HomeSearch by PurposeImproving the Security of this Machine (For Administrators)

Search by Purpose

Printing
Fully Using Functions of this Machine
- Fully Using Print Functions
Configuring the Operating Environment of this Machine
Configuring the Network Settings of this Machine (for the administrator)
Configuring User Authentication and Account Track
Improving the Security of this Machine (For Administrators)

Improving the Security of this Machine (For Administrators)

To configure the IPsec operating environment ([IPsec])

To display:

[Utility]
- [Administrator]
  - [Network]
    - [TCP/IP Setting]
      - [IPsec]

Configure settings to enable use of IPsec on this machine.

Setting	Description
[IPsec Setting]	Specify parameters required for IPsec communication. [IKE]: Configure settings for IKE (Internet Key Exchange) (Here). [SA]: Configure settings for SA (Security Association) (Here). [Peer]: Specify the IPsec peer (Here). [Protocol Setting]: Specify the IPsec protocol (Here).
[Enable IPsec]	Configure settings to enable use of IPsec (Here).
[Communication Check]	Enter the peer's IP address into [IP Address], then select Check Connection. If the connection fails, confirm communication error logs.

Setting

Description

[IPsec Setting]

Specify parameters required for IPsec communication.

[IKE]: Configure settings for IKE (Internet Key Exchange) (Here).

[SA]: Configure settings for SA (Security Association) (Here).

[Peer]: Specify the IPsec peer (Here).

[Protocol Setting]: Specify the IPsec protocol (Here).

[Enable IPsec]

Configure settings to enable use of IPsec (Here).

[Communication Check]

Enter the peer's IP address into [IP Address], then select Check Connection. If the connection fails, confirm communication error logs.

To restrict external accesses using the IP address ([IP Address Filtering])

To display:

[Utility]
- [Administrator]
  - [Network]
    - [TCP/IP Setting]
      - [IP Address Filtering]

Restrict devices that can access this machine depending on the range of IP addresses.

Setting	Description
[IPv4 Filtering (Permit Access)]	Specify an IPv4 address to allow access to this machine. [IPv4 Filtering (Permit Access)]: When specifying the IPv4 address that allow access, set this option to ON (default: OFF). Range 1 to Range 5: Enter the range of IPv4 addresses that allow access using the following format. Entry example: "192.168.1.1 - 192.168.1.10" If a single IPv4 address is allowed to access, you can only enter the address in one side of the range.
[IPv4 Filtering (Deny Access)]	Specify an IPv4 address to deny access to this machine. [IPv4 Filtering (Deny Access)]: When specifying the IPv4 address that deny access, set this option to ON (default: OFF). Range 1 to Range 5: Enter the range of IPv4 addresses that deny access using the following format. Entry example: "192.168.1.1 - 192.168.1.10" To deny access from a single IPv4 address, you can only enter the address in one side of the range.
[IPv6 Filtering (Permit Access)]	Specify an IPv6 address to allow access to this machine. [IPv6 Filtering (Permit Access)]: When specifying the IPv6 address that allow access, set this option to ON (default: OFF). Range 1 to Range 5: Enter the IPv6 address and prefix length to specify the range of IPv6 addresses that allow access.
[IPv6 Filtering (Deny Access)]	Specify an IPv6 address to deny access to this machine. [IPv6 Filtering (Deny Access)]: When specifying the IPv6 address that deny access, set this option to ON (default: OFF). Range 1 to Range 5: Enter the IPv6 address and prefix length to specify the range of IPv6 addresses that deny access.

To automatically specify the range of IP addresses that are available to access this machine ([Quick IP Filtering])

To display:

[Utility]
- [Administrator]
  - [Network]
    - [TCP/IP Setting]
      - [Quick IP Filtering]

Allows you to restrict the devices that can access this machine using the IP address (IPv4/IPv6). The range of IP addresses for which access is to be restricted is specified automatically.

Select the method to specify IP addresses for which access is to be restricted. [No Filtering] is specified by default. In some areas, [Synchronize IP Address] is set by default.

[Synchronize IP Address]: For the IPv4 address, this option only permits access for the IPv4 address set to this machine, and the IPv4 addresses of which the high-order 3 bytes are the same.
Example: When the IPv4 address of this machine is set to "192.168.0.134", the range of IPv4 addresses that allow access is as follows.
192.168.0.0 to 192.168.0.255
For the IPv6 address, this option only permits access for the global unicast address (2000::/3). Also, this option only permits access for the IPv6 address set to this machine, and the IPv6 addresses of which the high-order 64 bits are the same.
Example: When the IPv6 address of this machine is set to "2345:1:2:3:4:5:6:7", the range of IPv6 addresses that allow access is as follows.
2345:1:2:3::0 to 2345:1:2:3:FFFF:FFFF:FFFF:FFFF
[Synchronize Subnet Mask]: For the IPv4 address, this option only permits access for IPv4 addresses that belong to the same network using the IPv4 address set to this machine and subnet mask.
If no subnet mask is set or "0.0.0.0" is specified, this option permits the IPv4 address set to this machine, and the IPv4 addresses each of which only the suffix is different. This results in the same operation as for [Synchronize IP Address].
Example: When the IPv4 address of this machine is set to "192.168.17.134" and the subnet mask is set to "255.255.252.0", the range of IPv4 addresses that allow access is as follows.
192.168.16.*** to 192.168.19.***
For the IPv6 address, this option only permits access for the global unicast address (2000::/3). Also, filtering is carried out using the global IPv6 address set to this machine and prefix.
If the prefix is not specified, filtering is carried out in the same way as when the 64-bit prefix is specified.
Example: When the IPv6 address of this machine is set to "2345:1:2:3:4:5:6:7" and Prefix is set to "/64", the range of IPv6 addresses that allow access is as follows.
2345:1:2:3::0 to 2345:1:2:3:FFFF:FFFF:FFFF:FFFF
[No Filtering]: Does not use the filtering function.

If the quick IP filtering function is used, the range of IP addresses for which access is to be restricted is specified automatically. To manually specify the range of IP addresses for which access is to be restricted, set [IP Address Filtering] or [Packet Filtering] instead of using [Quick IP Filtering].
When Quick IP Filtering is enabled, you may fail to access Web Connection. If you cannot access Web Connection, set Quick IP Filtering to [No Filtering].

To restrict reception of packets sent to the machine depending on the source address ([Packet Filtering])

To display:

[Utility]
- [Administrator]
  - [Network]
    - [TCP/IP Setting]
      - [Packet Filtering]

Restrict a reception of packets sent to the machine depending on the source address. This function also restricts sending depending on the destination address.

For details on how to register a filter, refer to Here.

Setting	Description
[Log Settings]	Records a history of packets with receiving or sending denied by the packet filtering function. [Log Settings]: Select whether to record packet filtering logs (default: [Disable]). [Number of Lines]: Specify the number of logs to be written (default: [1000]). Tapping [Start] starts writing.
[Import]	Collectively imports multiple filters from a USB flash drive. This option is available to edit filters exported from the machine on the computer before importing them.
[Export]	Exports all the registered filters to a USB flash drive.
[Edit]	Displays the setting of the selected filter.
[Delete]	Deletes the selected filter.

To configure the operating environment for IEEE802.1X authentication ([IEEE802.1X Authentication Setting])

To display:

[Utility]
- [Administrator]
  - [Network]
    - [IEEE802.1X Authentication Setting]

When IEEE802.1X authentication is installed in your environment, configure settings to use IEEE802.1X authentication on this machine.

Setting	Description
[IEEE802.1X Authentication Setting]	Here
[IEEE802.1X Setting]	Here
[IEEE802.1X Authentication Trial]	Here

To restrict the domain of the recipient to transmit an E-mail ([Domain Send Operation Restriction Setting])

To display:

[Utility]
- [Administrator]
  - [Network]
    - [Domain Send Operation Restriction Setting]

Restrict the domain of the recipient to send an E-mail.

Setting	Description
[Domain Send Operation Restriction Setting]	Select whether to limit the recipient domain (default: [Do Not Limit]).
[Limit Type]	Select a method to restrict the recipient domain. To specify a domain to be permitted, select [Permitted TX]. To specify a domain to be rejected, select [Send Deny].
[Permitted TX List]	Specify the domain to be permitted as the recipient when [Permitted TX] is selected in [Limit Type]. Select a recipient domain key, then enter the IP address or domain name of the domain (using up to 255 bytes). Symbol "?" is recognized as any one character. Symbol "*" is recognized as any characters of 0 or more.
[Send Deny List]	Specify the domain to be rejected as the recipient when [Send Deny] is selected in [Limit Type]. Select a recipient domain key, then enter the IP address or domain name of the domain (using up to 255 bytes). Symbol "?" is recognized as any one character. Symbol "*" is recognized as any characters of 0 or more.
[Limitation check of Shared address]	Check whether destinations with transmission disabled are included in the destinations registered on this machine.

If [Permitted TX] is selected in [Limit Type], the setting of [Send Deny List] is deleted.
If [Send Deny] is selected in [Limit Type], the setting of [Permitted TX List] is deleted.

To collectively configure settings to enhance the security of this machine ([Quick Security Setting])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Quick Security Setting]

Summarizes settings to enhance the security of this machine. We recommend that you change settings in order to use this machine more securely.

Setting	Description
[Quick IP Filtering]	When using the quick IP filtering function, select the method to specify the IP address for which access is restricted. [No Filtering] is specified by default. In some areas, [Synchronize IP Address] is set by default. For details on Quick IP Filtering function, refer to Here.
[Administrator Password Setting]	Change the administrator password of this machine (using up to 64 characters). Be sure to remember the changed password so that you do not forget it.
[Password Rules]	When enabling the Password Rules, set this option to ON (default: OFF). For details on the Password Rules, refer to Here.
[Web Conn.setting]	When using Web Connection, set this option to ON (default: ON).
[Security Warning Display Setting]	To display the security warning screen if the administrator password remains set to the default or if password rules are not satisfied, set this option to ON. ON is specified by default: In some areas, OFF is specified by default.
[USB Enable Settings]	Specify whether to permit a function that requires the USB Port. [Print Document]: When permitting the user to print a file from a USB flash drive, set this option to ON. ON is specified by default. In some areas, OFF is specified by default. [Print]: When allowing the user to print files from a USB-connected computer, set this option to ON (default: ON).

To change the administrator password of this machine ([Administrator Password Setting])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Administrator Password Setting]

Change the administrator password of this machine (using up to 64 characters). Be sure to remember the changed password so that you do not forget it.

If you enter an incorrect administrator password a configured number of times, you are prohibited from using this machine. In this case, contact your service representative.

To change the level at which a user can change settings in the setting items configured by the administrator ([Administrator Security Levels])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Administrator Security Levels]

From those items that are set up by the administrator, select levels at which users are authorized to change settings (default: [Restrict]).

Configure the settings you have opened up to users in [User Settings].

Setting	Description
[Level 1]	Open up the following settings to the users. [Low Power Mode Settings] [Sleep Mode Settings]
[Level 2]	Open up the following settings to the users. Settings that are opened up to users in [Level 1] [Print/Fax Output] [AE Level Adjustment] [Blank Page Print Settings] [Page Number Print Position] [Change E-Mail Address]
[Restrict]	The settings are not opened up to users.

Setting

Description

[Level 1]

Open up the following settings to the users.

[Low Power Mode Settings]

[Sleep Mode Settings]

[Level 2]

Open up the following settings to the users.

Settings that are opened up to users in [Level 1]

[Print/Fax Output]

[AE Level Adjustment]

[Blank Page Print Settings]

[Page Number Print Position]

[Change E-Mail Address]

[Restrict]

The settings are not opened up to users.

To collectively specify whether to permit a function that requires the USB Port ([USB Connection Permission setting])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [USB Connection Permission setting]

Specify whether to permit a function that requires the USB Port.

Setting	Description
[Set All]	Select whether to restrict all the functions using the USB Port, or configure a setting for each function (default: [Detail Setting]).

If [Detail Setting] is selected in [Set All], configure the following settings.

Setting	Description
[Authentication Device]	When allowing a connection with the Authentication Unit, set this option to ON (default: ON).
[External Keyboard]	When allowing the user to connect an external keyboard, set this option to ON (default: ON).
[External Memory (User)]	Specify whether to allow the use of USB memory for functions to be used by the user (default: [Individual Settings]). [Print Document]: When permitting the user to print a file from a USB flash drive, set this option to ON (default: ON).
[External Memory (Administrator)]	Specify whether to allow the use of USB memory for functions to be used by the administrator (default: [Individual Settings]). [Write the Configuration from USB]: When allowing the user to change the settings of this machine by loading the configuration file saved in a USB flash drive, set this option to ON (default: ON).
[External Memory (Service)]	Specify whether to allow the use of USB memory for functions to be used by the service engineer (default: [Individual Settings]). [Firmware Update]: When allowing firmware updating using a USB flash drive, set this option to ON (default: ON).
[PC Connection]	Specify whether to enable to print files from a USB-connected computer (default: [Individual Settings]). [Print]: When allowing the user to print files from a USB-connected computer, set this option to ON (default: ON).

If [External Memory (Administrator)] is set to OFF, USB memory is not available for the following functions.
[License Settings], [Authorization function Setting], import, export, or log storage of [Packet Filtering] in the main unit, import or export of Web Connection via the Web browser of the main unit
If [External Memory (Service)] is set to OFF, some functions are restricted in addition to the functions that can be set in [Individual Settings].

To restrict the minimum number of characters used for a password or the available text types ([Password Rules])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Security Details]
      - [Password Rules]

When enabling the Password Rules, set this option to ON (default: OFF).

Once Password Rules is enabled, the number of characters and text types that are available for passwords is restricted. If necessary, change the minimum number of password characters.

Once Password Rules is enabled, the following rules are applied to any password that is configured on this machine.

The minimum number of characters set in [Set Minimum Password Length] (default: 12 characters).
Passwords are case sensitive.
A password consisting of a string of identical characters cannot be used.
The previous password cannot be used.

The password rules are applied to:

Administrator Password
User Password
Account Password
WebDAV Server Password
SNMP Password
Remote panel server password
Encryption Passphrase

To specify the severity of penalties applied when an incorrect password is entered during the authentication ([Prohibit Functions])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Security Details]
      - [Prohibit Functions]

Define the severity of penalties applied if an incorrect password is entered during the authentication process.

Setting	Description
[Prohibit Functions]	Select the severity of penalties applied if an incorrect password is entered during the authentication process (default: [Mode 1]). [Mode 1]: If authentication fails, the authentication operation (entry of password) is prohibited for five seconds. [Mode 2]: If authentication fails, the authentication operation (entry of password) is prohibited for five seconds. The number of times, authentication fails is also counted and if the failure count reaches a predetermined value, the authentication operation is prohibited and the machine is set into an access lock state.
[No. of Tries]	When [Mode 2] is selected in [Prohibit Functions], specify the number of password entry failures that occurred until authentication operation is restricted.
[Release]	Select an item to be released from Access Lock during authentication failure.
[Release Time Settings]	If necessary, change the time that elapses before an access lock state in the Administrator Setting mode is canceled (default: [5] min.). If a predetermined time has elapsed after the machine was restarted, an access lock state is canceled.

To hide personal information such as addresses or file names on the [Job List] screen ([Personal Data Security Settings])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Security Details]
      - [Personal Data Security Settings]

Specify whether to hide personal information, such as destination and file name, in [Active] and [Log] in the [Job List] screen.

Setting	Description
[Job History]	Configure settings to display personal information of the job history screen. [Job History]: When hiding personal information on the job history screen, set this option to ON (default: OFF (without user authentication/account track), ON (with user authentication/account track)). [Display Settings]: Select items you want to hide. [Mode 1]: File name [Mode 2]: File name, auther, and user name [Public User], [User Authentication], [Account Authentication]: Select how to display items you specified in [Display Settings] for each user or account. [Mode 1]: Hide all display items. [Mode 2]: Hide only display items other than for login user/login account. [Mode 3]: Hide only display items other than for a public user, login user/public user, and login account. [Mode 4]: Show all display items.
[Current Job]	Configure settings to display personal information of the active job screen. [Current Job]: When hiding personal information on the active job screen, set this option to ON (default: OFF (without user authentication/account track), ON (with user authentication/account track)). [Display Settings]: Select items you want to hide. [Mode 1]: File name [Mode 2]: File name, auther, and user name [Public User], [User Authentication], [Account Authentication]: Select how to display items you specified in [Display Settings] for each user or account. [Mode 1]: Hide all display items. [Mode 2]: Hide only display items other than for login user/login account. [Mode 3]: Hide only display items other than for a public user, login user/public user, and login account. [Mode 4]: Show all display items.

Setting

Description

[Job History]

Configure settings to display personal information of the job history screen.

[Job History]: When hiding personal information on the job history screen, set this option to ON (default: OFF (without user authentication/account track), ON (with user authentication/account track)).

[Display Settings]: Select items you want to hide.
[Mode 1]: File name
[Mode 2]: File name, auther, and user name

[Public User], [User Authentication], [Account Authentication]: Select how to display items you specified in [Display Settings] for each user or account.
[Mode 1]: Hide all display items.
[Mode 2]: Hide only display items other than for login user/login account.
[Mode 3]: Hide only display items other than for a public user, login user/public user, and login account.
[Mode 4]: Show all display items.

[Current Job]

Configure settings to display personal information of the active job screen.

[Current Job]: When hiding personal information on the active job screen, set this option to ON (default: OFF (without user authentication/account track), ON (with user authentication/account track)).

[Display Settings]: Select items you want to hide.
[Mode 1]: File name
[Mode 2]: File name, auther, and user name

[Public User], [User Authentication], [Account Authentication]: Select how to display items you specified in [Display Settings] for each user or account.
[Mode 1]: Hide all display items.
[Mode 2]: Hide only display items other than for login user/login account.
[Mode 3]: Hide only display items other than for a public user, login user/public user, and login account.
[Mode 4]: Show all display items.

When logged in as an administrator, all personal information is displayed regardless of the settings.

To hide personal information such as addresses or file names on MIB information ([Hide Personal Information (MIB)])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Security Details]
      - [Hide Personal Information (MIB)]

When displaying the file name of MIB information, set this option to ON (default: ON).

To initialize job history or network settings ([Initialize])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Security Details]
      - [Initialize]

Initializes the settings in [Job History], [Network Settings], and [Enhanced Server Information].

Select items you want to initialize, then tap [OK].

To prohibit access to the Web page contents saved on the storage area of this machine ([Web browser contents access])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Security Details]
      - [Web browser contents access]

When using the application associated with the Web browser function of this machine, select whether to allow an access to the contents saved in the storage device of this machine via the Web browser (default: [Allow]).

To specify whether to allow the user to perform user data setting operations on the Web browser ([Web browser setting change])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Security Details]
      - [Web browser setting change]

Specify the type of the user who can change the user data setting of the Web browser (default: [Administrator Only]).

Selecting [Administrator + User] allows you to configure the following Web browser settings using the registered user's privileges.

Home page
Start up
Web data (Cookie, Web Storage, or Indexed Database)
Authentication information

This setting is displayed when [Web Browser Setting] (Here) is set to ON.

To restrict loading a configuration file from USB memory and changing machine settings ([Write the Configuration from USB])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Security Details]
      - [Write the Configuration from USB]

When allowing the user to change the settings of this machine by loading the configuration file saved in a USB flash drive, set this option to ON. (default: ON).

To restrict our service representative from backing up or restoring the storage on this machine ([Storage data backup])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Security Details]
      - [Storage data backup]

When allowing our service representative to back up or restore the storage on this machine, set this option to ON (default: OFF).

To enable the enhanced security mode and enhance the security of data management ([Enhanced Security Mode])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Enhanced Security Mode]

Select whether to enable the Enhanced Security Mode.

If you enable the Enhanced Security Mode, the various security functions are forcibly configured. This allows you to ensure higher-level security of data management. For details, contact your service representative.

To enable the enhanced security mode, the following settings must have been configured.

Prerequisite settings	Check Job
[User Auth/Account Track] - [General Settings] - [User Authentication]	Select an option other than [OFF]. (When external server authentication is used, only Active Directory is available as the server type.)
[Security] - [Administrator Password Setting]	Set a password complying with password rules.
In Web Connection, register the certificate.	For details, refer to Here.
Service settings	Service settings must be configured by your service representative. For details, contact your service representative.

If you enable the Enhanced Security Mode, the following settings are forcibly changed.

Setting items in Administrator Settings	Settings to forcibly changed
[User Auth/Account Track] - [General Settings] - [Public User Access]^*	Set to [Restrict].
[User Auth/Account Track] - [User Authentication Settings] - [Administrative Setting] - [User Name List]^*	Set to [OFF].
[User Auth/Account Track] - [Print without Authentication]^*	Set to [Restrict].
[User Auth/Account Track] - [User/Account Common Setting] - [Counter Remote Control]	Set to OFF.
[User Auth/Account Track] - [Simple Authentication setting] - [Simple Authentication setting]^*	Set to OFF.
[Network] - [E-mail Setting] - [E-mail TX (SMTP)] - [Server load reduction transmission method]	When [Scan TX by Download URL method only when maximum limit is exceeded] or [Always Scan TX by Download URL method] is selected, this option is set to [OFF].
[Network] - [SNMP Setting] - [SNMP v1/v2c Setting] - [Write Community Name]^*	Set to OFF.
[Network] - [SNMP Setting] - [SNMP v3 Setting]^*	[Security Level] for read and write allowed users is set to [auth-password/priv-password]. The Security Level can be changed to [auth-password].
[Network] - [TCP Socket Setting] - [Use SSL/TLS]	Set to ON.
[Network] - [Web Browser Setting] - [Web Browser Setting]^*	Set to OFF.
[Network] - [Remote Panel Settings]^*	[Remote Panel Client Settings] - [Web Browser Setting]: Set to OFF. [Remote Panel Server Settings] - [Web Browser Setting]: Set to OFF.
[Network] - [Machine Update Settings] - [Machine Auto Update setting]^*	This function is not available.
[Network] - [IWS Settings] - [IWS Settings]^*	Set to OFF.
[Network] - [OpenAPI Setting] - [OpenAPI Setting] - [SSL/Port Settings]	Set to [SSL Only].
[System Settings] - [System Connection Setting] - [Mobile Connection Settings] - [Simple Connection Setting]^*	[QR Code Display Setting]: Set to OFF. [Enable NFC]: Set to OFF. [Enable Bluetooth LE]: Set to OFF.
[Security] - [Administrator Password Change Permission Setting] - [Password Change Permission]	Set to OFF.
[Security] - [USB Connection Permission setting]	Set to [Restrict].
[Security] - [Security Details] - [Password Rules]^*	Set to ON. If this option cannot be set to ON, the enhanced security mode is not available.
[Security] - [Security Details] - [Prohibit Functions]^*	[Prohibit Functions] is set to [Mode 2] and [No. of Tries] is set to [3]. No. of tries can be changed in the range between [1] and [3]. [Release Time Settings]: Limited to [5] minutes. This value cannot be less than five minutes.
[Security] - [Security Details] - [Print Data Capture]	Set to OFF.
[Security] - [Security Details] - [Hide Personal Information (MIB)]	Set to ON.
[Security] - [Security Details] - [Initialize]^*	If you select [Network Settings] and start it, the Enhanced Security Mode is canceled.
[Remote Access Setting] - [Import/Export User Data]	Set to OFF.
[Maintenance] - [Import/Export] in Web Connection	The password must be configured.
[Security] - [PKI Settings] - [Device Certificate Setting] in Web Connection	[Requesting Certificate] is hidden.
[Security] - [PKI Settings] - [SSL Setting] in Web Connection^*	[Mode using SSL/TLS]: Set to [Admin. Mode and User Mode]. [Encryption Strength]: If it has been set to [AES-256, 3DES-168, RC4-128, DES-56, RC4-40] or [AES-256, 3DES-168, RC4-128], it is changed to [AES-256, 3DES-168].
[Security] - [PKI Settings] - [Protocol Setting] in Web Connection	[Protocol 1]: [SSL], [Protocol 2]: The certificate is registered in the [http Server].
Remote Diagnosis System	Some functions may be disabled. For details, contact your service representative.
[Security] - [Security Details] - [Maintenance Mode Access]	Set to [Restrict].

If you change a setting item (marked by an asterisk ^*) that has been changed synchronously with [Enhanced Security Mode], a confirmation dialog box appears, and the Enhanced Security Mode is canceled.
A setting that has been forcibly changed when the [Enhanced Security Mode] was enabled will not be changed if you disable the [Enhanced Security Mode].
Once the password rules have been enabled, an item for which a password that do not comply with the rules has been configured will result in authentication failure.

To check the used area, entire area, and available storage space in this machine ([Check Capacity])

To display:

[Utility]
- [Storage Management]
  - [Check Capacity]

Allows you to check the used area, entire area, and free space on the storage device of this machine.

To automatically overwrite data stored on the storage or in the memory ([Overwrite HDD Data])

To display:

[Utility]
- [Storage Management]
  - [Overwrite HDD Data]

This machine temporarily spools image data in the storage or memory during printing. When the stored data are no longer needed, you can delete them by overwriting with certain data.

Setting	Description
[Overwrite HDD Data]	When automatically overwriting data spooled in the storage device or memory, set this option to ON (default: OFF).
[Overwrite Method]	Select the method to overwrite data spooled in the storage device or memory (default: [Mode 1]). [Mode 1]: Overwrites with 0x00. [Mode 2]: Overwrites with 0x00 - Overwrites with 0xff - Overwrites with letter "a" (0x61) - Verifies.
[Preferred Selection]	When overwriting the data spooled in the storage, select whether to give priority to the encryption or overwriting method (default: [Encryption Priority]). [Encryption Priority]: Overwrites data using a method different from [Mode 1] and [Mode 2] of [Overwrite Method]. To set [Overwrite HDD Data], select [Encryption Priority]. [Overwrite Priority]: Overwrites data using the method specified at [Overwrite Method]. When changing this setting, you need to format the storage device after restarting this machine. Before you attempt to change the setting, be aware that data may be deleted.

Setting

Description

[Overwrite HDD Data]

When automatically overwriting data spooled in the storage device or memory, set this option to ON (default: OFF).

[Overwrite Method]

Select the method to overwrite data spooled in the storage device or memory (default: [Mode 1]).

[Mode 1]: Overwrites with 0x00.

[Mode 2]: Overwrites with 0x00 - Overwrites with 0xff - Overwrites with letter "a" (0x61) - Verifies.

[Preferred Selection]

When overwriting the data spooled in the storage, select whether to give priority to the encryption or overwriting method (default: [Encryption Priority]).

[Encryption Priority]: Overwrites data using a method different from [Mode 1] and [Mode 2] of [Overwrite Method]. To set [Overwrite HDD Data], select [Encryption Priority].

[Overwrite Priority]: Overwrites data using the method specified at [Overwrite Method].

When changing this setting, you need to format the storage device after restarting this machine. Before you attempt to change the setting, be aware that data may be deleted.

To overwrite all data stored in the entire storage area of this machine ([Overwrite All Data])

To display:

[Utility]
- [Storage Management]
  - [Overwrite All Data]

When disposing of this machine or returning it to a leasing business, use this function to delete all data saved on the storage device of this machine by overwriting. This function also resets all passwords to the factory settings.

Prior to performing this operation, contact your service representative.

To perform overwriting, tap [Delete].

To print a result report after deleting data, tap [Delete], then select [Overwrite & Print Report]. You can specify the customer name to be added to a report as required. For details, refer to Here.

To format the storage area of this machine ([Format])

To display:

[Utility]
- [Storage Management]
  - [Format]

Formats the storage device of this machine.

Retrieve any data needed from the storage device of this machine beforehand.

Formatting the storage device of this machine causes the following types of data to be deleted.

Authentication method setting
User authentication setting
Account track setting

To forcibly apply stamps to original data ([Apply Stamps])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Stamp Settings]
      - [Apply Stamps]

To forcibly apply stamps to original data, set this option to ON (default: OFF). In addition, specify the stamp type, printing position, etc.

Users are not allowed to manually change or cancel the settings for the stamp function. You can explicitly indicate the sender identification by adding the user name or company name.

To delete the registered stamps ([Delete Registered Stamp])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Stamp Settings]
      - [Delete Registered Stamp]

Deletes stamps registered on this machine.

To enable the FIPS mode ([FIPS Settings])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [FIPS Settings]

When enabling the FIPS (Federal Information Processing Standardization) mode, set this option to ON (default: OFF).

FIPS defines security requirements for cryptographic modules. These standards have been adopted by many organizations, including U.S. federal government agencies. Enabling the FIPS Mode makes the functions of the machine conform to the FIPS.

To permit your service representative to change any setting of this machine without administrator authentication ([Maintenance Mode Access])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [Security Details]
      - [Maintenance Mode Access]

Select whether to permit your service representative to change the settings of this machine without administrator authentication (default: [Restrict]).

To back up setting data of this machine to the storage or server ([Backup Setting Information])

To display:

[Utility]
- [Administrator]
  - [Maintenance]
    - [Backup Setting Information]

Configure settings to back up setting data of this machine to the server or restore it.

Setting	Description
[Server BackUp Setting]	Here
[Restore from Server]	Here

To prohibit the registration of the OpenAPI application ([OpenAPI Certification Management Setting])

To display:

[Utility]
- [Administrator]
  - [Security]
    - [OpenAPI Certification Management Setting]

Specify a restriction code to prevent an OpenAPI connection application from being registered on this machine.

For details, contact your service representative.