Filter
Top Products
7
• Select the [Apply] button. This will disable the Admin Password Reset feature.
aa). The Custom Services (Extensible Interface Platform or EIP) feature should be disabled to be consistent with the evaluated
configuration. To disable this feature from the Web UI:
• Select the Properties tab.
• Select the following entries from the Properties 'Content menu’: Connectivity Protocols HTTP Web Services
tab.
• Make sure that the [Enable] checkbox associated with the Extensible Service Registration entry under Remote System
Management is not selected.
• Select the [Apply] button. This will ensure that Custom Services are disabled on the device.
bb). Network Accounting and Auxiliary Access should both be disabled to be consistent with the evaluated configuration. To
disable Network Accounting and Auxiliary Access from the Local UI:
• Select the [Machine Status] tab and then the [Tools] button. This will access the Tools Pathway.
• Select the following buttons from the Tools Pathway: Accounting Settings Accounting Mode.
• Make sure that neither the [Network Accounting] button nor the [Auxiliary Access] button is selected. From a security
perspective it does not matter whether the [None] or the [Xerox Standard Accounting] option is selected.
• Select the [Save] button. This will ensure that Network Accounting and Auxiliary Access are both disabled on the device.
cc). For evaluated configuration of Embedded Fax Xerox strongly recommends that the Secure Receive option be enabled
7
and
that the Local Polling option be disabled and that embedded fax mailboxes be used whenever practical to store fax jobs.
• To enable Secure Receive from the Local UI follow the instructions on page AdminstrationandAccounting-26 of the
Admin and Accounting Guide
8
. Make sure that the [Enable] button is selected.
• Local Polling should be disabled in the evaluated configuration. To disable Local Polling from the Local UI follow the
instructions on page FAX-24 of the Fax Guide
9
. Make sure that the Local Polling option is set to the [Off] (which is the
default setting) on the Local Polling screen.
• To set up Embedded Fax mailboxes from the Local UI follow the instructions on page AdminstrationandAccounting-28
of the Admin and Accounting Guide. Make sure that passcode selected for a newly created mailbox is not the default
value of ‘0000’.
• The Mailbox and Polling Policy should be set to delete received faxes when they are printed. To set the Mailbox and
Polling Policy follow the instructions on page AdminstrationandAccounting-28 of the Admin and Accounting Guide and
select the ‘Delete on Print’ option.
dd). Xerox strongly recommends that any print job submitted to the device from a client or from the WebUI be submitted as a
secure print job.
ee). To maintain the certified configuration, Xerox recommends that acceptance of customer software upgrades via the network
be disabled. To disable software upgrades via the network from the WebUI:
• Select the Properties tab.
• Select the following entries from the Properties 'Content menu’: General Setup Machine Software Upgrades.
• Make sure that the [Enable] checkbox associated with the Upgrades entry is not selected.
• Select the [Apply] button. This will ensure that software upgrades via the network are disabled on the device.
ff). Change the Administrator password as soon as possible. Reset the Tools password periodically.
Xerox recommends that you (1) set the Administrator password to a minimum length of eight alphanumeric characters, (2)
change the Administrator password once a month and (3) ensure that all passwords are strong passwords (e.g., passwords
use a combination of alphanumeric and non-alphanumeric characters; passwords don’t use common names or phrases,
etc.).
For directions on how to change the Tools password, follow the “How to change the Administrator Password” instructions on
page 3-1 in the SAG.
2. If SNMP v3 is not enabled, Xerox recommends that the System Administrator change the SNMP v1/v2c public/private
community strings from their default string names to random string names.
7
This will apply to any received fax, including faxes that are remotely polled to the device from another remote fax machine or remote device.
8
ColorQube™ 9201/9202/9303 Advanced Guide Administration and Accounting, Version 1.0 (05/09)
9
ColorQube™ 9201/9202/9303 Advanced Guide Fax, Version 1.0 (05/09).