Skip header
 

Specifying the Extended Security Functions

In addition to providing basic security through user authentication and each administrator's specified limits to access the machine, security can also be increased by encrypting transmitted data.

1Log in from the control panel as an administrator with privileges.

2Press [System Settings].

3Press [Administrator Tools].

4Press [Down arrow keyNext].

5Press [Extended Security].

6Press the setting you want to change, and change the settings.

Operation panel screen illustration

7Press [OK].

8Log out.

Note

  • The operation privileges of an administrator differ depending on the setting.

Restrict Display of User Information

The machine administrator can specify this if user authentication is specified.

When the job history is checked using a network connection for which authentication is not provided, all personal information can be displayed as "********". Because information identifying registered users cannot be viewed, unauthorized users are prevented from obtaining information about the registered files.

Default: [Off]

Enhance File Protection

The file administrator can specify this.

By specifying "Enhance File Protection", files are locked and inaccessible if an invalid password is entered ten times. This can protect files from unauthorized access attempts using random passwords.

If the Enhance File Protection function is enabled, the lock icon appears at the bottom right of the screen.

The locked files can only be unlocked by the file administrator.

When files are locked, it is not possible to select them even if the correct password is entered.

Default: [Off]

Settings by SNMPv1, v2

The network administrator can specify this.

If SNMPv1 or SNMPv2 protocols are used to access the machine, authentication cannot be performed, so that paper settings or other settings that the machine administrator specifies can be changed. If you select [Prohibit], the setting can be viewed but not specified with SNMPv1, v2.

Default: [Do not Prohibit]

Authenticate Current Job

This function is not available on this model.

Password Policy

The user administrator can specify this.

This setting allows you to specify [Complexity Setting] and [Minimum Character No.] for the password. By making this setting, you can only use passwords that meet the conditions specified in "Complexity Setting" and "Minimum Character No.".

If you select [Level 1], specify a password using a combination of 2 types of characters selected from upper-case letters, lower-case letters, decimal numbers, and symbols such as #.

If you select [Level 2], specify a password using a combination of 3 types of characters selected from upper-case letters, lower-case letters, decimal numbers, and symbols such as #.

Default: [Off]. There are no restrictions on the number of characters, and the types of characters are not specified.

@Remote Service

The machine administrator can specify this.

Communication via HTTPS for RICOH@Remote Service is disabled if you select [Prohibit].

When setting it to [Prohibit], consult with your service representative.

If it is set to [Proh. Some Services], it becomes impossible to change settings via a remote connection, providing optimally secure operation.

Default: [Do not Prohibit]

Update Firmware

The machine administrator can specify this.

This setting is to specify whether or not to allow firmware updates on the machine. A service representative updates the firmware, or firmware updates are performed via the network.

If you select [Prohibit], the machine's firmware cannot be updated.

If you select [Do not Prohibit], there are no restrictions on firmware updates.

Default: [Do not Prohibit]

Change Firmware Structure

The machine administrator can specify this.

This setting is to specify whether or not to prevent changes in the machine's firmware structure. The Change Firmware Structure function detects the machine's status when the SD card is inserted, removed or replaced.

If you select [Prohibit], the machine stops during startup if a firmware structure change is detected and a message requesting administrator login is displayed. After the machine administrator logs in, the machine finishes startup with the updated firmware.

The administrator can check if the updated structure change is permissible or not by checking the firmware version displayed on the control panel screen. If the firmware structure change is not permissible, contact your service representative before logging in.

When "Change Firmware Structure" is set to [Prohibit], administrator authentication must be enabled.

After [Prohibit] is specified, disable administrator authentication. When administrator authentication is enabled again, you can return the setting to [Do not Prohibit].

If you select [Do not Prohibit], firmware structure change detection is disabled.

Default: [Do not Prohibit]

Password Entry Violation

The machine administrator can specify this.

If the number of authentication requests exceeds the number specified by the setting, the system recognizes the access as a password attack. The access is recorded in the Access Log and the log data is sent to the machine administrator by e-mail.

If the "Max. Allowed No. of Access" is set to [0], password attacks are not detected.

  • Max. Allowed No. of Access

    Specify the maximum number of allowable authentication attempts.

    Use the number keys to specify the value between "0" and "100", and then press [Sharp].

    Default: [30]

  • Measurement Time

    Specify the interval between repeated authentication attempts that result in authentication failures. When the measurement time elapses, the records of authentication attempts are cleared.

    Use the number keys to specify the value between "1" and "10", and then press [Sharp].

    Default: [5]

Note

  • Depending on the values specified for the settings for [Max. Allowed No. of Access] and [Measurement Time], you may receive violation detection e-mails frequently.

  • If you receive violation detection e-mail s frequently, check the content and review the setting values.

Security Setting for Access Violation

The machine administrator.

When logging in to the machine via a network application, a user may be locked out by mistake because the number of authentication attempts by the user does not match the number of the attempts specified on the machine.

For example, access may be denied when a print job for multiple sets of pages is sent from an application.

If you select [On] under "Security Setting for Access Violation", you can prevent such authentication errors.

  • On

    • Denial Durtn. for Accs. Viol.

      Specify how many user accesses are allowed.

      Use the number keys to specify the value between "0" and "60", and then press [Sharp].

      Default: [15]

    • Managed User Host Limit

      Specify how many user accounts can be managed under "Security Setting for Access Violation".

      Use the number keys to specify the value between "50" and "200", and then press [Sharp].

      Default: [200]

    • Password Entry Host Limit

      Specify how many passwords can be managed under "Security Setting for Access Violation".

      Use the number keys to specify the value between "50" and "200", and then press [Sharp].

      Default: [200]

    • Status Monitor Interval

      Specify the monitoring interval of "Managed User Host Limit" and "Password Entry Host Limit".

      Use the number keys to specify the value between "1" and "10", and then press [Sharp].

      Default: [3]

  • Off

Default: [Off]

Device Access Violation

The machine administrator can specify this.

If the number of login requests exceeds the number specified by the setting, the system recognizes the access as an access violation. The access is recorded in the Access Log and the log data is sent to the machine administrator by e-mail. Also, a message is displayed on the control panel and on Web Image Monitor.

If the "Max. Allowed No. of Access" is set to [0], access violations are not detected.

In "Authentication Delay Time", you can specify response delay time for login requests to prevent the system from becoming unresponsive when an access violation is detected.

In "Simultns. Access Host Limit", you can specify the maximum number of hosts that access the machine at one time. If the number of simultaneous accesses exceeds the number specified by the setting, monitoring becomes unavailable and the machine's monitoring status is recorded in the Log.

  • Max. Allowed No. of Access

    Specify the maximum number of allowable access attempts.

    Use the number keys to specify the value between "0" and "500", and then press [Sharp].

    Default: [100]

  • Measurement Time

    Specify the interval between excessive accesses. When the measurement time elapses, the records of excessive accesses are cleared.

    Use the number keys to specify the value between "10" and "30", and then press [Sharp].

    Default: [10]

  • Authentication Delay Time

    Specify authentication delay time when an access violation is detected.

    Use the number keys to specify the value between "0" and "9", and then press [Sharp].

    Default: [3]

  • Simultns. Access Host Limit

    Specify the number of acceptable authentication attempts when authentications are delayed due to an access violation.

    Use the number keys to specify the value between "50" and "200", and then press [Sharp].

    Default: [200]

Note

  • Depending on the values specified for the settings for [Max. Allowed No. of Access] and [Measurement Time], you may receive violation detection e-mails frequently.

  • If you receive violation detection e-mails frequently, check the content and review the setting values.