Management Functions

Document number: 9737-0JY

Registering Department IDs

Up to 300 Department IDs can be registered.

Firewall Settings

When specifying IP addresses in firewall settings, up to 16 IP addresses (or ranges of IP
addresses) can be specified for both IPv4 and IPv6.
When specifying MAC addresses in firewall settings, up to 32 MAC addresses can be specified.

IPSec

IPSec of the machine conforms to RFC2401, RFC2402, RFC2406, and RFC4305.
Operating system of connected device
Windows 8.1
Windows 10
Windows 11
Connection mode
Transport mode
Key exchange protocol
IKEv1 (main mode)
Authentication method
Pre-shared key
Digital signature
Hash algorithm (and key length)
HMAC-SHA1-96
HMAC-SHA2 (256 bits or 384 bits)
Encryption algorithm (and key length)
3DES-CBC
AES-CBC (128 bits, 192 bits, 256 bits)
Key exchange algorithm/group (and key length)
Diffie-Hellman (DH)
Group 14 (2048 bits)
ECDH-P256 (256 bits)
ECDH-P384 (384 bits)
ESP
Hash algorithm
HMAC-SHA1-96
Encryption algorithm (and key length)
3DES-CBC
AES-CBC (128 bits, 192 bits, 256 bits)
Hash/encryption algorithm (and key length)
AES-GCM (128 bits, 192 bits, 256 bits)
AH
Hash algorithm
HMAC-SHA1-96
IPSec supports communication to a unicast address (single device).

Registration of Certificates (User Signature Certificates, Key, CA Certificates)

The algorithms and formats of keys and certificates that can be registered are as follows.
RSA signature
algorithm:
SHA-1*1/SHA-256/SHA-384*2/SHA-512*2
RSA public-key algorithm (key length):
RSA (512 bits/1024 bits/2048 bits/4096 bits)
DSA signature
algorithm:
SHA-1*1
DSA public-key
algorithm (key
length):
DSA (1024 bits/2048 bits/3072 bits)
ECDSA signature algorithm:
SHA-1*1/SHA-256/SHA-384/SHA-512
ECDSA public-key algorithm (key length):
ECDSA (P256/P384/P521)
Certificate format:
User Signature Certificates, Key: PKCS#12
CA Certificates: X.509 DER/PEM
File extension:
User Signature Certificates, Key: p12/pfx
CA Certificates: cer/pem
Maximum
number of
registrable
certificates:
Key: 5
CA Certificates: 88
*1 Available only when installed by using the Remote UI.
*2 Available only when the key algorithm is 1024 bits or more.

Definition of "Weak Encryption"

When [Prohibit Use of Weak Encrypt.] is set to [On], the use of the following algorithms are prohibited.
Hash:
MD4, MD5, SHA-1
HMAC:
HMAC-MD5
Common key
cryptosystem:
RC2, RC4, DES
Public key
cryptosystem:
RSA encryption (512 bits/1024 bits), RSA signature (512 bits/1024 bits), DSA (512 bits/1024 bits), DH (512 bits/1024 bits)
Even when [Prohibit Weak Encryp. Key/Cert.] is set to [On], the hash algorithm SHA-1, which is used for signing a root certificate, can be used.

Log Management

The following types of logs can be managed on the machine. Collected logs can be exported in the CSV file format.
Log Type
Number Indicated as "Log Type" in the CSV File
Description
Job Log
128
Scan logs are not supported. There are three types of logs: Copy Job History, Print History, and Communication History.
Transmission Log
128
The log contains information related to transmissions.

Import/Export of the Setting Data

See Settings Menu Items.

Max. Destinations Registered to Address Book

See Address Book Function.

TLS

The following combinations of the TLS version and algorithm are usable:
: Usable     : Not usable
Algorithm
TLS Version
TLS 1.3
TLS 1.2
TLS 1.1
TLS 1.0
Encryption Algorithm
AES-CBC (256bit)
AES-CBC (128bit)
AES-GCM (256bit)
AES-GCM (128bit)
3DES-CBC
CHACHA20-POLY1305
Key Exchange Algorithm
RSA
ECDHE
X25519
Signature Algorithm
RSA
ECDSA
HMAC Algorithm
SHA1
SHA256
SHA384

Find manuals for other products
imageRUNNER C3322L
User's Guide (Product Manual)
USRMA-8270-002023-06Copyright CANON INC. 2023