance is enabled on the Product with licensed TeamViewer software, Océ/Canon servicepersonnel and /or the Dealer will be able to login remotely on the Product. By means of the service tools on theProduct itself, Océ/Canon service personnel or the Dealer will be able to troubleshoot and/or possibly correctsoftware and configuration settings issues without physically visitingthe Product.

Remote Software Distribution offers an automated firmware upgrade process, for the printer controller software,that is easy to perform by a system administrator at customer�s site. The Product automatically downloads firmware upgrades and notifies the print operator to launch the upgrade process at his or her own convenienceor the downloaded software components can be installed by the service technician at the next plannedmaintenance visit.

The Service Documentation Framework on the Product maintains the documentation on the Product up to dateby initiatingthe synchronization process with the OcéRemote Service Robin Server.

For providingprinter operators with device status information the OcéRemote Service Server relays the eventsdesignated for the Remote Control App towards the Microsoft Azure hosted OcéCloud Services W ebSite. Fromthere the notifications are sent to the Remote Control App installed on the operator�s smartphone or tablet.

OCÉ REMOTE SERVICE


9

3 Océ Remote Service Components

3.1 Remote Meter Read Collection

Communication is initiated by a Meter Reads Data Request on the OcéRemote Service Data Request Server.Meter Reads Data Requests are scheduled on a daily basis. Devices that have a controller version that supportsremote meter read collection will be able to respond to the meter read data requests. These meter reads areused to bill the printed volume on a monthly or yearly basis.

3.2 Remote Diagnostics

3.2.1 Diagnostics Data Request

Communication is initiated by a Diagnostics Data Request on the OcéRemote Service Servers. The DiagnosticData Request can be created automatically through a scheduled request, manually by the Océ/Canon orDealer call screeningdepartment or automatically through the Océ/Canon management interface when acustomer with a remote connected Device submits a service request to the Océ/Canon Customer ServiceDesk. The Océ/Canon call screeningdepartment and the Field Service Technician or the Dealer can analyzethe Diagnostics Data gathered around the time that the incident was reported. The analysis can help determinethe cause of the incident more accurately and possibly identify the failingparts.

Océ/Canon or the Dealer can decide to schedule Diagnostics Data Requests on a regular basis in order todetermine general population performance.

3.2.2 Controller Backup Request

Communication is initiated by a Controller Backup Request on the OcéRemote Service Serves. The ControllerBackup Request can be created manually by Océ/Canon or the Dealer call screeningdepartment orautomatically through a scheduled request set on the OcéRemote Service Servers. The printer controller willproceed to create the Controller Backup and send it to the OcéRemote Service Servers for backup.

A �Controller Backup� contains all of the necessary Device and customer site specific settings used to restore acontroller back to a workingstate after a hardware failure. Controller Backup Requests are scheduled to beretrieved on a periodic basis.

3.2.3 Remote Service Auditing Information

The OcéRemote Service Plug-in maintains a detailed chronological logof all communications and transactionsbetween the OcéRemote Service Plug-in on the device and the OcéRemote Service Servers. At any time thecustomer, its Dealer or Océ/Canon can request a copy of this file from the Device to consult it and ortroubleshoot remote connection issues.

3.3 Remote Assistance

An Océ/Canon Service & Support representative or the Dealer will contact the customer by telephone andexpress his or her intentions to connect remotely to the Product via licensed TeamViewer software. Thecustomer will then have to manually set the target system into the �allow remote connection mode� every time Océ/Canon or the Dealer requests to start a Remote Assistance session. Once this is done a securedconnection is established. In this way the customer is always in control, the customer can also choose tounilaterally terminate the Remote Assistance session if desired.

W hat is possible with Remote Assistance?

1. Océ/Canon Service and Support personnel or the Dealer will be able to setup a VPN or a RemoteDesktop connection with the Device. A VPN connection is chosen by a Océ/Canon Service & Supportrepresentative or the Dealer in case an issue is related to the webservices available on the Device. This

OCÉ REMOTE SERVICE


10

VPN connection, for example, will allow Océ/Canon or the Dealer to launch the websettings interfaceof the Device and strive to correct configuration issues remotely. A Remote Desktop connection ischosen when the issue reported by the customer is more of the �how-to-do� nature. Océ / Canon or the Dealer can subsequently remotely show or instruct the customer how to make the required configurationchanges.

2. On the Software, a remote control session is possible, thereby allowingOcé/Canon or Dealerassistance on the areas of the system configurations or �how-to-do� questions.

In all cases Océ/Canon or the Dealer respects all security levels imposed by a customer. Océ/Canon or theDealer can, upon customer request, record the Remote Desktop Session and share the recordingwith thecustomer afterwards for its own validation. Océ/Canon or the Dealer may also use such recordings for its owninternal trainingpurposes. Océ/Canon or the Dealer can also establish a three-way Remote Assistancesession, device Océ/Canon or Dealer (share desktop) customer, thereby enablingthe customer to alsowitness the Remote Assistance session between Océ/Canon or the Dealer and the target Product.

3.4 Event Forwarding

3.4.1 Remote Event Forwarding

Event information is sent upon the heartbeat signal. If a subscribed event occurs on the Device, the RemoteService Plug-in will send a notification on the heartbeat back to the OcéRemote Service Servers fortransmission to Océ/Canon or the Dealer. The error code is only sent when it has been detected and not yetsuccessfully delivered at the OcéRemote Service Data Request Server. The error code can be used by Océtocreate an email notification or generate automatically a Diagnostics Data Request.

3.4.2 Mobile Alerting

Operator Alerts are sent real time over the OcéRemote Service connection to the OcéRemote Service DataRequest Server and these Device Operator Alerts are immediately sent to the Remote Control Notification CloudServices W ebSite. Device operators registered as contacts subsequently receive these alerts as notifications ontheir mobile devices.

3.5 Remote Software Distribution

New firmware is announced to the Product and, depending on the customer�s Product firmware download preferences, the firmware download is initiated by the operator or downloaded automatically by the device. If thefirmware has been previously flagged by Océ / Canon as �customer installable�, the administrator can start the installation process. In a situation where the customer is not satisfied with the update, it is always possible torestore the controller software to the situation prior to the update. For firmware flagged as �Service installable only� an Océ / Canon technician or the Dealer will need to go on-site to execute and complete the upgradeprocess.

W hen a new update is available for a remote connected system the OcéRemote Service Servers will announcethis update to the customer system. This announcement contains information (download url(s), file size(s)andencrypted checksum(s))about the software package(s)that need to be downloaded. Once the packages aredownloaded they are validated for identical file size and checksum. The internal installer on the device willperform a final check on the installation packages to verify that they are of Océorigins by checkingtheir digitalsignatures. After this final check has been approved by the internal installer the update process can start.

System licenses are also updated through OcéRemote Service.

3.6 Content Services

Functional loggingone-way synchronization will be performed at set intervals or on request. The upload speedfrom the Product to the OcéRemote Service Functional LoggingServer is limited to prevent cloggingof thecustomers Internet connection.

OCÉ REMOTE SERVICE


11

Functional Loggingis controlled and secured in multiple ways:An Océ/Canon support specialist or the Dealer initiates a functional loggingrequest;The Product creates a secured VPN connection to Océfor transferringthe functional logging(transportlayer security);Only on this VPN tunnel transmission of functional loggingis possible. Its functionality is also protected(application security)by means of authentication usingsecurity credentials that change on a regularbasis;The transmission of data (logfiles)is only possible in one direction, from the Product to the OcéRemoteService Server;andThe VPN tunnel is encrypted using256bit AES encryption.

3.7 Service Tools Data & Documentation

Communication to update the Service Tools Configuration & Knowledge Files is initiated by a service tools datarequest from the OcéRemote Data Request Server. The Service Documentation Framework on the Devicemaintains the technical service documentation up to date by replicatingthe documentation changes on the OcéRemote Robin Server back to the Device.

OCÉ REMOTE SERVICE


12

4 Océ Remote Service Networking Security Information

4.1 Océ Remote Service Activation

OcéRemote Service is by default automatically activated on the Product with the OcéRemote Service Plug-in. Ifrequired by customers, OcéRemote Service can be turned off from within the control panel of the target system.

4.2 Océ Remote Service Plug-in communication from the customer site to Océ

The OcéRemote Service Plug-in uses only the HTTPS protocol to communicate directly with the OcéRemoteData Request Servers. TCP/IP port 443must be open and allow responses back on the customer firewall.

It is important to verify if the Product is connected with the OcéRemote Service Servers. If this is not the casethen the proxy settings on the Product must be verified with a local customer ITadministrator.

The OcéRemote Service Plug-in can only communicate with OcéRemote Data Request Server and OcéSoftware Upgrade Server by means of hard-coded URLs.

There are several URLs that (may)need to be white listed for outbound communication on the customer Firewall/Proxy Server (dependingon customer internet access policy):

1. For Remote Meter Reads, Diagnostics, Functional logging, Audit Logs and Software upgrade thefollowinginternet URLs need to be accessible from the Product:

*.oce.comCmtime.codemeter.com

2. And in addition for Remote Assistance:*.teamviewer.com

Remote functionality Information Used network protocols TCP portOcéRemote ServiceCustomer Site -OcéConnection

Machine Connect, Polling,Machine Data Transfer

HTTPS 443

OcéRemote SoftwareDistribution

Software /firmware upgradepackage

HTTP 80

OcéRemote Assistance Machine Settings HTTPS 443

The attached Addendum contains a summary of the information that Océ / Canon or the Dealer will needto discuss with / gather from the customer’s IT department in order to realize the remote connection onthe Product installation.

Océ Remote Service Data Encryption

From OcéRemote Service Plug-in to the OcéRemote Service Servers, data is encrypted based on AdvancedEncryption Standards at the TCP transport layer. Therefore the data does not need to be encrypted at theapplication layer. However all machine diagnostics data sent to Océ/Canon or the Dealer from the Product iscompressed and encrypted by the compression tool at file package level as an extra precautionary method.

OCÉ REMOTE SERVICE


13

5 Data Formats and Content

The followingtable summarizes the data exchanges between OcéRemote Services components at customersite and OcéRemote Service Servers.

Data Type Description Timing SizeOcéRemote ServiceConnect /Disconnect

OcéRemote Servicecommunication protocol

Once per day or after everydevice restart

10kB

OcéRemote Service Poll OcéRemote Servicecommunication protocol

Every 5 minutes 5 kB

Meter ReadConfiguration File

Tells the Devices whichmeters are relevant to includein the Meter reads package

W ill be downloaded once when anew version of this file becomesavailable in the back-office

Avg: 500kB

Alert Configuration File(Event Forwarding)

Tells the Devices which errorsrequire an Océservicetechnician visit, and whichtherefore should be sent in.

W ill be downloaded once when anew version of this file becomesavailable in the back-office

Avg: 5 MB

Diagnostics Data Set Encrypted Zip file containingdata log, trace files,maintenance logbook andother service related files

W hen a service request issubmitted to Océ. Or on aweekly basis in case isperforminga general systemsperformance analysis

Avg: 500kBMax: 10MB

Meter Read Data Set Encrypted XMLfile containingall relevant counterinformation of one or moreDevices

Once per day Avg: 200kB

OcéRemote ServiceAudit Log

Zip file containingremotecommunications log

Only when Océis analyzingremote communicationsproblems

Max: 25 MB

Functional Logging Tracedata files (controllermemory dumps system tracefiles)Functional logs (real timesensory & timingdata)

On demand for diagnosticspurposes

Tracefiles100MBFunctionalLoggingamaxof 8GBper day

Controller Backup All Device Controller Settings,customer specific MediaCatalogues and Color ProfileSetting

W eekly Avg: 80MBMax: 200MB

Service Documentation Encrypted HTMLTechnicalService Manuals (TSM)on theDevice controller. All updatesto the TSM are also encrypted

On availability of new updates Avg500kBper update

Service ToolsConfiguration File

File which contains servicemaintenance triggers

On availability of new updates Avg: 5MB

Datalog Structure

The datalogis a collection of all relevant product data, which could be helpful for analyzingproblems in thetarget Océsystem or for analysis of the usage of an Océproduct aimingon improvingthe product in futurereleases.

The datalogfile is stored in xml or MDB format.The datalogis built-up as follows:

1) System information

a. Serial number

OCÉ REMOTE SERVICE


14

b. System type

c. Billingcounters

d. etc.

2) Snapshots (several snapshots are beingstored)givinga picture of controller and printer

a. Controller

b. Scanner

c. Printer (cold process, warm process)Each section contains parameters and counters relevant for that section, thus providinginformationtowards preventive maintenance.

3) Event history

a. Errors

b. Simple events (start-up, shut-down, back-up, restore, replace cartridge, etc.)

4) Actual errors (present at the moment of dataloggeneration)

5) Modifications

6) Listingwith error descriptions

OCÉ REMOTE SERVICE


15

6 Service Organizations

One feature of OcéRemote Service is to provide a Service Organization (i.e., Canon \Océor a Dealer)withcurrent Product status information, which includes diagnostic information that can be used by the ServiceOrganization to prepare for a corrective maintenance visit to a customer�s location. The Service Organization will use this diagnostic information to assist it to determine the condition of the Product and what parts may berequired to fixthe problem which necessitated such corrective maintenance visit. The Service Organization mayalso use the diagnostic information to determine if a Product is due for periodic preventative maintenance and,for Devices, which parts will need to be proactively replaced in order to prevent another corrective maintenancevisit in the near future.

Each Service Organization usingOcéRemote Service will receive a unique identification code -a ServiceOrganization Identifier (�SOID�). After a Product has been installed and configured, the Service Organizationmust enter the SOID into the Product in order for the Product to be paired in OcéRemote Service to suchService Organization. Except as otherwise described below, a Service Organization will only have access to itsown connected Products and will be unable to see or access each other�s Products in the ORS Dashboard.

Print jobcontent data will never be sent from an OcéRemote Service connected Product to the OcéDataRequest Server. Océ/Canon only collects Product performance and service data in order to analyze such datato create initiatives to improve the OcéRemote Service.

As more fully described in the figure below, when Product performance and service data is collected by Océ/Canon from OcéRemote Service connected Dealer Products such data is automatically stripped of all Dealerinformation (i.e., SOID). Accordingly, Océ/Canon will be unable to associate a Product to a particular Dealer.

Océ / Canon will not have access to a Dealer�s Océ Remote Service connected Products through the ORSDashboard unless the Dealer specifically provides Océ/Canon with access thereto (either to a single Product orto the Dealer�s entire fleet of connected Products). A Dealer may choose to provide Océ/Canon with access toits connected Products in the ORS Dashboard to allow Océ/Canon to assist with maintenance and supportescalations.

Dealers will be able to provide access to OcéRemote Service connected Products to other Dealers by addingthe SOID of the �partner� Dealer to the Product. This �Shared Service� will allow the primary Dealer to extend its OcéRemote Service capabilities by workingtogether with other Dealers in geographical areas where theprimary Dealer does not have sufficient coverage.

OCÉ REMOTE SERVICE


16

7 Océ Data Security Policy

Océ / Canon’s commitment to data security, personal data protection and non-disclosure of confidentialinformation

The sensitive issue of data security, personal data protection and non-disclosure of confidential customerinformation is given high priority at Océ/Canon.

Regardless of the category or degree of secrecy and/or protection requirements regardinginformation providedto Océ/Canon by customers, this Section 7briefly describes what kind of protection measures and rules Océ/Canon has implemented within OcéRemote Service in order to maintain the confidentiality of Product serviceand meter data retrieved by the OcéRemote Service.

Data which is retrieved with OcéRemote Service will be transmitted back to Océ/Canon over aSecure Socket Layer encrypted channel.

Access to the systems diagnostics data is granted by the customer, upon the customer grantingOcé/Canon the permission of installingand/or enablingthe OcéRemote Service components on itsnetwork.

OcéRemote Service maintains no technical facilities whereby unauthorized access to data isenabled or supported (no backdoor access).

Data security and data protection policies are maintained at the Océ/Canon Data Center LAN.

Employees receive instructions regardinghow to comply with the provisions contained in thissecurity policy.

In addition, as part of their employment agreement, all Océ/Canon employees explicitly agree inwritingto keep confidential customer information secret and to comply with all applicable dataprotection provisions.

The Océ/Canon Data Center LAN is protected against unauthorized access through a multiplecontrol system (entry control).

Data processingsystems may only be accessed by authorized employees (physical access control).

Behind the Océ/Canon network which is protected by a firewall, Océ/Canon operates a proactiveupdated virus and patch management system includingmalware protection.

An internal incident management system based on ITIL(ITInfrastructure Library)has been inoperation for many years.

All of the above actions are subject to periodic review by the relevant bodies within Océ/Canon as Océ/Canonendeavors to protect Product diagnostics data from unauthorized access /use, etc., usingindustry standard datasecurity measures.

Service Diagnostics Software on the device collects diagnostics data and converts such data to informationuseful for the Canon /Océservice organizations. Except as may otherwise be permissioned by a customerduringa Remote Assistance session, neither customer specific information nor print jobspecific data is retrievedfrom the Product.

OCÉ REMOTE SERVICE


17

8 Glossary

Term Definition

OcéRemote Service Data Request Server The OcéRemote Service Data Request Server is themain OcéRemote Service Server which manages alldata requests towards the customer�s remote connected Products.

OcéRemote Service Firmware Distribution Server All firmware and software update packages arelocated and distributed to all connected systemsthrough the OcéRemote Service FirmwareDistribution Server.

OcéRemote Service Functional LoggingServer The OcéRemote Service Functional LoggingServer isspecifically dimensioned to handle large amounts ofsensory data and system logfiles comingfrom theProducts.

OcéRemote Service Plug-in The OcéRemote Service Plug-in is responsible forsettingup communication to the OcéRemote ServiceServers to execute pendingdata requests and to sendreal time device operator alerts to the Remote ControlCloud Services W ebsite.

OcéRemote Service Robin Server The OcéRemote Service Robin Server manages thesynchronization of the technical service manuals onthe connected systems.

OcéRemote Service Servers The OcéRemote Service Servers are a collection ofservers used to perform different remote servicefunctions.

ORS Dashboard The ORS Dashboard is a Service W ebPortalaccessible only by authorized service personnel ofCanon \Océand the Dealers and used to reviewservice data collected from the connected Products.

Remote Control App The Remote Control App is a customer-facingapplication used to obtain Device alerts (e.g., paperand toner outages) on a user�s mobile device, smartphone or tablet.

Remote Control Notification Cloud ServicesW ebsite

Customer Site Administrators can register theirProducts and operators on their Remote ControlNotification Cloud Services W ebsite. The pushnotification functionality available therein takes care ofrelayingthe Product alerts to the mobile device of theprint operator.

Service Diagnostics Software Service Diagnostics Software enables Field ServiceTechnicians to service and run tests on a Devicewithout the aid of a laptop.

OCÉ REMOTE SERVICE


18

OCÉ REMOTE SERVICE


19

Addendum

Remote Service Connectivity Information

0.

Rem

ote

Serv

ice

Remote Service Allowed Yes No

Remote Assistance Allowed Yes No

1.

Netw

ork

Serv

ices

DHCP Yes: skip * No: fill in *with ITAdmin

DNS Available Not Available

* Hostname ___________________ IP Address ___ ___ ___ _

Subnet mask ___ ___ ___ ___ Gateway ___ ___ ___

DNS server ___ ___ ___ ___ DNS suffix ________________

Primary W INS server ___ ___ ___ Secondary W INS server ___ _

2.

Pro

xy

Sett

ing

s

Direct Internet ConnectionProxy usingIP or hostname and Port Number (please fill in 1)Proxy usingauthentication (please fill in 1 and 2)

1)Proxy Server:

Proxy server IP/Name . . . . . . . . . . . . . . . . . . . . . . . . . . .

Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

2)Proxy Authentication:

User Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Password . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . .(if not filled in, have this available duringinstallation)

Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

3.

Rem

ote

Serv

ice

UR

Ls

used Firewall/Proxy requires URL white list information for outbound connection:

remoteservices.oce.com, (remoteservices-ac.oce.com1)remoteservices-cs.oce.com, (remoteservices-cs-qa.oce.com

1)

remoteservices-rdv.oce.com,remoteservices-firmware.oce.comRobin.oce.comCmtime.codemeter.com*.teamviewer.com (Teamviewer uses a large number of servers in a worldwide load balanced configuration)

1 this url is not mandatory but can be used by the device during trial /testingperiods

OCÉ REMOTE SERVICE

Océ ColorWave 900 & 910 Addendum

Addendum Océ ColorWave® 910 Compatible Océ Remote Service Features

Not all Océ Remote Service features are fully supported by the Océ ColorWave 910. The table below list all of Océ Remote Services features and describes whether or not the Océ ColorWave 910 supports them.

Océ Remote Service Feature Supported By Océ ColorWave 910 Automatic Meter Reads Yes (But not currently implemented in service support systems) Diagnostics Yes Remote Assistance (Team Viewer) Yes (But not currently implemented in service support systems) Remote Software Distribution No Event Forwarding No Remote License Upgrade No Remote Control (Mobile Alerting) No Telemetry (Customer Dashboard) No

Documents

Océ Remote Service - Canon Global › media › Assets › PDFs › ... · OCÉ REMOTE SERVICE Technology - Security Whitepaper R4-Public 6 2 Océ Remote Service General Architecture