Extended Security
Device Management > Configuration > Security > Extended Security

Configure settings for extended security.

Note

  • Settings on this page can be changed by the following administrators and users:
    • Network Administrator (Driver Encryption Key, Driver Encryption Key: Encryption Strength, Settings by SNMPv1, v2)
    • Machine Administrator (Restrict Display of User Information, Transfer to Fax Receiver, Authenticate Current Job, @Remote Service, Update Firmware, Change Firmware Structure)
    • Users Administrator (Encrypt User Custom Settings & Address Book, Restrict Use of Destinations (Fax), Restrict Use of Destinations (Scanner), Password Policy)
    • File Administrator (Enhance File Protection)

Driver Encryption Key

When user authentication is configured, specify the character string for the key used for encrypting the login passwords or document passwords that are sent from each kind of driver.
To specify the driver encryption key, register the encryption key specified using the machine in the driver. Click the Change button to open the Driver Encryption Key page, and then specify the driver encryption key.

For details about the Driver Encryption Key page

Driver Encryption Key: Encryption Strength

Specify the encryption strength of the driver encryption key.

Simple Encryption

All jobs that support user authentication are accepted.

DES

Jobs encrypted with Simple Encryption or DES are accepted.

AES

Jobs encrypted with Simple Encryption, DES, or AES are accepted.

Note

  • If you select AES or DES, specify the encryption settings using the printer driver.
    For details about specifying the printer driver, see the printer driver's Help.

Restrict Display of User Information

This can be specified if user authentication is set. When the job history is checked using a network connection for which authentication is not available, all personal information can be displayed as "********".

Encrypt User Custom Settings & Address Book

Specify whether to encrypt the individual settings of the machine's users and the data in the Address Book. If you select On, configure the encryption key.

Encryption Key

Configure the encryption key to encrypt the individual settings of the users and the data in the Address Book.
Click the Change button to open the Encryption Key page, and then specify the key.

For details about the Encryption Key page

Encrypt/Decrypt

Click the Execute button to encrypt the individual settings and the address book data, using the specified encryption key.
If you have changed the encryption key, the data is decrypted with the old key and re-encrypted with the new one.

Enhance File Protection

Locks a file protected by password if an invalid password is entered ten times for the file.

Restrict Use of Destinations (Fax)

Specify whether or not to limit the available fax destinations to the destinations registered in the Address Book.
If you select On, a user cannot enter the destinations for transmission manually.

Restrict Adding of User Destinations (Fax)

If you set Restrict Adding of User Destinations (Fax) to Off, specify whether or not to allow users to register a fax destination in the Address Book using the fax number manually entered. Normally, users can register a fax destination in the Address Book by manually entering a fax number and then pressing the Program Dest. button. If you set this function to On, users can enter a destination manually but cannot register that destination in the Address Book by pressing the Program Dest. button. This function restricts user registration in the Address Book.

Restrict Use of Destinations (Scanner)

Specify whether or not to limit the available scanner destinations to the destinations registered in the Address Book.
If you select On, a user cannot enter the destinations for transmission manually.

Restrict Adding of User Destinations (Scanner)

If you set Restrict Adding of User Destinations (Scanner) to Off, specify whether or not to allow users to register a scanner destination in the Address Book using the destination manually entered. Normally, users can register a scanner destination in the Address Book by manually entering the destination and then pressing the Program Dest. button. If you set this function to On, users can enter a destination manually but cannot register that destination in the Address Book by pressing the Program Dest. button. This function restricts user registration in the Address Book.

Transfer to Fax Receiver

If you use Forwarding or Transfer Box under the fax function, files stored in the machine can be transferred or delivered.
To prevent stored files being transferred by mistake, select Prohibit for this setting.

Authenticate Current Job

When User Authentication Management is configured, specify whether or not authentication is required for operations such as canceling jobs under the copier and printer functions.

Off

You cannot print for authenticated jobs .

Login Privilege

Authorized users and the machine administrator can use the machine. When this is selected, authentication is not required for users who logged in to the machine before Login Privilege was selected.

Access Privilege

Any user who performed a copy or print job can cancel the job.
Also, the machine administrator can cancel the user's copy or print job.

Note

  • Even if you select Login Privilege and log on to the machine, you cannot cancel a copy or print job that is being processed if you are not privileged to use the copy and printer functions.

@Remote Service

Specify whether or not to disable communication via HTTPS for @Remote Service.

Update Firmware

Specify whether or not to disable firmware updates on the machine.

Change Firmware Structure

Specify whether or not to prevent changes in the machine's firmware structure.
Change firmware structure refers to insertion and removal of SD cards containing firmware, and insertion of incorrect SD cards.

Password Policy

Specify Complexity Setting and Minimum Character No. for the password.
By making this setting, you can limit the available passwords to only those that meet the conditions specified in Complexity Setting and Minimum Character No..
If you select Level 1, specify the password using a combination of two types of characters selected from upper-case letters, lower-case letters, decimal numbers, and symbols such as #.
If you select Level 2, specify the password using a combination of three types of characters selected from upper-case letters, lower-case letters, decimal numbers, and symbols such as #.

Settings by SNMPv1, v2

Specify whether or not to disable settings with SNMPv1, v2 protocol.
When the machine is accessed using the SNMPv1, v2 protocol, authentication cannot be performed, allowing machine administrator settings such as the paper setting to be changed. If you select Prohibit, the setting can be viewed but not specified with SNMPv1, v2.

Security Setting for Access Violation

An application using network connection may cause multiple authentication attempts to the device even if a user sends only one authentication command using the application.
In this case, if the authentication fails due to an incorrect password, the device may count the failure as the multiple authentication failures and then lock out the user.
If you select On, you can prevent such user lockouts.

Denial Duration for Access Violation

Specify a period during when to exclude from the user lockout count repeated access by the same user ID and password.
If you fail to login after the specified period elapses from the last authentication failure, this access is counted as an authentication failure and classified as the target of user lockout.

Managed User Host Limit

Specify how many users to be excluded from the user lockout can be monitored.
If the number of users exceeds the specified number, the oldest user information is erased and the new information is retained. The erased users will be classified as the target of user lockout even during the period specified for Denial Duration for Access Violation.

Password Entry Host Limit

Specify the number of passwords excluded from the lockout count.
If the number of the passwords exceeds the specified number, the old password information is erased and the new information is retained.
The erased passwords will be locked out even when Denial Duration for Access Violation is configured.

Specify how many passwords to be excluded from the user lockout can be monitored.
If the number of password exceeds the specified number, the oldest password information is erased and the new information is retained.
The erased password will be classified as the target of user lockout even during the period specified for Denial Duration for Access Violation.

Status Monitor Interval

Specify the interval for monitoring the information of Managed User Host Limit and Password Entry Host Limit.

Password Entry Violation

If the number of authentication requests exceeds the specified setting, the system classifies the access session as a password attack.
The access session is recorded in the access log and the log data is sent to the machine administrator by email.

Maximum Allowed Number of Access

Specify the maximum number of allowable authentication attempts. If the number is set to 0, password attacks are not detected.

Measurement Time

Specify the interval to count the number of repeated failed authentication attempts. When the measurement time is over, the logged counts of failed authentication attempts are cleared.

Device Access Violation

If the number of log in requests exceeds the setting, the system classifies the access session as an access violation.
The access session is recorded in the access log and the log data is sent to the machine administrator by e-mail. Also, a message is displayed on the control panel and on Web Image Monitor.

Note

Maximum Allowed Number of Access

Specify the maximum number of allowable access attempts. If the number is set to 0, password attacks are not detected.

Measurement Time

Specify the interval to count the number of excessive access. When the measurement time is over, the logged counts of access are cleared.

Authentication Delay Time

Specify the authentication delay time when an access violation is detected.
This function prevents system down due to the access violation.

Simultaneous Access Host Limit

Specify the number of acceptable authentication attempts when authentications are delayed due to an access violation.

Buttons

To Top of the Page

Refresh

Click to update the currently displayed information.

Note

OK

Click to apply the settings.

Cancel

Click to cancel the settings.

 

To Top of the Page