[Prohibit Use of Direct Connection] | <Use Direct Connection> and <Always Keep Enabled If SSID/Network Key Specified> are set to <Off>. It is not possible to access the machine from mobile devices. | |
[Prohibit Use of Wireless LAN] | If <Select Interface> is set to <Wireless LAN> or <Wired LAN + Wireless LAN>, it changes to <Wired LAN>. Wireless connections can no longer be made via a wireless LAN router or access point. |
[Prohibit use as USB device] | <Use as USB Device> is set to <Off>. It is not possible to connect to a computer via USB. | |
[Prohibit use as USB storage device] | <Use USB Storage Device> is set to <Off>. It is not possible to use USB storage devices. |
[Always verify signatures for SMB/WebDAV server functions] | There are no setting items that the security policy is applied to for the machine. | - |
[Always verify server certificate when using TLS] | The following settings are set to <On>, and a check mark is added to <CN>. <Confirm TLS Certificate for WebDAV TX> <Confirm TLS Certificate for FTPS TX> <Confirm TLS Certificate for SMTP TX> <Confirm TLS Certificate for POP RX> <Confirm TLS Certificate for Network Access> <Confirm TLS Certificate Using MEAP Application> <Confirm TLS Certificate for LDAP Server Access> The following settings are set to <On>. [License/Other] [Visual Message Settings] [Confirm Certificate for TLS Communication] [License/Other] [Visual Message Settings] [Add CN to Verification Items] During TLS communication, verification will be performed for digital certificates with common names. | |
[Prohibit cleartext authentication for server functions] | <Use FTP Printing> in <FTP Print Settings> is set to <Off>, <Allow TLS (SMTP RX)> in <E-Mail/I-Fax Settings> <Communication Settings> is set to <Always TLS>, <Dedicated Port Authentication Method> in <Network> is set to <Mode 2>. When using the machine as a server, plain text authentication and functions that use plain text authentication are not available. | |
[Prohibit use of SNMPv1] | In <SNMP Settings>, <Use SNMPv1> is set to <Off>. It is not possible to use SNMPv1 when obtaining device information from the computer. |
This setting does not apply to communication with IEEE 802.1X networks, even if the check box is selected for [Always verify server certificate when using TLS]. If [Prohibit cleartext authentication for server functions] is selected and your device management software or driver version is old, it may not be possible to connect to the machine. Ensure that you are using the latest versions. |
[Restrict LPD port (port number: 515)] | <LPD Print Settings> is set to <Off>. It is not possible to perform LPD printing. | |
[Restrict RAW port (port number: 9100)] | <RAW Print Settings> is set to <Off>. It is not possible to perform RAW printing. | |
[Restrict FTP port (port number: 21)] | In <FTP Print Settings>, <Use FTP Printing> is set to <Off>. It is not possible to perform FTP printing. | |
[Restrict WSD port (port number: 3702, 60000)] | In <WSD Settings>, <Use WSD Printing>, <Use WSD Browsing>, and <Use WSD Scan> are all set to <Off>. It is not possible to use WSD functions. | |
[Restrict BMLinkS port (port number: 1900)] | There are no setting items that the security policy is applied to for the machine. | - |
[Restrict IPP port (port number: 631)] | The <IPP Print Settings> and <Use Mopria> options are all set to <Off>. It is not possible to print using IPP or Mopria®. | |
[Restrict SMB port (port number: 139, 445)] | There are no setting items that the security policy is applied to for the machine. | - |
[Restrict SMTP port (port number: 25)] | In <E-Mail/I-Fax Settings> <Communication Settings>, <SMTP RX> is set to <Off>. SMTP reception is not possible. | |
[Restrict dedicated port (port number: 9002, 9006, 9007, 9011-9015, 9017-9019, 9022, 9023, 9025, 20317, 47545-47547)] | <Dedicated Port Settings> is set to <Off>. It is not possible to use dedicated ports. | |
[Restrict Remote Operator's Software port (port number: 5900)] | <Remote Operation Settings> is set to <Off>. It is not possible to use remote operation functions. | |
[Restrict SIP (IP Fax) port (port number: 5004, 5005, 5060, 5061, 49152)] | There are no setting items that the security policy is applied to for the machine. | - |
[Restrict mDNS port (port number: 5353)] | In <mDNS Settings>, the <Use IPv4 mDNS> and <Use IPv6 mDNS> options are set to <Off>, <Use Mopria> is set to <Off>. It is not possible to search the network or perform automatic settings using mDNS. It is also not possible to print using Mopria®. | |
[Restrict SLP port (port number: 427)] | In <Multicast Discovery Settings>, <Response> is set to <Off>. It is not possible to search the network or perform automatic settings using SLP. | |
[Restrict SNMP port (port number: 161)] | In <SNMP Settings>, the <Use SNMPv1> and <Use SNMPv3> options are set to <Off>, and <Display Scan for Mobile> is set to <Off>. It is not possible to obtain device information from the computer or configure settings using SNMP. |
[Prohibit guest users to use device] | The following settings are set to <On>. <User Management> <Authentication Management> <Use User Authentication> <Restrict Job from Remote Device w/out User Authent.> [Login for Unregistered Users:] [Allow unregistered users to log in as Guest User] The following settings are set to <Off>. <Use User Authentication> <Picture Login> <Login Screen Display Settings> is set to <Displ When Dev Operation Start>. It becomes [Standard Authentication Mode] if [Guest Authentication Mode] is set for [Authentication Mode:] in [Remote UI Authentication]. In addition, [Guest Authentication Mode] can no longer be selected for [Authentication Mode:] in [Remote UI Authentication]. Unregistered users cannot log in to the machine, and print jobs from computers are canceled. | <Restrict Job from Remote Device w/out User Authent.>ACCESS MANAGEMENT SYSTEM Administrator Guide |
[Force setting of auto logout] | <Auto Reset Time> is enabled. The user is automatically logged out if no operations are performed for a specified period of time. Select [Time Until Logout:] on the Remote UI setting screen. |
[Prohibit caching of password for external servers] | <Prohibit Caching of Authentication Password> is set to <On>, and <Save authentication information for login users> is set to <Off>. Users will always be required to enter a password when accessing an external server. | |
[Display warning when default password is in use] | <Display Warning When Default Password Is in Use> is set to <On>. A warning message will be displayed whenever the machine's factory default password is used. | |
[Prohibit use of default password for remote access] | <Allow Use of Default Password for Remote Access> is set to <Off>. It is not possible to use the factory default password when accessing the machine from a computer. |
[Set minimum number of characters for password] | <Minimum Length Settings> is set to <On>. It is not possible to set a password with fewer characters than the number specified for [Minimum Number of Characters] on the Remote UI setting screen. | |
[Set password validity period] | <Validity Period Settings> is set to <On>. A period of validity is set for the password. Specify the period in [Validity Period:] on the Remote UI setting screen. | |
[Prohibit use of 3 or more identical consecutive characters] | <Prohibit Use of 3 or More Identical Consec. Characters> is set to <On>. It is not possible to set a password that includes the same character repeated three or more times consecutively. | |
[Force use of at least 1 uppercase character] | <Use at Least 1 Uppercase Character> is set to <On>. Passwords are required to include at least one uppercase alphabetic character. | |
[Force use of at least 1 lowercase character] | <Use at Least 1 Lowercase Character> is set to <On>. Passwords are required to include at least one lowercase alphabetic character. | |
[Force use of at least 1 digit] | <Use at Least 1 Digit> is set to <On>. Passwords are required to include at least one numeric character. | |
[Force use of at least 1 symbol] | <Use at Least 1 Symbol> is set to <On>. Passwords are required to include at least one symbol. |
[Enable lockout] | In <Lockout Settings>, <Enable Lockout> is set to <On>. Specify the values for [Lockout Threshold] and [Lockout Period] on the Remote UI setting screen. |
[Prohibit use of weak encryption] | <Prohibit Use of Weak Encryption> is set to <On>. It is not possible to use weak encryption. When the check box is selected, [Prohibit use of key/certificate with weak encryption] can be selected. | |
[Prohibit use of key/certificate with weak encryption] | In <Prohibit Use of Weak Encryption>, <Prohibit Use of Key/Certificate with Weak Encryption> is set to <On>. It is not possible to use a key or certificate with weak encryption. | |
[Use TPM to store password and key] | There are no setting items that the security policy is applied to for the machine. | - |
[Force recording of audit log] | <Display Job Log> is set to <On>, <Retrieve Job Log with Management Software> in <Display Job Log> is set to <Allow>, <Save Audit Log> is set to <On>, <Retrieve Network Authentication Log> is set to <On>, and <Use Login Name as User Name for Print Jobs> is set to <On>. Audit logs are always recorded. | |
[Force SNTP settings] | In <SNTP Settings>, <Use SNTP> is set to <On>. Time synchronization via SNTP is required. Enter a value for [NTP Server Address] on the Remote UI setting screen. |
[Prohibit immediate printing of received jobs] | The following settings are set to <On>. <Fax Memory Lock> in the Fax/I-Fax Inbox <I-Fax Memory Lock> in the Fax/I-Fax Inbox <Set Fax/I-Fax Inbox> <Use Fax Memory Lock> <Set Fax/I-Fax Inbox> <Use I-Fax Memory Lock> <Forced Hold> <Handle Files with Forwarding Errors> is set to <Store/Print>. <Memory Lock End Time> is set to <Off>. Only <Hold as Shared Job> can be set for the operation conditions of <Forced Hold>. Printing does not occur immediately, even when printing operations are performed. |
[Allow sending only to registered addresses] | In <Restrict New Destinations>, the <Fax>, <E-Mail>, <I-Fax>, and <File> options are set to <On>. It is only possible to send to destinations that are registered in the Address Book. | |
[Force confirmation of fax number] | <Confirm Entered Fax Number> is set to <On>. Users are required to enter a fax number again for confirmation when sending a fax. | |
[Prohibit auto forwarding] | <Use Forwarding Settings> is set to <Off>. It is not possible to automatically forward faxes. |
[Force Complete Deletion of Data] | There are no setting items that the security policy is applied to for the machine. | - |