Xerox WorkCentre 7220 Information

Also see for WorkCentre 7220: Manual Installation and operation User information Secure installation and operation Specifications

Xerox WorkCentre 7220 Information Manual pdf 36 page image

WorkCentre 7220-7225 Information Assurance Disclosure PaperVer. 1.0, January 2013 Page 36 of 614.Security Aspects of SelectedFeatures4.1. McAfee Enhanced Security / IntegrityControlXerox has partnered with industry leader McAfee to include the Enhanced Security feature which uses McAfeeEmbedded Control, the same technology you can purchase for your computer. The McAfee agent is included withthe device software which enables communication with McAfee tools such as the ePolicy Orchestrator.The McAfee Enhanced Security and optional Integrity Control features use “whitelisting” technology to protect yourXerox devices from attack. On the Xerox device, there are critical files and directories designated read-only and somedesignated write-only. If attempts are made to write to a read-only or read from a write-only file or directory, inaddition to being prevented, this creates an event which will be recorded in the device Audit Log. Further, if e-mailalerts are configured on the Xerox device, an e-mail would be sent to the configured address with details of the event.Software upgrades are handled by designating the software upgrade process as a trusted updater. Once the digitalsignature is verified, the new software is installed and with it, a new whitelist for the new version. The digitalsignature prevents corrupted files from being installed by verification that the file is genuine Xerox software and hasnot been modified.The use of digital signatures and the whitelisting technique, to stop unauthorized reads, writes, and optionallyexecution, prevents malicious code from harming your device, regardless of where the attack originated.4.1.1 Enhanced SecurityThe Xerox Embedded Control feature is installed and enabled by default. This feature prohibits unauthorized reads,writes and modifications to critical control and configuration files on the device. The system also allows for an e-mailaddress to be configured so that alerts may be sent when unauthorized access is attempted. Details forconfiguration are contained in the McAfee Embedded Control section of the System Administrators Guide for yourXerox device.4.1.2 Integrity Control (Optional Feature)Integrity Control is a purchasable software option that combines the standard Enhanced Security features with theability to monitor and prevent unauthorized execution of files that were not part of the standard Xerox devicesoftware.4.1.3 ePolicy OrchestratorTo enable ePolicy Orchestrator, download and install the Xerox extensions for McAfee ePO. Details for this areavailable in the System Admin Guide in the section entitled Configuring for McAfee ePO Server Alerts.