Canon Paper Shredder User Manual

30

White Paper: Canon imageRUNNER ADVANCE Security

establishes a point-to-point connection only if authentication is successful. The Extensible Authentication
Protocol (EAP) is attached to both wired and wireless LAN networks, allowing multiple authentication
methods such as cards and one-time passwords.

IEEE 802.1X functionality is already supported by many Ethernet switches, and can prevent guest, rogue,
or unmanaged systems that cannot perform a successful authentication from connecting to your network.

Section 4 — Network Security

SNMP Community String

Community Strings are like passwords for the management elements of network devices. There is a
community string which is used for read-only access to a network element. The default value for this
community string for most network devices is often "public". Using this community string an application
can retrieve data from the imageRUNNER ADVANCE system’s Management Information Base (MIB)
elements. There is also a read-write community string, and its default value is usually “private.” Using the
read-write community string, an application can actually change values for MIB variables.

Canon imageRUNNER ADVANCE systems use public and private as the default SNMP community
strings, but these may be renamed to a user-defined value for increased security. In addition, the systems
support SNMPv3, which provides greater security by protecting data against tampering, ensuring access is
limited to authorized users through authentication and encrypting data sent over a network.

To modify SNMP community strings go to Settings / Registration > Preferences > Network > SNMP
Settings.

USB Block

Administrators have complete control over enabling or disabling access to the imageRUNNER ADVANCE
system’s USB port, and can independently control the ability to connect to computers or plug-in
peripherals.

For more information on the USB Block feature, please refer to the Device Security section.

Scan and Send -Virus Concerns for E-mail Reception

For imageRUNNER ADVANCE systems with Scan and Send capabilities enabled, the device will always
discard any attached viruses in e-mail messages upon receipt.

Scan and Send-enabled devices support POP3 and SMTP as e-mail reception protocols. When data is
received, the e-mail text is separated from any file attachments, and only TIFF image files among the
attached files are printed and transferred.

There are three possible scenarios that are explored:

 Data with a virus attached in the e-mail:

All file attachments except for ‘TIFF” files received in the e-mail are discarded immediately after
reception.

 Viruses pretending to be TIFF files:

TIFF image files are compressed with formats such as MH, MR, and MMR. The imageRUNNER
ADVANCE system compresses the ‘TIFF’ format at reception and after regenerating the image encodes
the image again. When processed correctly, the original image is discarded and a new image is created,
printed, and transferred. If an error occurs during the process, the data from the ‘TIFF’ file is not
transferred but is discarded, and a message notifying the user of the error is added to the e-mail text and is
printed.

 Text within e-mail is a virus:

E-mail text data gives the Date, From, Message-Id, To, or Subject data written at the top of the received e-