Preventing Unauthorized Access

This section describes the security measures on how to prevent unauthorized access from the external network. This is a must-read for all users and administrators before using this machine, other printers, and multifunction machines connected to the network. In recent years, a printer/multifunction machine connected to the network can offer you a variety of useful functions, such as printing from a computer, operating from a computer using the remote function, and sending scanned documents via the Internet. On the other hand, it is essential to take security measures to reduce the security risk for information leakage, as a printer/multifunction machine has become more exposed to threats, such as unauthorized access and theft, when it is connected to the network. This section explains necessary settings you need to specify to prevent unauthorized access before using your machine connected to the network.

Assigning a Private IP Address

An IP address is a numerical label assigned to each device participating in a computer network. A "global IP address" is used for the communication connecting to the Internet, and a "private IP address" is used for the communication within a local area network, such as a LAN in the company. If a global IP address is assigned, your machine is open to the public and can be accessed via the Internet. Thus, the risk of information leakage due to unauthorized access from external network increases. On the other hand, if a private IP address is assigned, your machine is closed to a local area network and can be accessed by only users on your local area network, such as a LAN in the company.
Global IP Address
Private IP Address
Can be accessed from users outside a local area network
Can be accessed from users within a local area network
Normally, assign a private IP address to your machine. Make sure to confirm whether the IP address assigned to your machine is a private IP address. A private IP address is found in one of the following ranges.
Ranges for private IP addresses
From 10.0.0.0 to 10.255.255.255
From 172.16.0.0 to 172.31.255.255
From 192.168.0.0 to 192.168.255.255
For information on how to confirm the IP address, see Viewing IPv4 Settings.
NOTE
If a global IP address is assigned to your machine, you can create a network environment to reduce the risk of unauthorized access by installing security software, such as a firewall that prevents access from the external networks. If you want to assign a global IP address to your machine, contact your Network Administrator.

Using Firewall to Restrict Transmission

A firewall is a system that prevents unauthorized access from the external networks and protects against attacks/intrusions to a local area network. You can use a firewall on your network environment to block access from the external network that appears to be dangerous, by restricting communication from specified IP address of the external network. The function installed to a Canon printer/multifunction machine enables you to set up the IP address filter. For information on how to set up an IP address filter, see Restricting Communication by Using Firewalls.

Specifying the TLS Encrypted Communication

For information on the TLS encrypted communication, see Implementing Robust Security Features, and on the procedures to specify, see Enabling TLS Encrypted Communication for the Remote UI.

Setting PIN to Manage Information Stored in the Multifunction Machine

If a malicious third party attempts to gain unauthorized access to your machine, setting PIN to information stored in the machine will reduce the risk of information leakage. A Canon printer/multifunction machine enables you to protect various type of information by setting PIN.
Setting PIN to each function
For information on setting a PIN for the Remote UI, see Setting a Remote UI PIN.
For information on setting a PIN for the System Manager ID, see Setting the System Manager ID.
Listed above are some examples of security measures for preventing unauthorized access. For more information on the other security measures, see Security and take necessary security measures for preventing unauthorized access to suit your environment.
0RCL-0A2