Home > Konica > Printer > Konica Minolta bizhub 223 User Manual

Konica Minolta bizhub 223 User Manual

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual Konica Minolta bizhub 223 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 61 Konica manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 55
    Add page 1 to Favourites
    image text
    Enable zoom 
    							A1UD-9611A-00  BK
Copyright
2010A1UD-9611A-00
2010. 6
Ver. 1.01
User’s Guide  [Security Operations]
http://konicaminolta.com
Downloaded From ManualsPrinter.com Manuals
    Add page 2 to Favourites
    image text
    Enable zoom 
    							bizhub 423/363/283/223Contents-1
Contents
1 Security
1.1 Introduction .....................................................................................................................................  1-2
Compliance with the ISO15408 Standard ......................................................................................... 1-2
Operating Precautions ....................................................................................................................... 1-2
INSTALLATION CHECKLIST.............................................................................................................. 1-3
1.2 Security Functions ..........................................................................................................................  1-4
Check Count Clear Conditions .......................................................................................................... 1-4
1.3 Data to be Protected ......................................................................................................................  1-5
1.4 Precautions for Operation Control ................................................................................................  1-6
Roles and Requirements of the Administrator ................................................................................... 1-6
Password Usage Requirements ........................................................................................................ 1-6
Operation and control of the machine ............................................................................................... 1-6
Network Connection Requirements for the Machine......................................................................... 1-7
Machine Maintenance Control ........................................................................................................... 1-7
Implementing digital signature properly............................................................................................. 1-7
Operating conditions for the IC card and IC card reader .................................................................. 1-7
IC card owner requirements .............................................................................................................. 1-7
1.5 Miscellaneous..................................................................................................................................  1-8
Password Rules ................................................................................................................................. 1-8
Precautions for Use of Various Types of Applications....................................................................... 1-8
Items of Data Cleared by Overwrite All Data Function...................................................................... 1-8
Items cleared by HDD Format ........................................................................................................... 1-8
Fax functions...................................................................................................................................... 1-9
2 Administrator Operations
2.1 Accessing the Administrator Settings ..........................................................................................  2-2
2.1.1 Accessing the Administrator Settings ................................................................................................ 2-2
2.1.2 Accessing the User Mode .................................................................................................................. 2-4
2.2 Preventing Unauthorized Access ..................................................................................................  2-6
Setting Prohibited Functions When Authentication Error .................................................................. 2-6
2.3 Setting the External Server ............................................................................................................  2-9
Setting the External Server ................................................................................................................ 2-9
2.4 System Auto Reset Function .......................................................................................................  2-12
Setting the System Auto Reset function .......................................................................................... 2-12
2.5 Changing the Administrator Password .......................................................................................  2-14
Changing the Administrator Password ............................................................................................ 2-14
2.6 Protecting Data in the HDD ..........................................................................................................  2-16
2.6.1 Setting the Encryption Key (encryption word) ................................................................................. 2-16
2.6.2 Changing the Encryption Key .......................................................................................................... 2-22
2.7 Overwrite All Data Function .........................................................................................................  2-24
Setting the Overwrite All Data function ............................................................................................ 2-24
2.8 S/MIME Communication Setting Function .................................................................................  2-26
Setting the S/MIME Communication ............................................................................................... 2-26
2.9 PC-Fax RX Setting Function ........................................................................................................  2-29
PC-Fax RX Setting ........................................................................................................................... 2-29
2.10 TSI User Box Setting Function .....................................................................................................  2-31
TSI User Box Setting........................................................................................................................ 2-31
2.11 TCP/IP Setting Function ...............................................................................................................  2-33
2.11.1 Setting the IP Address ..................................................................................................................... 2-33
2.11.2 Registering the DNS Server ............................................................................................................. 2-33
2.12 NetWare Setting Function ............................................................................................................  2-34
Making the NetWare Setting ............................................................................................................ 2-34
2.13 SMB Setting Function .......................................................................................................
............  2-35
Downloaded From ManualsPrinter.com Manuals
    Add page 3 to Favourites
    image text
    Enable zoom 
    							bizhub 423/363/283/223Contents-2
Setting the NetBIOS Name .............................................................................................................. 2-35
2.14 E-Mail Setting Function ................................................................................................................  2-36
Setting the SMTP Server (E-Mail Server) ......................................................................................... 2-36
3 User Operations
3.1 User Authentication Function ........................................................................................................  3-2
User authentication using the IC card ............................................................................................... 3-2
3.2 Encrypted Document Function ......................................................................................................  3-4
Accessing the Encrypted document .................................................................................................. 3-4
3.3 Scan to Me Function .......................................................................................................................  3-5
Scan to Me procedure ....................................................................................................................... 3-5
Downloaded From ManualsPrinter.com Manuals
    Add page 4 to Favourites
    image text
    Enable zoom 
    							1Security
Downloaded From ManualsPrinter.com Manuals
    Add page 5 to Favourites
    image text
    Enable zoom 
    							bizhub 423/363/283/2231-2
1.1 Introduction1
1 Security
1.1 Introduction
Thank you for purchasing our product.
This User’s Guide contains the operating procedures and precautions to be used when using the security 
functions offered by the bizhub 423/363/283/223 machine. To ensure the best possible performance and ef-
fective use of the machine, read this manual thoroughly before using the security functions. The Administrator 
of the machine should keep this manual for ready reference. The manual should be of great help in finding 
solutions to operating problems and questions.
This User’s Guide (Ver. 1.01) describes bizhub 423/bizhub 363/bizhub 283/bizhub 223 PKI Card System Con-
trol Software (MFP Controller:A1UD0Y0-0100-G00-20).
Compliance with the ISO15408 Standard
The security functions offered by the bizhub 423/363/283/223 machine comply with ISO/IEC15408 (level: 
EAL3).
Operating Precautions
The machine gives an alarm message or an alarm sound (peep) when a wrong operation is performed or a 
wrong entry is made during operation of the machine. (No peep alarm sound is issued if a specific sound 
setting in Sound Setting of Accessibility Setting is set to [OFF].) If the alarm message or alarm sound is given, 
perform the correct operation or make the correct entry according to the instructions given by the message 
or other means.
The Administrator of the machine should exit from the current mode to return to the basic screen whenever 
the access to that mode is completed or if he or she leaves the machine with the mode screen left displayed.
The Administrator of the machine should make sure that each individual general user exits from the current 
mode to return to the basic screen whenever the access to that mode is completed or if the user leaves the 
machine with the mode screen left displayed.
If an error message appears during operation of the machine, perform steps as instructed by the message. 
For details of the error messages, refer to the User’s Guide furnished with the machine. If the error cannot be 
remedied, contact your service representative.
Downloaded From ManualsPrinter.com Manuals
    Add page 6 to Favourites
    image text
    Enable zoom 
    							bizhub 423/363/283/2231-3
1.1 Introduction1
INSTALLATION CHECKLIST
This Installation Checklist contains items that are to be check by the Service Engineer installing this machine.
The Service Engineer should check the following items, then explain each checked item to the Administrator 
of the machine.
To Service Engineer
Make sure that each of these items is properly carried out by checking the box on the right of each item.
To make sure that the machine is used properly, make each setting according to the above checklist. Also, 
make the necessary settings according to the above checklist whenever the machine is initialized by HDD 
Format or Initialization to thereby make sure that the machine is in the correct operating condition.
When the above steps have been properly carried out, the Service Engineer should make a copy of this page 
and give the original of this page to the Administrator of the machine. The copy should be kept at the corre-
sponding Service Representative for filing.1. Perform the following steps before installing this machine. Completed
I swear that I would never disclose information as it relates to the settings of this ma-
chine to anybody, or perform malicious or intentional act during setup and service 
procedures for the machine.
2. After this machine is installed, refer to the Service Manual and perform the following 
steps.
Check that the basic screen after the machine has been started is the authentication 
screen using the IC card, indicating that the machine is an MFP that supports the 
PKI card authentication system.
Check that the Firmware version (MFP Controller, CheckSum) indicated in the Ser-
vice Manual matches the values shown in the Firmware Version screen.
If there is a mismatch in the Firmware version number, explain to the Administrator 
of the machine that upgrading of the Firmware is necessary and perform upgrading 
of the Firmware.
Set CE Authentication to [ON] and set the CE Password.
Check that CS Remote Care is set to RAM Clear Set, Internet ISW Setting to OFF, 
and HDD to Installed.
Check that the Fax Kit has been mounted and set up properly, if fax functions are to 
be used.
3. After this machine is installed, refer to this User’s Guide and perform the following 
steps.
Check that the Administrator Password has been set by the Administrator of the ma-
chine.
Check that the Encryption Key has been set by the Administrator of the machine.
Check that External Server has been set by the Administrator of the machine.
Check that Prohibited Functions When Authentication Error has been set to [Mode 
2] by the Administrator of the machine.
Check that PageScope Web Connection has been set to [OFF] by the Administrator 
of the machine.
Check that Access Setting of OpenAPI has been set to [Restrict] by the Administrator 
of the machine.
Check that TCP Socket has been set to [OFF] by the Administrator of the machine.
Check that FTP Server has been set to [OFF] by the Administrator of the machine.
Check that Write Setting of SNMP v1/v2c Settings has been set to [Invalid] and 
SNMP v3(IP) has been set to [OFF] by the Administrator of the machine.
The language, in which the contents of the User’s Guide Security Operations have 
been evaluated, is English.
Explain the way how to get the manual in the language, in which it is evaluated.
Explain to the administrator that the settings for the security functions for this ma-
chine have been specified.
Product Name Company Name User Division Name Person in charge
Customer (Administrator of Machine)
Service Representative -
Downloaded From ManualsPrinter.com Manuals
    Add page 7 to Favourites
    image text
    Enable zoom 
    							bizhub 423/363/283/2231-4
1.2 Security Functions1
1.2 Security Functions
A password that can be set must meet the requirements of the Password Rules. The machine does not ac-
cept setting of an easily decipherable password. For details of the Password Rules, see page 1-8.
If a wrong password is entered, during password authentication, a predetermined number of times (once to 
five times) or more set by the Administrator of the machine, the machine determines that it is unauthorized 
access through Prohibited Functions When Authentication Error, prohibiting any further entry of the pass-
word. By prohibiting the password entry operation, the machine prevents unauthorized use or removal of da-
ta, thereby ensuring secured used of the machine.
By setting the Encryption Key, the data saved in the HDD is encrypted, thereby protecting the data in the 
HDD. Note, however, that the Encryption Key does not prevent the HDD from being physically removed. 
Make sure of a good operation control.
When the machine is to be discarded, or use of a leased machine is terminated at the end of the leasing con-
tract, the Overwrite All Data function overwrites and erases all data stored in all spaces of the HDD. The func-
tion also resets all passwords saved in the NVRAM to factory settings, preventing leak of data. For details of 
items to be cleared by Overwrite All Data function, see page 1-8.
Check Count Clear Conditions
The following are the conditions for clearing or resetting the check count of the number of wrong entries when 
[Mode 2] is set for Prohibited Functions When Authentication Error.

-Authentication of Administrator Settings is successful.
Downloaded From ManualsPrinter.com Manuals
    Add page 8 to Favourites
    image text
    Enable zoom 
    							bizhub 423/363/283/2231-5
1.3 Data to be Protected1
1.3 Data to be Protected
The underlying concept of this machine toward security is to protect data that can be disclosed against the 
intention of users.
The following types of image files that have been saved in the machine and made available for use by its users 
are protected while the machine is being used.
-Encrypted document transmitted to the machine using a dedicated printer driver and an IC card from 
the client PC and saved in the machine
-Image files which have been scanned for transmission to a user mail address through e-mail (S/MIME)
The following types of data saved in the HDD are protected when use of a leased machine is terminated at 
the end of the leasing contract, the machine is to be discarded, or when the HDD is stolen.
-Encrypted document
-Scanned image files
-Image files other than Encrypted document
-Image files of jobs in the queue state other than Scanned image files
-Data files left in the HDD data space, used as image files and not deleted through the general deletion 
operation
-Temporary data files generated during print image file processing
Downloaded From ManualsPrinter.com Manuals
    Add page 9 to Favourites
    image text
    Enable zoom 
    							bizhub 423/363/283/2231-6
1.4 Precautions for Operation Control1
1.4 Precautions for Operation Control
This machine and the data handled by this machine should be used in an office environment that meets the 
following conditions. The machine must be controlled for its operation under the following conditions to pro-
tect the data that should be protected.
Roles and Requirements of the Administrator
The Administrator should take full responsibility for controlling the machine, thereby ensuring that no improp-
er operations are performed.

-A person who is capable of taking full responsibility for controlling the machine should be appointed as 
the Administrator to make sure that no improper operations are performed.
-When using an SMTP server (mail server) or an DNS server, each server should be appropriately man-
aged by the Administrator and should be periodically checked to confirm that settings have not been 
changed without permission.
Password Usage Requirements
The Administrator must control the Administrator Password and Encryption Key appropriately so that they 
may not be leaked. These passwords should not be ones that can be easily guessed.

-Make absolutely sure that only the Administrator knows the Administrator Password and Encryption 
Key.
-The Administrator should set an 8-to-16-digit Administrator Password. (Selectable from among a total 
of 93 characters)
-The Administrator must change the Administrator Password and Encryption Key at regular intervals.
-The Administrator should make sure that any number that can easily be guessed from birthdays, em-
ployee identification numbers, and the like is not set for the Administrator Password and Encryption 
Key.
-If the Administrator Password has been changed by the Service Engineer, the Administrator should 
change the Administrator Password as soon as possible.
Operation and control of the machine
The Administrator of the machine should perform the following operation control.
-The Administrator of the machine should log off from the Administrator Settings whenever the operation 
in the Administrator Settings is completed. The Administrator of the machine should also make sure 
that each individual user logs off from the User Authentication mode after the operation in the User Au-
thentication mode is completed, including operation of the Encrypted document.
-The Administrator of the machine should set the Encryption Key according to the environment, in which 
this machine is used.
-The Administrator should enable Prohibited Functions When Authentication Error and control the oper-
ation of the machine for use in [Mode 2].
-The Administrator should disable PageScope Web Connection and control the operation of the ma-
chine for use in the disable state.
– To disable PageScope Web Connection, press the [Utility/Counter] key, and then [Administrator Set-
tings] - [Network Settings] - [HTTP Server Settings] on the MFP control panel, and set PSWC Settings 
to OFF.
-The Administrator should disable OpenAPI and control the operation of the machine for use in the dis-
able state.
– To disable OpenAPI, press the [Utility/Counter] key, and then [Administrator Settings] - [System Con-
nection] - [OpenAPI Settings] on the MFP control panel, and set Access Setting to Restrict.
-The Administrator should disable the TCP Socket and control the operation of the machine for use in 
the disable state.
– To disable the TCP Socket, press the [Utility/Counter] key, and then [Administrator Settings] - [Network 
Settings] - [Forward] - [TCP Socket Settings] on the MFP control panel, and set TCP Socket to OFF.
-The Administrator should disable the FTP Server and control the operation of the machine for use in the 
disable state.
– To disable the FTP Server, press the [Utility/Counter] key, and then [Administrator Settings] - [Network 
Settings] - [FTP Settings] on the MFP control panel, and set FTP Server Settings to OFF.
Downloaded From ManualsPrinter.com Manuals
    Add page 10 to Favourites
    image text
    Enable zoom 
    							bizhub 423/363/283/2231-7
1.4 Precautions for Operation Control1
-The Administrator should disable Write Setting of SNMP v1/v2c and control the operation of the ma-
chine for use in the disable state.
– To disable Write Setting of SNMP v1/v2c, press the [Utility/Counter] key, and then [Administrator Set-
tings] - [Network Settings] - [SNMP Settings] - [Forward] - [SNMP v1/v2c Settings] - [Forward] on the 
MFP control panel, and set Write Setting to Invalid.
-The Administrator should disable SNMP v3 and control the operation of the machine for use in the dis-
able state.
– To disable SNMP v3, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Set-
tings] - [SNMP Settings] on the MFP control panel, and set SNMP v3(IP) to OFF.
Network Connection Requirements for the Machine
If the LAN is to be connected to an outside network, no unauthorized attempt to establish connection from 
the external network should be permitted.

-If the LAN, in which the machine is installed, is connected to an outside network, install a firewall or 
similar network device to block any access to the machine from the outside network and make the nec-
essary settings.
Machine Maintenance Control
The Administrator of the machine should perform the following maintenance control activities.
-Provide adequate control over the machine to ensure that only the Service Engineer is able to perform 
physical service operations on the machine.
-Provide adequate control over the machine to ensure that any physical service operations performed 
on the machine by the Service Engineer are overseen by the Administrator of the machine.
Implementing digital signature properly
The Administrator of the machine should make the setting for adding a digital signature by selecting either 
[Always add signature] or [Select when sending]. He or she should make sure that the digital signature is add-
ed whenever an IC card owner sends highly confidential image data to the client PC.
Operating conditions for the IC card and IC card reader
The machine supports the following types of IC card and IC card reader.
-The types of IC cards supported by the machine are the Common Access Card (CAC) and Personal 
Identity Verification (PIV).
-The type of IC card reader supported by the machine is AU-211P. Be sure to use the IC card reader 
provided by the Service Representative. For details, contact your Service Representative.
The service representative is to install the IC card reader to the USB port on the rear right side of the machine. 
The Administrator of the machine should make sure that the user will not relocate the IC card reader to any 
other USB port. Operation through any other USB port is not guaranteed.
IC card owner requirements
The Administrator of the machine should make sure that operating rules that specify the following operations 
exist within the organization and that the operations are implemented according to the rules.
-The person responsible within the organization that uses the machine should distribute the IC card is-
sued for use by the organization to a specific person who is authorized to own the IC card.
-The person responsible within the organization that uses the machine should prohibit the user from 
transferring or lending the IC card to any third person and make sure that the user reports any lost IC 
card. If the IC card is lost, the system is at risk of being illegally accessed. In such cases, the registered 
user in question should be deleted from the external server, so that the lost IC card is disabled for au-
thentication.
-The person responsible within the organization that uses the machine should make sure that each IC 
card user removes his or her IC card from the card reader and never leaves the card in the card reader 
after he or she completes the operation of the machine.
Downloaded From ManualsPrinter.com Manuals
    All Konica manuals Comments (0)

    Related Manuals for Konica Minolta bizhub 223 User Manual