Technical information

Security overview for PRISMAsync print server

based production products
 Canon Production Printing Technical information

Copyright and trademarks

Copyright
Copyright 2020 – 2022 Canon Production Printing.

No part of this publication may be copied, modified, reproduced or transmitted in any

form or by any means, electronic, manual, or otherwise, without the prior written
permission of Canon Production Printing. Illustrations and printer output images are
simulated and do not necessarily apply to products and services offered in each local
market. The content of this publication should neither be construed as any guarantee or
warranty with regard to specific properties or specifications nor of technical performance
or suitability for particular applications. The content of this publication may be subject to
changes from time to time without notice.

CANON PRODUCTION PRINTING SHALL NOT BE LIABLE FOR ANY DIRECT,

INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY NATURE, OR LOSSES OR
EXPENSES RESULTING FROM THE USE OF THE CONTENTS OF THIS
PUBLICATION.

Trademarks
Canon is a registered trademark of Canon Inc. PRISMA, PRISMAproduction
and VarioPrint are trademarks or registered trademarks of Canon Production Printing
Netherlands B.V.

Adobe, Acrobat and PostScript are either registered trademarks or trademarks of Adobe
Systems Incorporated in the United States and/or other countries.

Microsoft, Internet Explorer and Windows are trademarks or registered trademarks of

Microsoft Corp. incorporated in the United States and/or other countries.
McAfee is a registered trademark of McAfee, Inc. in the United States and other
countries.

All other trademarks are the property of their respective owners and hereby
acknowledged.

January, 2022 Page 2

 Canon Production Printing Technical information

Date Reason
0.1 February 25, 2005 First creation
1.0 May 4, 2005 Update to latest software versions
1.1 May 11, 2005 Added integrity check functionality for DAC
2.0 April 20, 2007 Full rework
2.1 June 22, 2007 Minor corrections on V2.0
2.2 June 26, 2007 Minor adjustments for DAC, Genie and SI controllers
2.3 July 11, 2007 Small textual changes
2.4 August 17, 2007 Minor correction for SI controllers
2.5 September 28, 2007 Policy, pre- and post-sales information moved to separate documents
2.6 April 10, 2009 Document split in Office and Production + general update
2.7 August 27, 2009 General overhaul of chapter 1 and 2, further the security short list is enhanced
2.8 May 11, 2010 General update of content
2.9 June 4, 2010 Update of Ant-virus statement for all controler types.
Added a statement on files that are printed, scanned or copied.
2.10 December 10, 2010 Added more information on the security of PRISMAsync
2.11 June 2011 Added security information for PRISMAsync for imagePRESS Colour Series and imageRUNNER
ADVANCE
2.12 November 2011 Update on text, VarioPrint6XX0 R5.1 added, DP-line R1.3 added
2.13 October 2012 Update on text, DP-line R2.1 and R2.4 added, VP6XX0 R5.4 added.
Canon imageRUNNER ADVANCE Colour Series PRISMAsync R2.1 added, Canon imagePRESS
Colour Series PRISMAsync R2.1 added
DP-line R1.3 removed, VP6XX0 R4 removed.
2.14 July 2013 Update on text, R2.5 and R3.1 added, Canon varioPrint 110-120-135, VP6XX0 R5.5 and Ultra+
added. Canon imageRUNNER ADVANCE Colour Series PRISMAsync R2.2 added, Canon
imagePRESS Colour Series PRISMAsync R2.2 added
2.15 February, 2014 Update on text and Canon imagePRESS Colour Series PRISMAsync R3.1 added
2.16 June, 2014 Update PRISMAsync technical security information
2.17 October, 2014 small update PRISMAsync technical sercurity information
imagePRESS C800 Series
2.18 January, 2015
2.19 April, 2015 Add new releases
2.20 Sept, 2015 Add C10000VP
2.21 February, 2016 Add new releases
2.22 July, 2016 Add new releases
2.23 September, 2016 Add new releases
2.24 September, 2017 Add Océ VarioPrint 6000 Line (Titan)
2.25 May, 2018 Datasheets updated with missing products (Océ VarioPrint i-series also included).
Reclassified using PRISMAsync version number. Updated up to PRISMAsync version 19.x.x.x.
2.26 November, 2018 Update with PRISMAsync version 19.6.x.x version. (Océ VarioPrint i-series, Canon varioPRINT 135
series / Canon varioPRINT 140 series, Océ VarioPrint 6000 line (Titan))

2.27 May, 2019 Update with PRISMAsync version 20.3.x.x version. (Canon iPR C910 Series, Océ VarioPrint 6000 line
(Titan))
2.28 May, 2020 Update with PRISMAsync version 21.2.x.x version. (Canon iPR C910 Series, varioPrint 6000 line
(Titan), Canon varioPRINT 135 series / Canon varioPRINT 140 series)
2.29 August 2021 Remove VP2xx0, VP3xx0, VP4xx0 and iR C9000S Series
January 2022 Remove Old PRISMAsync versions
Update with PRISMAsync Mark 7.4.x. and Mark 8.1.x

January, 2022 Page 3

 Canon Production Printing Technical information

Table of contents
Table of contents ...............................................................................................................4
1 Introduction ...............................................................................................................10
1.1 Used terms ..................................................................................................................... 10

2 CPP Security Policy ..................................................................................................11

2.1 CPP Security Standards ................................................................................................ 11
2.2 MS security patches ...................................................................................................... 11
2.3 Security and the customers role ................................................................................... 12

3 Security details ..........................................................................................................13

3.1 Handling of copy-, print- and scan jobs after these are processed ............................ 13

4 PRISMAsync security details ...................................................................................15

4.1 Software installation ...................................................................................................... 15
4.2 Security vulnerability handling ..................................................................................... 15
4.3 Anti-virus........................................................................................................................ 16
4.4 McAfee Embedded Control ........................................................................................... 17
4.5 Audit Event Logging ...................................................................................................... 17
4.6 Can infected print files corrupt the software?.............................................................. 18
4.7 Boot sequence ............................................................................................................... 19
4.8 Access to the configuration .......................................................................................... 19
4.9 Print document data (background) .............................................................................. 19

5 Security Data Sheet Security Océ VarioPrint 6xx0 (Ultra/MICR/TP)

PRISMAsync based products ...................................................................................20
5.1.1 Security short list Océ VarioPrint 6xx0 PRISMAsync print controller .......................... 20
5.1.2 Network security....................................................................................................... 20
5.1.3 Ports usage .............................................................................................................. 21
5.1.4 E-shredding .............................................................................................................. 22
5.1.5 Anti-virus .................................................................................................................. 22
5.1.6 MS security patches ................................................................................................. 23
5.2 Security data sheet VarioPrint 6000/ VarioPrint 6000 Ultra Line ................................. 23
5.2.1 Product definition...................................................................................................... 23
5.2.2 General Controller information .................................................................................. 23
5.2.3 Controller Operating system ..................................................................................... 23
5.2.4 Virus check .............................................................................................................. 23
5.2.5 Controller OS Accounts ............................................................................................ 23
5.2.6 Integrity protection .................................................................................................... 24
5.2.7 lControl panel access ............................................................................................... 24

6 Security Data Sheet Security Océ VarioPrint 6000+ (Ultra/MICR/TP)

PRISMAsync based products ...................................................................................25
6.1.1 Security short list Océ VarioPrint 6000+ PRISMAsync print controller ....................... 25
6.1.2 Network security....................................................................................................... 25
6.1.3 Ports usage .............................................................................................................. 26
6.1.4 E-shredding .............................................................................................................. 26
6.1.5 Anti-virus .................................................................................................................. 26
6.1.6 MS security patches ................................................................................................. 27
6.2 Security Data Sheet Océ VarioPrint 6000+ Line R6.4 ................................................... 28
6.2.1 Product definition...................................................................................................... 28
6.2.2 General Controller information .................................................................................. 28
6.2.3 Controller Operating system ..................................................................................... 28
6.2.4 Virus check .............................................................................................................. 28
6.2.5 Controller OS Accounts ............................................................................................ 28
January, 2022 Page 4
 Canon Production Printing Technical information

6.2.6 Integrity protection .................................................................................................... 28

6.2.7 Control panel access ................................................................................................ 28
6.2.8 SMB configuration .................................................................................................... 30
6.2.9 Web / FTP server ..................................................................................................... 30
6.2.10 Operating system ..................................................................................................... 30

7 Security Data Sheet Security varioPRINT135 series ...............................................31

7.1 Product definition .......................................................................................................... 31
7.2 General Controller information ..................................................................................... 31
7.3 Controller Operating system ......................................................................................... 31
7.4 Virus check .................................................................................................................... 31
7.5 Controller OS Accounts ................................................................................................ 31
7.6 Integrity protection ........................................................................................................ 31
7.7 Control panel access ..................................................................................................... 31
7.8 Network security............................................................................................................ 32
7.9 SMB configuration ......................................................................................................... 33
7.10 Web / FTP server............................................................................................................ 33
7.11 Operating system .......................................................................................................... 33
7.12 Annex1: Complete list of security patches................................................................... 33

8 Security Data Sheet PRISMAsync Print Server Mark 5 (version 17.x.x.x) based
products.....................................................................................................................38
8.1 Products definition and Controller information ........................................................... 38
8.1.1 Canon varioPRINT 140 v5.1.0.0 ............................................................................... 38
8.1.2 Océ VarioPrint i-series v2.1.0.0 ................................................................................ 38
8.1.3 Canon iPR C10000VP Series v5.1.0.0...................................................................... 38
8.1.4 Canon iPR C800 Series v5.1.0.0 .............................................................................. 38
8.1.5 Canon iPR C850 Series v5.1.0.0 .............................................................................. 38
8.2 Security short list .......................................................................................................... 39
8.3 Controller Operating system ......................................................................................... 39
8.4 Virus check .................................................................................................................... 39
8.5 Controller OS Accounts ................................................................................................ 39
8.6 Integrity protection ........................................................................................................ 40
8.7 Control panel access ..................................................................................................... 40
8.8 Network security............................................................................................................ 40
8.9 SMB configuration ......................................................................................................... 41
8.10 Web / FTP server............................................................................................................ 42
8.11 Operating system .......................................................................................................... 42
8.12 Annex1: Complete list of security patches................................................................... 42

9 Security Data Sheet PRISMAsync Print Server Mark 6.1 (version 18.x.x.x)
based products..........................................................................................................43
9.1 Products definition and Controller information ........................................................... 43
9.1.1 Canon varioPRINT 135 v5.2.0.0 / Canon varioPRINT 140 v5.2.0.0 ........................... 43
9.1.2 Canon iPR C10000VP Series v5.2.0.0...................................................................... 43
9.1.3 Océ VarioPrint i-series v2.1.0.0 ................................................................................ 43
9.1.4 Canon iPR C800 Series v5.2.0.0 .............................................................................. 43
9.1.5 Canon iPR C850 Series v5.2.0.0 .............................................................................. 43
9.1.6 Océ VarioPrint 6000+ Line / Océ VarioPrint 6000 line (Titan) v7.2.0.0....................... 44
9.1.7 Canon iPR C7010VPS Series v5.2.0.0 ..................................................................... 44
9.2 Security short list .......................................................................................................... 44
9.3 Controller Operating system ......................................................................................... 44
9.4 Virus check .................................................................................................................... 44
9.5 BIOS: inaccessible by a random password.................................................................. 45
January, 2022 Page 5
 Canon Production Printing Technical information

9.6 Controller OS Accounts ................................................................................................ 45

9.7 E-shredding ................................................................................................................... 45
9.8 Integrity protection (optional, Licensed) ...................................................................... 45
9.9 Control panel access / User authentication ................................................................. 45
9.10 Network security............................................................................................................ 46
9.11 SMB configuration ......................................................................................................... 47
9.12 Web / FTP server............................................................................................................ 47
9.13 Operating system .......................................................................................................... 47
9.14 Annex1: Microsoft Security patches............................................................................. 48

10 Security Data Sheet PRISMAsync Print Server Mark 6.2 (version 19.1.x.x)
based products..........................................................................................................49
10.1 Products definition and Controller information ........................................................... 49
10.1.1 Canon varioPRINT 135 v6.1.0.0 / Canon varioPRINT 140 v6.1.0.0 ........................... 49
10.1.2 Canon iPR C10000VP Series v6.1.0.0...................................................................... 49
10.1.3 Océ VarioPrint i-series v2.2.0.0 ................................................................................ 49
10.1.4 Canon iPR C800 Series v6.1.0.0 .............................................................................. 49
10.1.5 Canon iPR C850 Series v6.1.0.0 .............................................................................. 49
10.2 Security short list .......................................................................................................... 50
10.3 Controller Operating system ......................................................................................... 50
10.4 Virus check on software package ................................................................................. 50
10.5 BIOS: inaccessible by a random password.................................................................. 50
10.6 Controller OS Accounts ................................................................................................ 51
10.7 E-shredding ................................................................................................................... 51
10.8 Integrity protection (optional, Licensed) ...................................................................... 51
10.9 Control panel access / User authentication ................................................................. 51
10.10 Network security ......................................................................................................... 52
10.11 SMB configuration ...................................................................................................... 53
10.12 Web / FTP server ......................................................................................................... 53
10.13 Operating system ........................................................................................................ 54
10.14 Annex1: Microsoft Security patches .......................................................................... 54

11 Security Data Sheet PRISMAsync Print Server Mark 6.3 (version 19.6.x.x)
based products..........................................................................................................55
11.1 Products definition and Controller information ........................................................... 55
11.1.1 Océ VarioPrint i-series v2.3.1.0 / Océ VarioPrint i-series v2.3.2.0 ............................. 55
11.1.2 Canon varioPRINT 135 v6.2.0.0 / Canon varioPRINT 140 v6.2.0.0 ........................... 55
11.1.3 Océ VarioPrint 6000+ Line / Océ VarioPrint 6000 line (Titan) v7.3.0.0....................... 55
11.2 Security short list .......................................................................................................... 56
11.3 Controller Operating system ......................................................................................... 56
11.4 Virus check on software package ................................................................................. 56
11.5 BIOS: inaccessible by a random password .................................................................. 56
11.6 Controller OS Accounts ................................................................................................ 56
11.7 E-shredding ................................................................................................................... 57
11.8 Integrity protection (optional, Licensed) ...................................................................... 57
11.9 Control panel access / User authentication ................................................................. 57
11.10 Network security ......................................................................................................... 58
11.11 SMB configuration ...................................................................................................... 59
11.12 Web / FTP server ......................................................................................................... 59
11.13 Operating system ........................................................................................................ 59
11.14 Annex1: Microsoft Security patches .......................................................................... 59

January, 2022 Page 6

 Canon Production Printing Technical information

12 Security Data Sheet PRISMAsync Print Server Mark 7.1 (version

20.3.x.x/20.4.x.x) based products. ............................................................................61
12.1 Products definition and Controller information ........................................................... 61
12.1.1 Canon iPR C910 Series v7.1.2.0 .............................................................................. 61
12.1.2 Océ VarioPrint 6000+ Line / Océ VarioPrint 6000 line (Titan) v8.1.0.0....................... 61
12.2 Security short list .......................................................................................................... 61
12.3 Controller Operating system ......................................................................................... 61
12.4 Virus check on software package ................................................................................. 62
12.5 BIOS: inaccessible by a random password.................................................................. 62
12.6 Controller OS Accounts ................................................................................................ 62
12.7 E-shredding ................................................................................................................... 62
12.8 Integrity protection (optional, Licensed) ...................................................................... 63
12.9 Control panel access / User authentication ................................................................. 63
12.10 Network security ......................................................................................................... 63
12.11 SMB configuration ...................................................................................................... 64
12.12 Web / FTP server ......................................................................................................... 65
12.13 Operating system ........................................................................................................ 65
12.14 Annex1: Microsoft Security patches .......................................................................... 65

13 Security Data Sheet PRISMAsync Print Server Mark 7.2 (version 20.6.x.x)
based products..........................................................................................................66
13.1 Products definition and Controller information ........................................................... 66
13.1.1 Océ VarioPrint i-series v2.4.2.0 ................................................................................ 66
13.2 Security short list .......................................................................................................... 66
13.3 Controller Operating system ......................................................................................... 66
13.4 Virus check on software package ................................................................................. 67
13.5 BIOS: inaccessible by a random password.................................................................. 67
13.6 Controller OS Accounts ................................................................................................ 67
13.7 E-shredding ................................................................................................................... 67
13.8 Integrity protection (optional, Licensed) ...................................................................... 67
13.9 Control panel access / User authentication ................................................................. 68
13.10 Network security ......................................................................................................... 68
13.11 SMB configuration ...................................................................................................... 69
13.12 Web / FTP server ......................................................................................................... 70
13.13 Annex1: Microsoft Security patches .......................................................................... 70

14 Security Data Sheet PRISMAsync Print Server Mark 7.3 (version 20.9.x.x)
based products..........................................................................................................71
14.1 Products definition and Controller information ........................................................... 71
14.1.1 Canon varioPRINT 135 v7.1.0.0 / Canon varioPRINT 140 v7.1.0.0 ........................... 71
14.1.2 Océ VarioPrint 6000+ Line / Océ VarioPrint 6000 line (Titan) v8.2.0.0....................... 71
14.1.3 Canon iPR C10000VP Series v7.3.0.0 / v7.3.1.0 ...................................................... 71
14.1.4 Canon iPR C850 Series v7.3.0.0 .............................................................................. 71
14.2 Security short list .......................................................................................................... 72
14.3 Controller Operating system ......................................................................................... 72
14.4 Virus check on software package ................................................................................. 72
14.5 BIOS: inaccessible by a random password.................................................................. 72
14.6 Controller OS Accounts ................................................................................................ 72
14.7 E-shredding ................................................................................................................... 73
14.8 Integrity protection (optional, Licensed) ...................................................................... 73
14.9 Control panel access / User authentication ................................................................. 73

January, 2022 Page 7

 Canon Production Printing Technical information

14.10 Network security ......................................................................................................... 74

14.11 SMB configuration ...................................................................................................... 75
14.12 Web / FTP server ......................................................................................................... 75
14.13 Annex1: Microsoft Security patches .......................................................................... 75

15 Security Data Sheet PRISMAsync Print Server Mark 7.4.x based products. ......... 76
15.1 Products definition and Controller information ........................................................... 76
15.1.1 Canon iPR C910 Series v7.4.0.0 / v7.4.3.0 ............................................................... 76
15.1.2 varioPRINT 6000 Ultra line / varioPRINT 6000+ line (Titan) / varioPRINT 6000
series TITAN v8.3.0.0 / 8.3.2.0 / 8.4.0.0.............................................................................. 76
15.1.3 Canon varioPRINT 135 v7.2.1.0 / Canon varioPRINT 140 v7.2.1.0 ........................... 76
15.1.4 Canon iPR C10010VP Series v7.4.0.0 / 7.4.1.0 ........................................................ 77
15.1.5 Canon iPR C850 Series v7.4.2.0 .............................................................................. 77
15.1.6 Canon iPR C10000VP Series v7.4.2.0...................................................................... 77
15.1.7 Océ VarioPrint i-series v4.1.2.0 ................................................................................ 77
15.1.8 Canon varioPRINT iX-series v4.1.0.0 / 4.1.1.0 / 4.1.2.0 ............................................ 77
15.2 Security short list .......................................................................................................... 78
15.3 Controller Operating system ......................................................................................... 78
15.4 Virus check on software package ................................................................................. 78
15.5 BIOS: inaccessible by a random password.................................................................. 78
15.6 Controller OS Accounts ................................................................................................ 78
15.7 Disk encryption.............................................................................................................. 79
15.8 Decommissioning .......................................................................................................... 79
15.9 E-shredding ................................................................................................................... 79
15.10 Integrity protection (optional, Licensed) .................................................................... 80
15.11 Control panel access / User authentication ............................................................... 80
15.12 Network security ......................................................................................................... 80
15.13 SMB configuration ...................................................................................................... 81
15.14 Web / FTP server ......................................................................................................... 82
15.15 Annex1: Microsoft Security patches .......................................................................... 82

16 Security Data Sheet PRISMAsync Print Server Mark 8.1.x based products. ......... 83
16.1 Products definition and Controller information ........................................................... 83
16.1.1 Canon varioPRINT 135 v8.1.1.0 / Canon varioPRINT 140 v8.1.1.0 ........................... 83
16.1.2 Canon iPR C10010VP Series v8.1.0.0 / v8.2.0.0 / v8.3.0.0 ....................................... 83
16.1.3 Canon iPR C10000VP Series v8.1.0.0 / v8.2.1.0 ...................................................... 83
16.1.4 Canon iPR C910 Series v8.1.0.0 / v8.2.0.0 ............................................................... 83
16.1.5 Canon varioPRINT iX-series v4.1.3.0 / 4.2.0.0 / 4.2.1.0 ............................................ 84
16.1.6 varioPRINT 6000 Ultra line / varioPRINT 6000+ line / varioPRINT 6000 series
TITAN v8.5.0.0 ................................................................................................................... 84
16.2 Security short list .......................................................................................................... 84
16.3 Controller Operating system ......................................................................................... 85
16.4 Virus check on software package ................................................................................. 85
16.5 BIOS: inaccessible by a random password.................................................................. 85
16.6 Controller OS Accounts ................................................................................................ 85
16.7 Disk encryption.............................................................................................................. 85
16.8 Decommissioning .......................................................................................................... 85
16.9 E-shredding ................................................................................................................... 86
16.10 Integrity protection (optional, Licensed) .................................................................... 86
16.11 Control panel access / User authentication ............................................................... 86
16.12 Network security ......................................................................................................... 87
16.13 SMB configuration ...................................................................................................... 88
16.14 Web / FTP server ......................................................................................................... 88
January, 2022 Page 8
 Canon Production Printing Technical information

16.15 Annex1: Microsoft Security patches .......................................................................... 89

January, 2022 Page 9

 Canon Production Printing Technical information

1 Introduction
The evolution of high volume copiers into digital multifunctional
systems has provided many improvements to workplace
productivity. Most copiers are now full blown IT devices with
network and email server connectivity. Businesses are making
large investments to enhance workflow by utilizing advanced
technology that often reside on intricate networks. Valuable
information such as intellectual property no longer stays at the
desktop hard drive level. Documents travel through many
channels before they are stored at a final destination. This has
created exponential demand for privacy and security with the
array of new market technology for imaging.

At Canon Production Printing (CPP), security is an integral part of

system development, and the company is taking a proactive
approach to the improvement of security-related issues. Canon
Production Printing is working to address security challenges
across all of its digital document systems. We provide ways to
protect customers from risk associated with improper access or
use of sensitive information. We also focus on meeting
recognized industry standards and working to help customers
implement government mandated security regulations in a timely
manner.

The security objective for Canon Production Printing digital

document systems is to provide security for networked devices.
Canon Production Printing is focused on providing customers with
a multi-layered approach to security. We provide security
features, functions, and options that can protect the Device, Data,
and Document output. Canon Production Printing incorporates a
variety of features and functions that will allow a customer to
protect the device from unauthorized users and minimize the risk
of “cyber-attacks; the data that reside for use on the MFP’s HDD;
and the document to keep confidentiality of information contained
in documents printed at the MFP at the highest level possible.

This security overview comprises Canon Production Printing’s

Security Policy and provides security details on product level.

1.1 Used terms

In this document terms like KOS, SAS and Settings Editor are
used, what do these terms mean? In general the configuration of
the controller can be changed via a web-browser interface.
depedending on the role you choose during logon to the
controller. KOS stands for Key Operator System and SAS stands
for System Adminstrator System. In general the System
Administrator has more rights to change configurations and
settings than the Key Operator.

January, 2022 Page 10

 Canon Production Printing Technical information

2 CPP Security Policy

CPP provides customers with printing systems that optimize the
document workflow while also providing a secure printing
environment. In order to effectively manage the security support
and maintenance of its products during the complete lifecycle, a
CPP Security Organization with a strict security policy was
formed. The two main objectives of the security policy are:
1. Permanently enforce security rules for the development of
new products (CPP Security Standards);
2. Provide customers up-to-date security information on existing
CPP products.

New Products
The CPP Research and Development group has implemented
the CPP Security Standards to ensure that all newly developed
products comply with security requirements. These standards
are regularly updated based on changing market requirements.
Up-to-date Security
To ensure that customers have up-to-date security, CPP has
implemented the following:
• Security Web Pages for addressing Operating System issues
-provides security patch(es) for CPP products affected by
security flaws.
• The CPP Security Manual containing detailed technical
information.
• A PRISMAsync Print Server Security white paper.
• On Remote Service, a CPP backup office system which
provides Software/Security updates to all PRISMAsync
Printer server worldwide.
• A Security Officer in each Operational Country for any local
security questions, problems or advice.

2.1 CPP Security Standards

Since security vulnerability can have a negative impact on

customer business, CPP has taken preventative measures to
minimize potential threats. A CPP Security Standard was created,
defining software security rules for CPP hardware (e.g.
controllers) and CPP software applications. A CPP product
cannot be launched if it does not comply with these security rules.
The objective of these rules is to take preventive measures in
order to:
• Protect the global system integrity against attempts to modify
the original software which could potentially jeopardize the
productive printing and/or scanning process
• Mitigate the risk of the controller being used to penetrate the
customer network
• Prevent virus infection and protect against hacking actions
• Protect CPP system resources against illegal use
• Ensure a good level of confidentiality for CPP and customer
data
• Increase the robustness of the global system (host
application, controller, engines)
• Insure system availability by avoiding Denial of Service.

2.2 MS security patches

Whenever necessary, CPP will release security updates to deal

with vulnerabilities discovered and published by Microsoft. The
updates can be retrieved from the CPP web site
(https://downloads.cpp.canon/) and installed on the PRISMAsync
January, 2022 Page 11
 Canon Production Printing Technical information

by the system admininistrator using the control panel or the

Settings Editor.

Special patches are made for defects that are identified as

providing a severe problem for the PRISMAsync operation.
Defects with little impact on the PRISMAsync are incorporated in
the next regular software release. All defects that do not have
any impact on the PRISMAsync operation, are discarded.

All the seuriuty updates can be automatically deployd to the

systems using either Microsft Windiws Server , WSUS or the
CPP on Remote Services back office.

2.3 Security and the customers role

The customer is responsible for assessing the security risk for

their environment and defining appropriate mitigation that may
include changes to the default settings of CPP equipment.

CPP understands the importance of maintaining a secure network

environment and recommends that customers change the default
built-in passwords and modify the security-related configuration
options to satisfy their site-specific security requirements upon
completion of the system installation. CPP is committed to keep
the printer controller secure and compliant with the latest security
requirements.

January, 2022 Page 12

 Canon Production Printing Technical information

3 Security details
In this chapter we provide security details on the CPP Cutsheet
Toner and Sheet Fed supplied systems.
These products are network connected via a PRISMAsync print
server, below a list of these products:

PRISMAsync based systems:

- Océ VarioPrint 6000+ Line
- Océ VarioPrint 6000 Line (Titan)
- varioPRINT 6000 TITAN series
- Océ VarioPrint 110-120-135
- Canon varioPRINT 140 series
- Canon imagePRESS C7010VPS
- Canon imagePRESS C6010VPS
- Canon imagePRESS C6010S
- Canon imageRUNNER ADVANCE C9060S PRO,
- Canon imageRUNNER ADVANCE C9065S PRO,
- Canon imageRUNNER ADVANCE C9070S PRO,
- Canon imageRUNNER ADVANCE C9075S PRO;
- Canon iPR C800 Series
- Canon iPR C850 Series
- Canon iPR C910 Series
- Canon iPR C10000VP Series
- Canon iPR C10010VP Series
- Océ VarioPrint i-series
- Canon varioPRINT iX-series

When evaluating the information in this document, please keep in

mind that CPP is continuously improving its products to increase
the conformance of these products with the increasingly
demanding security requirements viewed as necessary in today’s
global market. Therefore it is advisable to discuss these issues
with the local Canon representative to obtain the latest
information.

3.1 Handling of copy-, print- and scan jobs after these are processed

In this paragraph we explain what is done with the data of a print

job or copy-, and scan-job (if applicable) after it is processed by
the system. The data cannot be accessed via the User Interface.

 Coping: the original job is scanned and information is stored

on the file system/HDD for reuse and then printed on the
sheet(s). When the copy job is finished data is deleted* from
the file system/HDD.
The images of the scanned originals are stored as
compressed bitmaps on the hard disk.
 Printing: In general the following rule applies: received input
data is collected into one data file and converted into internal
data file(s) (bitmap format).

The images of the print job are stored as a compressed
bitmaps on the hard disk. When configured, The print job is
deleted when all the pages of the job are deleted*.
 Printing from USB is a method for getting print data on the
printer. This method imposes additional security items that
have been countered by disabling booting from USB.
All print data is directly handed to the RIP independent of the
source of the print data, whether that is from LPR or from
USB. Print data is not executed but handled by the ticket
parser and PDL interpreter. Executables will thus result in
'strange' print-outs instead of being executed. Also, all PDL
January, 2022 Page 13
 Canon Production Printing Technical information

'accounts' have been disabled or their passwords changed.

The read and write permissions of the RIP have been limited
to a predefined and small set of locations.
 Scanning: original job will be scanned and information is
stored on the file system/HDD and transferred to the
specified target system. If the transfer is successful the data
is deleted* from the file system/HDD.

* deleted has 2 meanings, without and with data-shredding.

 Without data-shredding:
the data is registered as not available anymore. With specific
tooling this can be recovered until other data overwrites this
bitmap data.
 With data-shredding:
the data is not only registered as not available anymore but
also the actual data is overwritten for a configurable number
of times. This means that print data can no longer be
retrieved.

January, 2022 Page 14

 Canon Production Printing Technical information

4 PRISMAsync security details

In the previous chapters information on security aspects
regarding the PRISMAsync controller is listed. In this chapter you
find more detailed information on security for the PRISMAsync
print server.

4.1 Software installation

Software install of software releases and updates is performed by

CPP or third party Field Service Technicians. Security and
functional patches can be installed by CPP or third party Field
Service Technicians or customers via the Settings Editor.

On Dell-based PRISMAsync hardware the software installation is

started from a floppy disk, the install software is present on a CD-
ROM. On newer PRISMAsync hardware the software is installed
from a USB-stick.

Software integrity for main software releases and upgrades is

kept by means of a digital signature. If the software is modified
the sign is no longer valid and the software will not be installed.

4.2 Security vulnerability handling

As PRISMAsync software uses Microsoft Windows Embedded

Standard 2009, Windows 7e (embedded) or Windows 10 IoT
Enterprise LTSB as O.S. we describe here the handling of
vulnerabilities for these O.S.-es
• Every month Microsoft reports a list of new found
vulnerabilities for this O.S. The CPP Security Group, a
dedicated group of security experts in CPP central R&D
organization, evaluates all security threat information
received from Microsoft, and determines its severity for the
various products.
The severity determines the action to solve this vulnerability.
We distinguish the following classes:
o Not applicable: means that the vulnerable component
that this flaw applies to is not part of the OS used in
either production mode or service mode.
No action needs to be taken.
o Low vulnerability:
1) Complex to exploit and needs a local action, action on
the PRISMAsync controller is needed to make use (mis-
use) of the vulnerability. This local action is made
impossible, or
2) The vulnerable component is active but not accessible
No action needs to be taken.
o Medium vulnerability:
Easy to exploit and:
1) Allows code execution but needs a local action on the
PRISMAsync controller is needed to make use (mis-use)
of the vulnerability. This local action is made impossible,
or
2) Provokes denial of service or information disclosure
and can be exploited remotely.
Solution for this vulnerability is integrated in the OS in the
next main software release or upgrade.
o High vulnerability: Easy to exploit, can be exploited
remotely (for example by worms or virus) and allows
code execution.
Solution for this vulnerability is delivered in a special
security patch. The customer or CPP or third party Field
January, 2022 Page 15
 Canon Production Printing Technical information

Service Technicians can download and install this patch

from the "support" tab of the product page on the CPP
Corporate website (downloads.cpp.canon)
• The website is updated with this information. In this way CPP
gives their customers updates on the latest state of affairs on
security issues of their product.
• All the seuriuty updates can also be automatically deployd to
the systems using either Microsft Windiws Server , WSUS or
the CPP on Remote Services back office.

4.3 Anti-virus

1: customer role:

Security and the customers role

The customer is responsible for assessing the security risk for
their environment and defining appropriate policies and user
training.
The policy may include changes to the default settings of CPP
equipment.
The customer is responsible to provide a monitored environment,
to ensure the physical integrity of the machine.
CPP understands the importance of maintaining a secure network
environment and recommends that customers change the default
built-in passwords and modify the security-related configuration
options to satisfy their site-specific security requirements upon
completion of the system installation.
CPP strongly recommends that the customer ensures that the
security patches provided by CPP are installed.
CPP is committed to keep the printer controller secure and
compliant with the latest security
requirements.

2: anti virus

As described earlier in this document PRISMAsync does not use

an anti virus scanner nor is it possible for the customer to install
an anti-virus scanner.

The reasons for this policy are:

· The user can not log-on to the PRISMAsync OS.
This means that the user can not start any application, browse the
filesystem or browse web pages. A web-browser is not even
installed.
· PRISMAsync binaries use the additional features this platform
offers, like DEP, ASLR, SafeSEH and stack Cookies. This makes
it much harder for an attacker to succesfully exploit a vulnerability.
· Processes which directly handle data from the network run with
restricted rights. They are not able to change executable files on
the system.
· The firewall is dynamically adapted to the configured services.
For instance SMB is disabled by default. When SMB is enabled,
only the minimal subset of SMB interfaces, that is required for the
hotfolder functionality can be accessed.
· Only a bare number of services are running on the
customized version of the O.S.
· Virus scanners need a significant part of the available
computing power. To keep the controller performing swift
when RIP-ping print files or responding to network requests, it
will be necessary to customize the virus scanner such that a
number of file types are disabled from being examined.
· Virus scanners on internal PCs/controllers on a customer
January, 2022 Page 16
 Canon Production Printing Technical information

network offer protection if a person introduces a virus on the

internal network. Protection against external.

4.4 McAfee Embedded Control

On the PRISMAsync print server the tool “McAfee Embedded

Control” is used for malware protection. It ensures that only
programs that have been explicitly allowed to run can be
executed on the systems (so-called application allow-listing). This
effectively prevents the execution of unwanted programs, such as
Malware. The allow-list is generated when the base system is
installed and licensed. After this, only programs that are on the
allow-list can be started on the system.

In case any attempt to execute unauthorized binaries is detected,

an event is generated in the security audit log.
External programs, e.g. installation programs, must be digitally
signed with a dedicated Canon production printing certificate.
Otherwise, execution will be blocked.
ACLs are configured on the system to prevent unauthorized
modification and execution of binaries.

At every release of PRISMAsync, any relevant update of McAfee

Embedded Control is included.

McAfee Embedded Control makes a virus scanner unnecessary.

With McAfee Embedded Control, your device is secure from
viruses or malware because McAfee Embedded Control
continuously checks for differences with the approved software
and files and blocks any attempts to take advantage of known
exploits. This keeps your device safe even if it is running legacy
Microsoft Windows versions that are no longer supported. The
other PRISMAsync design choices already provide great security.
By adding McAfee Embedded Control, your security becomes
ironclad.

4.5 Audit Event Logging

The PRISMAsync print server supports the automatic

transmission of security and audit log information to an external
SIEM, using the syslog protocol (TCP or UDP). As the syslog
protocol is not authenticated, nor protected against modification,
the connection to the SIEM must be established via an IPsec
connection to be secure.

The PRISMAsync print server keeps a local storage of the audit

log. Events that are transmitted successfully to the SIEM may
optionally be removed from the local storage. The local storage
has a limited capacity, and when full, older events will be
overwritten.

The following types of events are:

• Startup and shutdown.
• Log management (download, clear, overwriting when full)
• Login (success or fail) and logout
• Changes to configuration items that are editable only by an
authorized user, changed via the settings editor or the local
UI.
• User, group and password management
• Smartcard and NFC card configuration.
• Domain configuration.
• Backup and restore management
• Software updates, patch installations, reinstallations.
January, 2022 Page 17
 Canon Production Printing Technical information

• License management.
• Workflow configuration (automated workflows, hotfolders,
SMB shares, remote printers, fonts, remote manager)
• PIN protected DocBox management and access
• Change to system time, either configured by an authorized
user, or automatically over NTP.
• Job creation and deletion (on the controller; actions in the
driver are ignored).
• Explicit job actions of users (starting, moving, deleting).
• Job started printing and when printing is completed.
• Remote access outside of the corporate network

The data is based on events generated by the PRISMAsync print

server software, as well as the Microsoft Windows event logs.

The following events are not logged:

• Changes to color settings.
• Changes to media catalog.
• Changes to transaction printing configuration.
• DocBox management and usage when not PIN protected.
• Scan profile management.
• Automatic job actions (direct printing to scheduled jobs)

An event contains the relevant available details, such as:

• An identifier (type) of the event.
• The timestamp and the event severity.
• The user name of the user that performed the logged action,
when available.
• The hostname from where the logged action was performed.
When performed locally, ‘localhost’ is used.
• The outcome (success or failure).

4.6 Can infected print files corrupt the software?

PRISMAsync supports the following PDL’s: PostScript3, PDF,

PCL5, PCL 6 and IPDS.
• PostScript3:The PostScript format is a language describing
a page, created for printing and widely used in typography.
One of its advantages is that it is universal (it is independent
from the format of the original file) and it cannot carry viruses.
• PDF: PDF files are ripped in a 2 stages:
First, the PDF-file is converted into an intermediate
Postscript3-file. Second, the intermediate PostScript3-file is
ripped as a PostScript3-ducument.
For printing a PDF file cannot contain a virus in the form of an
executable or script.
To support “fill-in forms” Adobe has introduced Acroforms.
These acroforms are implemented in JavaScript. JavaScript
is not executed in our PDF2PS converter. Therefore we are
not vulnerable for malicious code inside PDF-files.
• PCL5: The PCL5 language is not capable to carry a virus, in
the form of an excutable or a script, inside it. This means that
PCL5-files are always free of virusses.
• PCL6: The PCL6 language is not capable to carry a virus, in
the form of an excutable or a script, inside it. This means that
PCL6-files are always free of virusses.
• IPDS: IPDS has a strict command syntax specifying the
meaning of the data and how it is parsed and interpreted as
parameters. Executables or scripts are not used in the IPDS
architecture. Free format fields can only contain EBCDIC or
Unicode code points for text or bit-maps for images, any
malicious data carried in such fields will therefore not be
executed as code.
January, 2022 Page 18
 Canon Production Printing Technical information

4.7 Boot sequence

The boot sequence of the PRISMAsync hardware depends on the

used hardware.
• iBase motherboard: First boot device: Hard Disk 0 only.
Second boot device: USB (only if HD is empty, e.g. during
installation of software from a USB-key), no third boot device;
• Dell motherboard: First boot device: Floppy, second boot
device: Hard Disk 0, third boot device: CD-ROM.
The boot sequence is static and specified in the BIOS. The BIOS
is password protected.

4.8 Access to the configuration

In the web browser based Settings Editor of PRISMAsync, 2 roles

are identified of persons that can change configuration settings:
• Key operator,
The Key Operator can change a subset of the configuration.
• System Administrator.
The System Administrator can change all available settings.
Please note that this System Administrator role is not linked
or related to the Windows administrator role.
Note: by default all settings can always be read by these persons.

Logging in as Key Operator or System Administrator is required to

be able to change settings.
Both roles are protected via a password which can be changed by
the System Administrator. The System Administrator password
must comply with the strong password rules.
More detailed rights with respect to port settings are listed in the
security data sheet chapters, table in sections “Ports Usage”.

Other ways of accessing the PRISMAsync controller via the

network are not supported; there is no terminal service or remote
desktop connection available.

Keyboard and mouse are standard not connected

The Windows O.S. does connect to the customer network as a

customer Domain user.
The CPP Service technician has access rights in the Settings
Editor.

4.9 Print document data (background)

PRISMAsync does not support encryption of the print

document data. Once on the controller the print data is RIP-ped
into a series of bitmaps. The bitmaps are stored on Hard Disk
in an CPP proprietary format.

January, 2022 Page 19

 Canon Production Printing Technical information

5 Security Data Sheet Security Océ VarioPrint 6xx0 (Ultra/MICR/TP)

PRISMAsync based products
Because of its deviating architecture, the Océ VarioPrint 6xx0 is
covered separately from the other PRISMAsync based products.
- Océ VarioPrint 6160 R5.X onwards
- Océ VarioPrint 6200 R5.X onwards
- Océ VarioPrint 6250 R5.X onwards
- Océ VarioPrint 6160 Ultra R5.X onwards
- Océ VarioPrint 6200 Ultra R5.X onwards
- Océ VarioPrint 6250 Ultra R5.X onwards
- Océ VarioPrint 6320 Ultra R5.X onwards
- Océ VarioPrint 6160 MICR R5.X onwards
- Océ VarioPrint 6200 MICR R5.X onwards
- Océ VarioPrint 6250 MICR R5.X onwards
- Océ VarioPrint 6160 TP R5.X onwards
- Océ VarioPrint 6200 TP R5.X onwards
- Océ VarioPrint 6250 TP R5.X onwards
- Océ VarioPrint 6320 TP R5.X onwards

5.1.1 Security short list Océ VarioPrint 6xx0 PRISMAsync print controller

Operating system Microsoft Windows XP-e SP3

MS security patches Océ released patches
Version PRISMAsync
Firmware version Ref. 12.20.54
Security levels NO
Certifications NO
Firewall Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Web server Apache Tomcat 5
E-shredding 1 - 35 pass (DOD compliant, Guttmann compliant)
Removable HDD NO
Data encryption NO
Network encryption NO

5.1.2 Network security

5.1.2.1 Network security Océ VarioPrint 6xx0 R5.1/R5.3 print controller

Available network protocols:
Can be enabled Direction
Protocol, functionality Features
or disabled
HTTP no - In
HTTPS no - In
DHCP, IP address assignment yes - Out
LPR, print job data yes - In
Raw socket, Port 9100 (7500-9100) yes port number configurable In
document printing
Raw socket, Port 5001 (5001-65535) or yes port number configurable In
port 9001 (9001-65535) printing2, IPDS or
PCL, job data for transaction printing
SNMP, job and printer management yes community name In
SNMP v3 supports username
and password

January, 2022 Page 20

 Canon Production Printing Technical information

Can be enabled Direction

Protocol, functionality Features
or disabled
NetBIOS, SMB printing / Hot Folder yes SMB printing is mutual exclusive In
with Hot Folder functionality
IPP printing yes - In
1: Mutually exclusive. Only IPDS OR PCL can be enabled, not both.
Enabling or disabling of any specific functionality can be achieved via the Settings Editor.

5.1.2.2 Network security Océ VarioPrint 6xx0 R5.4 print controller

Available network protocols:
Can be enabled Direction
Protocol, functionality Features
or disabled
HTTP no - In
HTTPS no - In
HTTPS, Océ Remote Services, yes Out
Océ Remote Assistance yes In/Out
DHCP, IP address assignment yes - Out
LPR, print job data yes - In
Raw socket, Port 9100 (7500-9100) yes port number configurable In
document printing
Raw socket, Port 5001 (5001-65535) or yes port number configurable In
port 9001 (9001-65535) printing2, IPDS or
PCL, job data for transaction printing
SNMP, job and printer management yes community name In
SNMP v3 supports username
and password
NetBIOS, SMB printing / Hot Folder yes SMB printing is mutual exclusive In
with Hot Folder functionality
IPP printing yes - In
IPsec, Océ Remote Assistance over yes Out
hardware-VPN
1: Mutually exclusive. Only IPDS OR PCL can be enabled, not both.
Enabling or disabling of any specific functionality can be achieved via the Settings Editor.

5.1.3 Ports usage

5.1.3.1 Ports Usage Océ VarioPrint 6xx0 R5.1/R5.3 print controller

The PRISMAsync uses the following ports:

Can be
Port number Protocol Factory default
en-/disabled
TCP: 80 HTTP - enabled
TCP: 139 NetBIOS (SMB) KOS/SAS disabled
TCP: 443 HTTPS - enabled
TCP: 515 LPR KOS/SAS enabled
TCP: 631 IPP KOS/SAS enabled
RAW socket/IPDS
TCP: 5001-655351 Transaction SAS disabled
Printing
RAW socket/PCL
TCP: 9001-655351 Transaction SAS disabled
Printing
Raw socket
TCP: 7500-9100 PDF/PS or PCL KOS/SAS disabled
data
UDP: 68 DHCP SAS disabled
UDP: 137 SMB KOS/SAS disabled
UDP: 161 SNMP SAS enabled
1: Mutually exclusive. Only IPDS OR PCL can be enabled, not both.
KOS = Key Operator System, accessable for Key Operator role.
January, 2022 Page 21
 Canon Production Printing Technical information

Can be
Port number Protocol Factory default
en-/disabled
SAS = System Administrator System, accessible for the System Adminstrator role
Both KOS ands SAS are password protected

5.1.3.2 Ports Usage Océ VarioPrint 6xx0 R5.4 print controller

The PRISMAsync uses the following ports:

Can be
Port number Protocol Factory default
en-/disabled
TCP: 80 HTTP - enabled
TCP: 139 NetBIOS (SMB) KOS/SAS disabled
TCP: 443 HTTPS - enabled
TCP: 515 LPR KOS/SAS enabled
TCP: 631 IPP KOS/SAS enabled
RAW socket/IPDS
TCP: 5001-655351 Transaction SAS disabled
Printing
RAW socket/PCL
TCP: 9001-655351 Transaction SAS disabled
Printing
Raw socket
TCP: 7500-9100 PDF/PS or PCL KOS/SAS disabled
data
UDP: 68 DHCP SAS disabled
UDP: 137 SMB KOS/SAS disabled
UDP: 161 SNMP SAS enabled
UDP: 500 IPsec KOS enabled
UDP: 4500 IPsec-NAT T KOS enabled
1: Mutually exclusive. Only IPDS OR PCL can be enabled, not both.
KOS = Key Operator System, accessable for Key Operator role.
SAS = System Administrator System, accessible for the System Adminstrator role
Both KOS ands SAS are password protected

5.1.4 E-shredding

E-shredding is enabled or disabled by the administrator via the

Settings Editor.
Following parameters can be used to customize e-shredding
operations:

E-shredding level High Medium Custom

Number of shred passes 35 3 1 - 35
Background shredding YES YES YES
Shred all print jobs1 YES YES selectable
1: Shredding all print jobs implies shredding PIN code jobs.

E-shredding is performed in the background (silent asynchronous

e-shredding).

5.1.5 Anti-virus

A virus scanner is used to protect the software of the computer

against the penetration of mallicious software.
We believe that with a number of measures we keep the
PRISMAsync free from mallicious software.
• PRISMAsync uses only a stripped down version of the
Microsoft Windows XP embedded OS to perform its tasks.
The Embedded version already is a more limited version of
Windows XP, but all parts of the Embedded OS that are not
needed for PRISMAsync are removed as well. This gives a
significant reduction of the sensitivity for vulnerabilities.

January, 2022 Page 22

 Canon Production Printing Technical information

• PRISMAsync does not allow remote login or access of any

kind nor the execution of programs on one of its interfaces.
(E.g. Autorun files or executables will not be started if a USB
stick or CD/DVD is inserted.)
• In case Océ Remote Services is not enabled (VP6xx0 R5.4
functionality) PRISMAsync does not open a connection to the
internet.

5.1.6 MS security patches

Whenever necessary, Océ will release security patches to deal

with vulnerabilities discovered and published by Microsoft. The
patches can be retrieved from the Océ web site and installed on
the PRISMAsync by the operator using the Settings Editor.

Special patches are made for defects that are identified as

providing a severe problem for the PRISMAsync operation.
Defects with little impact on the PRISMAsync are incorporated in
the next regular software release. All defects that do not have any
impact on the PRISMAsync operation, are discarded.

5.2 Security data sheet VarioPrint 6000/ VarioPrint 6000 Ultra Line

This release includes all patches as incorporated in R5.5.12.0

and adds Windows Embedded Standard 2009 operating system.

5.2.1 Product definition

Product name Océ VarioPrint 6xx0 (Ultra/Micr/TP)

Release version 5.6
Milestone M7

5.2.2 General Controller information

Controller name PRISMAsync

Controller release version 12.23.54.86

5.2.3 Controller Operating system

Controller OS name WES2009

OS Patches applied All relevant Microsoft patches
including Oct. 2015 roll up
package

5.2.4 Virus check

List of software The final ISO is checked

deliveries checked with up to date antivirus as
part of the standard release
process
Delivery checked with McAfee scan engine
version 5700.7163
Date of Anti-Virus 7/6/2015
signature file
Alert detected No

5.2.5 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
January, 2022 Page 23
 Canon Production Printing Technical information

SI_UI Yes Enabled User

SI_Network Yes Enabled User
Oceadmin Yes Enabled OS-admin
Oceguest No Disabled guest
HotFolder user created Yes Disabled User
account
OceService Yes Enabled User

5.2.6 Integrity protection

Protection type n.a.

Protected area n.a.
Behaviour after corruption n.a.

5.2.7 lControl panel access

Key operator Control panel + Setting Editor

Super User Control panel + Setting Editor
Service User Control panel + Setting Editor + Local SDS
interface

January, 2022 Page 24

 Canon Production Printing Technical information

6 Security Data Sheet Security Océ VarioPrint 6000+ (Ultra/MICR/TP)

PRISMAsync based products
Because of its deviating architecture, the Océ VarioPrint 6xx0 is
covered separately from the other PRISMAsync based products.
- Océ VarioPrint 6160 Ultra+ R6.X onwards
- Océ VarioPrint 6200 Ultra+ R6.X onwards
- Océ VarioPrint 6250 Ultra+ R6.X onwards
- Océ VarioPrint 6320 Ultra+ R6.X onwards
- Océ VarioPrint 6160 MICR+ R6.X onwards
- Océ VarioPrint 6200 MICR+ R6.X onwards
- Océ VarioPrint 6250 MICR+ R6.X onwards
- Océ VarioPrint 6160 TP+ R6.X onwards
- Océ VarioPrint 6200 TP+ R6.X onwards
- Océ VarioPrint 6250 TP+ R6.X onwards
- Océ VarioPrint 6320 TP+ R6.X onwards

6.1.1 Security short list Océ VarioPrint 6000+ PRISMAsync print controller

Operating system Microsoft Windows 7 –e SP1

MS security patches Océ released patches
Version PRISMAsync
Firmware version Ref. 14.5.98.23
Security levels NO
Certifications NO
Firewall Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Web server Apache Tomcat 5
E-shredding 1 - 35 pass (DOD compliant, Guttmann compliant)
Removable HDD NO
Data encryption NO
Network encryption NO

6.1.2 Network security

6.1.2.1 Network security Océ VarioPrint 6xx0 R6.x Ultra+ print controller
Available network protocols:
Can be enabled Direction
Protocol, functionality Features
or disabled
HTTP no - In
HTTPS no - In
HTTPS, On Remote Services, yes Out
On Remote Assistance yes In/Out
DHCP, IP address assignment yes - Out
LPR, print job data yes - In
Raw socket, Port 9100 (7500-9100) yes port number configurable In
document printing
Raw socket, Port 5001 (5001-65535) or yes port number configurable In
port 9001 (9001-65535) printing2, IPDS or
PCL, job data for transaction printing
SNMP, job and printer management yes community name In
SNMP v3 supports username
and password
NetBIOS, SMB printing / Hot Folder yes SMB printing is mutual exclusive In

January, 2022 Page 25

 Canon Production Printing Technical information

Can be enabled Direction

Protocol, functionality Features
or disabled
with Hot Folder functionality
IPP printing yes - In
IPsec, On Remote Assistance over yes Out
hardware-VPN
1: Mutually exclusive. Only IPDS OR PCL can be enabled, not both.
Enabling or disabling of any specific functionality can be achieved via the Settings Editor.

6.1.3 Ports usage

6.1.3.1 Ports Usage Océ VarioPrint 6xx0 R6.x Ultra+ print controller

The PRISMAsync uses the following ports:

Can be
Port number Protocol Factory default
en-/disabled
TCP: 80 HTTP - enabled
TCP: 139 NetBIOS (SMB) KOS/SAS disabled
TCP: 443 HTTPS - enabled
TCP: 515 LPR KOS/SAS enabled
TCP: 631 IPP KOS/SAS enabled
RAW socket/IPDS
TCP: 5001-655351 Transaction SAS disabled
Printing
RAW socket/PCL
TCP: 9001-655351 Transaction SAS disabled
Printing
Raw socket
TCP: 7500-9100 PDF/PS or PCL KOS/SAS disabled
data
UDP: 68 DHCP SAS disabled
UDP: 137 SMB KOS/SAS disabled
UDP: 161 SNMP SAS enabled
UDP: 500 IPsec KOS enabled
UDP: 4500 IPsec-NAT T KOS enabled
1: Mutually exclusive. Only IPDS OR PCL can be enabled, not both.
KOS = Key Operator System, accessable for Key Operator role.
SAS = System Administrator System, accessible for the System Adminstrator role
Both KOS ands SAS are password protected

6.1.4 E-shredding

E-shredding is enabled or disabled by the administrator via the

Settings Editor.
Following parameters can be used to customize e-shredding
operations:

E-shredding level High Medium Custom

Number of shred passes 35 3 1 - 35
Background shredding YES YES YES
Shred all print jobs1 YES YES selectable
1: Shredding all print jobs implies shredding PIN code jobs.

E-shredding is performed in the background (silent asynchronous

e-shredding).

6.1.5 Anti-virus

A virus scanner is used to protect the software of the computer

against the penetration of mallicious software.
We believe that with a number of measures we keep the
PRISMAsync free from mallicious software.

January, 2022 Page 26

 Canon Production Printing Technical information

• PRISMAsync uses only a stripped down version of the

Microsoft Windows XP embedded OS to perform its tasks.
The Embedded version already is a more limited version of
Windows XP, but all parts of the Embedded OS that are not
needed for PRISMAsync are removed as well. This gives a
significant reduction of the sensitivity for vulnerabilities.
• PRISMAsync does not allow remote login or access of any
kind nor the execution of programs on one of its interfaces.
(E.g. Autorun files or executables will not be started if a USB
stick or CD/DVD is inserted.)
• In case On Remote Services is not enabled (VP6xx0 R5.4
functionality) PRISMAsync does not open a connection to the
internet.

6.1.6 MS security patches

Whenever necessary, CPP will release security patches to deal

with vulnerabilities discovered and published by Microsoft. The
patches can be retrieved from the CPP web site and installed on
the PRISMAsync by the operator using the Settings Editor.

Special patches are made for defects that are identified as

providing a severe problem for the PRISMAsync operation.
Defects with little impact on the PRISMAsync are incorporated in
the next regular software release. All defects that do not have any
impact on the PRISMAsync operation, are discarded.

January, 2022 Page 27

 Canon Production Printing Technical information

6.2 Security Data Sheet Océ VarioPrint 6000+ Line R6.4

6.2.1 Product definition

Product name Océ VarioPrint 6000 (Ultra+/Micr+/Tp+)

Release version 6.4
Milestone M5/M6

6.2.2 General Controller information

Controller name PRISMAsync

Controller release version 16.4.114.190

6.2.3 Controller Operating system

Controller OS name Windows

OS Patches applied All relevant Microsoft patches
Please see Error! Reference source not found. for further details.

6.2.4 Virus check

List of software The final ISO is checked

deliveries checked with up to date antivirus as
part of the standard release
process
Delivery checked with McAfee scan engine
version 5700.7163
Date of Anti-Virus on 30/10//2015
signature file
Alert detected No

6.2.5 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
Oceguest No Disabled guest
HotFolder user created Yes Disabled User
account
UPG_USER Yes Enabled User

Note: The HiddenAdministrator is the default 'Administrator' account from

Window 7. This account cannot be deleted and therefore is renamed to
HiddenAdministrator and disabled and also (see ve070#18677) password
protected to prevent security vulnerability.

6.2.6 Integrity protection

Protection type McAfee embedded control

Protected area Executables on Disk
Behaviour after corruption Reinstallation and confirmation to the user.

6.2.7 Control panel access

Key operator Local Control panel + Setting Editor

Super User Local Control panel + Setting Editor

January, 2022 Page 28

 Canon Production Printing Technical information

Service User Local Control panel + Setting Editor + Local

SDS interface

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller.

6.2.7.1 Network security

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode,
normal
enable/disable protocol TCP UDP
mode, both) service

HTTP Both Enabled Service-user, No 80 (default

Super-user port) or in
range 21-
60535
HTTPS Both Enabled Service-user, No 443(default
Super-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled Service-user, Setting Editor 161
Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Hotfolder Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Scan2SMB Super-user
SOCKET Both Disabled Super-user Setting Editor 9100
PRINTING (default
port) or in
range
7500-9100
TP IPDS Both Disabled Key operator Setting Editor 5001
(locally), (default
Service-user, port) or in
Super-user range
5001-
65535
IPP Both Enabled Super-user Setting Editor 631
TP PCL Both Disabled Key operator Setting Editor 9001
(locally), (default
Service-user, port) or in
Super-user range
5001-
65535
WS Both Enabled Super-user Setting Editor 5357
Eventing

WS- Both Enabled Super-user Setting Editor 3702

Discovery

January, 2022 Page 29

 Canon Production Printing Technical information

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode,
normal
enable/disable protocol TCP UDP
mode, both) service

FTP active- Both Disabled Super user Setting Editor 20

data
transfer
used for
Scan to file

NTP Both Enabled Super-user Setting editor 123

Key Operator
LLMNR Both Enabled Super-user Setting editor 5355

6.2.8 SMB configuration

Item
1) the SMB file sharing must be disabled by
default
2) no administrative share shall be remotely
available
3) the system administrator must be able to
control/restrict the access to the SMB file
share
4) any binary stored on an SMB file share
must not be executable on the controller
5) the SMB sharing must not provide the
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means
to modify the system configuration
7) it must not be possible to use this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the Océ process that receives the files
submitted to the SMB shares must not run
with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to
minimize the SMB attack surface
Protection
off by default, can only be enabled by the
Super-user
The admin$ share is disabled
The system administrator creates the
hotfolder user account and chooses the
password. No guest access allowed
Files dropped in the hotfolder are never
executed
Protected by item 9)
Protected by item 9)
Account settings prevents this
Runs as normal user account
SMB attack surface is reduced by filtering the
remotely accessible named pipes on the IPC$
share, to only allow the pipes required for
SMB file sharing. Allowed pipes are: browser,
wkssvc, srvsvc.
*

6.2.9 Web / FTP server

server.info=Apache Tomcat/8.0.18
server.number=8.0.18.0
server.built=Jan 23 2015 11:56:07

6.2.10 Operating system

Controller OS name:
Windows Embedded Standard 7 64-bit SP1 image version 2.6.8.0

January, 2022 Page 30

 Canon Production Printing Technical information

7 Security Data Sheet Security varioPRINT135 series

7.1 Product definition

Product name varioPRINT 110, 120, 135

Release version 3.4.0.0 and higher
Milestone M5/M6

7.2 General Controller information

Controller name PRISMAsync

Controller release version 15.8.96.160

7.3 Controller Operating system

Controller OS name Windows

OS Patches applied All relevant Microsoft patches
Please see Error! Reference source not found. for further details.

7.4 Virus check

List of software The final ISO is checked

deliveries checked with up to date antivirus as
part of the standard release
process
Delivery checked with McAfee scan engine
version 5600.1067
Date of Anti-Virus on 11/20/2014
signature file
Alert detected No

7.5 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
Oceguest No Disabled guest
HotFolder user created Yes Disabled User
account

Note: The HiddenAdministrator is the default 'Administrator' account from

Window 7. This account cannot be deleted and therefore is renamed to
HiddenAdministrator and disabled and also (see ve070#18677) password
protected to prevent security vulnerability.

7.6 Integrity protection

Protection type None

Protected area (na)
Behaviour after corruption (na)

7.7 Control panel access

Key operator Local Control panel + Setting Editor

Super User Local Control panel + Setting Editor
Service User Local Control panel + Setting Editor + Local
SDS interface
January, 2022 Page 31
 Canon Production Printing Technical information

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller.

7.8 Network security

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode,
normal
enable/disable protocol TCP UDP
mode, both) service

HTTP Both Enabled Service-user, No 80 (default

Super-user port) or in
range 21-
60535
HTTPS Both Enbaled Service-user, No 443(default
Super-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled Service-user, Setting Editor 161
Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Hotfolder Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Scan2SMB Super-user
SOCKET Both Disabled Super-user Setting Editor 9100
PRINTING (default
port) or in
range
7500-9100
TP IPDS Both Disabled Key operator Setting Editor 5001
(locally), (default
Service-user, port) or in
Super-user range
5001-
65535
IPP Both Enabled Super-user Setting Editor 631
TP PCL Both Disabled Key operator Setting Editor 9001
(locally), (default
Service-user, port) or in
Super-user range
5001-
65535
WS Both Enabled Super-user Setting Editor 5357
Eventing

WS- Both Enabled Super-user Setting Editor 3702

Discovery

FTP active- Both Disabled Super user Setting Editor 20

data
transfer
used for
Scan to file

NTP Both Enabled Super-user Setting editor 123

January, 2022 Page 32

 Canon Production Printing Technical information

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode,
normal
enable/disable protocol TCP UDP
mode, both) service

Key Operator

7.9 SMB configuration

Item
1) the SMB file sharing must be disabled by
default
2) no administrative share shall be remotely
available
3) the system administrator must be able to
control/restrict the access to the SMB file
share
4) any binary stored on an SMB file share
must not be executable on the controller
5) the SMB sharing must not provide the
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means
to modify the system configuration
7) it must not be possible to use this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the Océ process that receives the files
submitted to the SMB shares must not run
with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to
minimize the SMB attack surface
Protection
off by default, can only be enabled by the
Super-user
The admin$ share is disabled
The system administrator creates the
hotfolder user account and chooses the
password. No guest access allowed
Files dropped in the hotfolder are never
executed
Protected by item 9)
Protected by item 9)
Account settings prevents this
Runs as normal user account
SMB attack surface is reduced by filtering the
remotely accessible named pipes on the IPC$
share, to only allow the pipes required for
SMB file sharing. Allowed pipes are: browser,
wkssvc, srvsvc.
*

7.10 Web / FTP server

server.info=Apache Tomcat/7.0.54
server.number=7.0.54.0
server.built=May 19 2014 10:26:15

7.11 Operating system

Controller OS name: Windows Embedded Standard 7 64-bit SP1 image version

2.5.10.2

7.12 Annex1: Complete list of security patches

The following list describes the security updates applied to this image. Only the updates
related to installed components are deployed.

Added in
New Security update Description
version
KB2978668 – MS14-047 Vulnerability in LRPC could allow security feature bypass 2.5.10.x.
KB2976897 – MS14-045 Security update for kernel-mode drivers 2.5.10.x.
KB2976627 – MS14-051 Cumulative security update for Internet Explorer 2.5.10.x.

January, 2022 Page 33

 Canon Production Printing Technical information

KB2943357 – MS14-046 Security update for the .NET Framework 3.5.1 2.5.10.x.
KB2937610 – MS14-046 Security update for the .NET Framework 3.5.1 2.5.10.x.
KB2918614 – MS14-049 Security update for Windows Installer Service 2.5.10.x.

Already applied security update

KB976932 Windows 7 Service Pack 1 1.0.0.0
KB2425227 – MS11-013 Vulnerabilities in Kerberos Could Allow Elevation of Privilege 1.0.0.0
KB2446710 – MS11-028 Vulnerability in .NET Framework Could Allow Remote Code Execution 1.0.0.0
Vulnerability in Jscript and VBScript scripting engines could allow remote code
KB2475792 – MS11-009 1.0.0.0
execution
KB2476490 – MS11-038 Vulnerability in OLE Automation Could Allow Remote Code Execution 1.0.0.0
Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code
KB2478662 – MS11-039 1.0.0.0
Execution
KB2479628 – MS11-012 Vulnerabilities in Windows kernel-mode drivers could allow elevation of privilege 1.0.0.0
KB2479943 – MS11-015 Vulnerabilities in Windows Media Could Allow Remote Code Execution 1.0.0.0
KB2482017 – MS11-003 Cumulative security update for Internet Explorer 1.0.0.0
Vulnerability in the OpenType Compact Font Format CFF driver could allow remote
KB2485376 – MS11-007 1.0.0.0
code execution
KB2497640 – MS11-018 Cumulative Security Update for Internet Explorer 1.0.0.0
KB2503658 – MS11-026 Vulnerability in MHTML Could Allow Information Disclosure 1.0.0.0
KB2503665 – MS11-046 Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege 1.0.0.0
Vulnerabilities in Windows Fax Cover Page Editor Could Allow Remote Code
KB2506212 – MS11-024 1.0.0.0
Execution
KB2506223 – MS11-034 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege 1.0.0.0
Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow
KB2507618 – MS11-032 1.0.0.0
Remote Code Execution
Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation
KB2507938 – MS11-056 1.0.0.0
of Privilege
KB2508272 – MS11-027 Cumulative Security Update of ActiveX Kill Bits 1.0.0.0
KB2508429 – MS11-020 Vulnerability in SMB Server Could Allow Remote Code Execution 1.0.0.0
KB2509553 – MS11-030 Vulnerability in DNS Resolution Could Allow Remote Code Execution 1.0.0.0
Vulnerability in Jscript and VBScript Scripting Engines Could Allow Remote Code
KB2510531 – MS11-031 1.0.0.0
Execution
KB2511455 – MS11-019 Vulnerabilities in SMB Client Could Allow Remote Code Execution 1.0.0.0
KB2518869 – MS11-044 Vulnerability in .NET Framework Could Allow Remote Code Execution 1.0.0.0
KB2525694 – MS11-041 Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution 1.0.0.0
KB2530548 – MS11-050 Cumulative Security Update for Internet Explorer 1.0.0.0
KB2536275 – MS11-048 Vulnerability in SMB Server Could Allow Denial of Service 1.0.0.0
KB2536276 – MS11-043 Vulnerability in SMB Client Could Allow Remote Code Execution 1.0.0.0
KB2539635 – MS11-069 Security Update for Microsoft .NET Framework 3.5.1 1.0.0.0
KB2544893 – MS11-037 Vulnerability in MHTML could allow information disclosure 1.0.0.0
KB2555917 – MS11-054 Vulnerabilities in Windows kernel-mode drivers could allow elevation of privilege 1.0.0.0
KB2556532 – MS11-057 Cumulative Security Update for Internet Explorer 1.0.0.0
KB2560656 – MS11-059 Vulnerability in Data Access Components could allow remote code execution 1.0.0.0
KB2562937 – MS11-000 Update Rollup for ActiveX Kill Bits 1.0.0.0
KB2563894 – MS11-064 Vulnerabilities in TCP/IP Stack Could Allow Denial of Service 1.0.0.0
KB2564958 – MS11-075 Security update for Active Accessibility 1.0.0.0
KB2567053 – MS11-077 Vulnerabilities in Windows kernel-mode drivers could allow remote code execution 1.0.0.0
Vulnerability in Windows Client/Server Run-time subsystem could allow elevation of
KB2567680 – MS11-063 1.0.0.0
privilege
KB2572077 – MS11-078 Security update for .NET Framework 3.5.1 for Windows 7 SP1 1.0.0.0
KB2584146 – MS12-005 Vulnerability in Microsoft Windows could allow remote code execution 1.2.0.0
KB2585542 – MS12-006 Security update for Webio, Winhttp, and schannel in Windows 1.2.0.0
KB2588516 – MS11-083 Vulnerability in TCP/IP could allow remote code execution 1.0.0.0
KB2659262 – MS12-034 Security update for Windows GDI+ 1.3.0.0
KB2604115 – MS12-035 Security update for the .NET Framework 3.5.1 1.3.0.0
KB2617657 – MS11-084 Security update for Windows 7 1.0.0.0
KB2618451 – MS11-090 Cumulative Security Update for ActiveX Kill Bits 1.0.0.0
Vulnerability in Windows Mail and Windows Meeting Space could allow remote code
KB2620704 – MS11-085 1.0.0.0
execution
Vulnerability in Windows Client/Server Runtime Subsystem could allow elevation of
KB2620712 – MS11-097 1.0.0.0
privilege
KB2621440 – MS12-020 security update for Remote Desktop Protocol Vulnerability 1.2.0.0
KB2631813 – MS12-004 Security update for DirectShow 1.2.0.0
KB2633873 – MS12-016 Security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 1.2.0.0

January, 2022 Page 34

 Canon Production Printing Technical information

Already applied security update

KB2639417 – MS11-087 Vulnerability in Windows kernel-mode drivers could allow remote code execution 1.0.0.0
KB2641653 – MS12-018 Vulnerability in Windows kernel-mode drivers could allow elevation of privilege 1.2.0.0
KB2644615 – MS12-001 Vulnerability in Windows Kernel could allow security Feature bypass 1.2.0.0
KB2645640 – MS12-009 Vulnerabilities in Ancillary Function driver could allow elevation of privilege 1.2.0.0
KB2647518 Cumulative Security Update for ActiveX Kill Bits 1.2.0.0
KB2653956 – MS12-024 Vulnerability in Windows could allow remote code execution 1.3.0.0
KB2654428 – MS12-013 Vulnerability in C Run-Time Library could allow remote code execution 1.2.0.0
KB2655992 – MS12-049 Vulnerability in TLS could allow information disclosure 2.0.0.0
KB2656356 – MS11-100 Security update for the .NET Framework 3.5.1 on Windows 7 SP1 1.2.0.0
KB2656373 – MS12-025 Security update for the .NET Framework 3.5.1 1.3.0.0
KB2658846 – MS12-034 Security update for DirectWrite 1.3.0.0
KB2660465 – MS12-008 Vulnerabilities in Windows Kernel-Mode drivers could allow remote code execution 1.2.0.0
KB2665364 – MS12-019 Vulnerability in DirectWrite could allow denial of service 1.2.0.0
KB2667402 – MS12-020 Security update for Terminal Server Denial of Service Vulnerability 1.2.0.0
KB2667402 – MS12-020 Security update for Terminal Server Denial of Service Vulnerability (June update) 1.3.0.0
KB2676562 – MS12-034 Security update for Windows kernel-mode drivers 1.3.0.0
KB2685939 – MS12-036 Vulnerabilities in Remote Desktop could allow remote code execution 1.3.0.0
KB2686831 – MS12-038 Security update for the .NET Framework 3.5.1 1.3.0.0
KB2688338 – MS12-032 Vulnerability in TCP/IP could allow elevation of privilege 1.3.0.0
KB2690533 – MS12-033 Vulnerability in Windows Partition Manager could allow elevation of privilege 1.3.0.0
KB2691442 – MS12-048 Vulnerability in Windows Shell could allow remote code execution 2.0.0.0
KB2695962 Update Rollup for ActiveX Kill Bits 1.3.0.0
Vulnerability in Microsoft Data Access Components could allow remote code 2.0.0.0
KB2698365 – MS12-045
execution
KB2705219 – MS12-054 Security Update for Windows 7 for x64-based Systems 1.3.1.0
KB2706045 – MS12-056 Vulnerability in JScript and VBScript engines could allow remote code execution 2.0.0.0
KB2709162 – MS12-041 Vulnerabilities in Windows Kernel-Mode Drivers could allow elevation of privilege 1.3.0.0
KB2709715 – MS12-042 Security update for Windows 7 1.3.0.0
KB2712808 – MS12-054 Security Update for Windows 7 for x64-based Systems 1.3.1.0
KB2718523 – MS12-047 Vulnerability in Windows Kernel-Mode drivers could allow elevation of privilege 2.0.0.0
Vulnerabilities in Microsoft Internet Information Services (IIS) could allow information 2.1.0.0
KB2719033 – MS12-073
disclosure
KB2719985 – MS12-043 Security update for XML Core Services 3.0 2.0.0.0
KB2724197 – MS12-068 Vulnerability in Windows Kernel could allow elevation of privilege 2.0.0.0
KB2729452 – MS12-074 Vulnerabilities in .NET Framework could allow remote code execution 2.1.0.0
KB2731847 – MS12-055 Vulnerabilities in Windows kernel-mode drivers could allow elevation of privilege 2.0.0.0
KB2742599 – MS13-004 Vulnerability in .Net Framework Could Allow Elevation of Privilege 2.1.0.0
KB2742613 – MS13-004 Security update for the .NET Framework 4.5 2.1.0.0
KB2743555 – MS12-069 Vulnerability in Kerberos could allow denial of service 2.0.0.0
KB2753842-v2 – MS12-078 Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution 2.1.0.0
KB2757638 – MS13-002 Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution 2.1.0.0
Vulnerability in Windows File Handling Components Could Allow Remote Code 2.1.0.0
KB2758857 – MS12-081
Execution
KB2761226 – MS12-075 Vulnerabilities in Windows kernel-mode drivers could allow remote code execution 2.1.0.0
Vulnerabilities in Windows Print Spooler Components Could Allow Remote Code 2.1.0.0
KB2769369 – MS13-001
Execution
KB2770660 – MS12-082 Vulnerability in DirectPlay Could Allow Remote Code Execution 2.1.0.0
KB2778344 – MS13-016 Vulnerabilities in Windows kernel-mode driver could allow elevation of privilege 2.2.0.0
KB2778930 – MS13-005 Vulnerability in Windows kernel-mode driver could allow elevation of privilege 2.1.0.0
KB2779030 – MS12-078 Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution 2.1.0.0
KB2785220 – MS13-005 Vulnerabilities in Microsoft SSL Implementation Could Allow Information Disclosure 2.1.0.0
KB2789645 – MS13-015 Security update for the .NET Framework 3.5.1 2.2.0.0
KB2789648 – MS13-015 Security update for the .NET Framework 4.5 2.2.0.0
Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) could allow 2.2.0.0
KB2790113 – MS13-019
elevation of privilege
KB2790655 – MS13-018 Vulnerability in TCP/IP could allow denial of service 2.2.0.0
KB2792100 – MS13-009 Cumulative Security Update for Internet Explorer 2.2.0.0
KB2799494 – MS13-017 Vulnerabilities in Windows kernel could allow elevation of privilege 2.2.0.0
KB2807986 – MS13-027 Vulnerabilities in Windows Kernel-Mode drivers could allow elevation of privilege 2.2.0.0
KB2809289 – MS13-021 Cumulative Security Update for Internet Explorer 2.2.0.0
KB2804579 – MS13-040 Security Update for Microsoft .NET Framework 3.5.1 2.3.2.0
KB2808735 – MS13-036 Security update for the Windows kernel-mode driver (win32k.sys) 2.3.2.0
KB2813170 – MS13-031 Vulnerabilities in Windows Kernel could allow elevation of privilege 2.3.2.0
KB2813347 – MS13-029 Vulnerability in Remote Desktop Client could allow remote code execution 2.3.2.0
January, 2022 Page 35
 Canon Production Printing Technical information

Already applied security update

KB2817183 – MS13-028 Cumulative Security Update for Internet Explorer 2.3.2.0
KB2820197 Update Rollup for ActiveX Kill Bits 2.3.2.0
KB2829361 – MS13-046 Security update for Windows Kernel-Mode drivers 2.3.2.0
KB2829530 – MS13-037 Cumulative Security Update for Internet Explorer 2.3.2.0
KB2830290 – MS13-046 Security update for Windows Kernel-Mode drivers 2.3.2.0
KB2847204 – MS13-038 Security update for Internet Explorer 2.3.2.0
An update is available that enables administrators to update trusted and disallowed 2.4.0.1
KB2813430
CTLs in disconnected environments in Windows
Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code 2.4.0.1
KB2834886 - MS13-052
Execution
KB2835361 - MS13-054 Vulnerability in GDI+ Could Allow Remote Code Execution 2.4.0.1
KB2838727 - MS13-047 Cumulative security update for Internet Explorer: June 11, 2013 2.4.0.1
KB2839894 - MS13-050 Vulnerability in Windows print spooler components could allow elevation of privilege 2.4.0.1
Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code 2.4.0.1
KB2844286 - MS13-052
Execution
KB2845187 - MS13-056 Vulnerability in Microsoft DirectShow could allow remote code execution 2.4.0.1
KB2845690 - MS13-049 Vulnerability in kernel-mode driver could allow denial of service 2.4.0.1
KB2846071 - MS13-055 Cumulative Security Update for Internet Explorer 2.4.0.1
KB2849470 - MS13-062 Vulnerability in remote procedure call could allow elevation of privilege 2.4.0.1
KB2850851 - MS13-053 Vulnerabilities in Windows kernel-mode drivers could allow remote code execution 2.4.0.1
KB2859537 - MS13-063 Vulnerabilities in Windows kernel could allow elevation of privilege 2.4.0.1
Microsoft Security Advisory: Updates to improve Remote Desktop Protocol network- 2.4.0.1
KB2861855
level authentication
KB2862772 - MS13-059 Cumulative security update for Internet Explorer 2.4.0.1
An update is available that improves management of weak certificate cryptographic 2.4.0.1
KB2862966
algorithms in Windows
KB2868623 - MS13-065 Vulnerability in ICMPv6 could allow denial of service 2.4.0.1
KB2870699 - MS13-069 Cumulative security update for Internet Explorer 2.4.0.1
KB2872339 - MS13-077 Vulnerability in Windows Service Control Manager could allow elevation of privilege 2.4.0.1
KB2876315 - MS13-076 Vulnerabilities in kernel-mode drivers could allow elevation of privilege 2.4.0.1
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code 2.5.0.0
KB2847311 – MS13-081
Execution
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code 2.5.0.0
KB2862335 – MS13-081
Execution
KB2863240 – MS13-082 Vulnerabilities in .NET Framework Could Allow Remote Code Execution 2.5.0.0
Vulnerability in Windows Common Control Library could allow remote code 2.5.0.0
KB2864058 – MS13-083
execution
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code 2.5.0.0
KB2864202 – MS13-081
Execution
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code 2.5.0.0
KB2876284 – MS13-081
Execution
KB2879017 – MS13-080 Cumulative Security Update for Internet Explorer 2.5.0.0
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code 2.5.0.0
KB2883150 – MS13-081
Execution
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code 2.5.1.0
KB2862330 – MS13-081
Execution
KB2840149 – MS13-036 Security update for the Windows file system kernel-mode driver (ntfs.sys) 2.5.3.0
KB2857650 Update that improves the RemoteApp and Desktop Connections features 2.5.3.0
KB2862152 Vulnerability in DirectAccess and IPsec could allow security feature bypass 2.5.3.0
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code 2.5.3.0
KB2862330v2 – MS13-081
Execution
KB2868626 – MS13-095 Vulnerability in XML digital signatures could allow denial of service 2.5.3.0
KB2868725 Update for disabling RC4 2.5.3.0
KB2875783 – MS13-093 Vulnerability in Windows ancillary function driver could allow information disclosure 2.5.3.0
Vulnerability in Windows Graphics Device Interface could allow remote code 2.5.3.0
KB2876331 – MS13-089
execution
KB2887069 – MS13-101 Security update for Windows kernel-mode drivers 2.5.3.0
KB2892074 – MS13-099 Security update for Windows Script 5.8 2.5.3.0
KB2893294 – MS13-098 Vulnerability in Windows could allow remote code execution 2.5.3.0
KB2893984 – MS13-101 Security update for Windows kernel-mode drivers 2.5.3.0
KB2898785 – MS13-097 Cumulative security update for Internet Explorer 2.5.3.0
KB2900986 – MS13-090 Cumulative security update for ActiveX Kill Bits 2.5.3.0
KB2913602 – MS14-003 Vulnerability in Windows kernel-mode drivers could allow elevation of privilege 2.5.3.0
KB2843630 Update helps unmanaged Office 2010 users to work with Microsoft RMS in Windows 2.5.4.0

January, 2022 Page 36

 Canon Production Printing Technical information

Already applied security update

Microsoft Security Advisory: Update for deprecation of MD5 hashing algorithm for 2.5.4.0
KB2862973
Microsoft root certificate program
KB2898857 – MS14-009 Security update for the .NET Framework 3.5.1 2.5.4.0
KB2901112 – MS14-009 Security update for the .NET Framework 3.5.1 2.5.4.0
KB2909210 – MS14-011 Security update for Visual Basic Scripting Edition (VBScript) 5.8 2.5.4.0
KB2909921 – MS14-010 Cumulative security update for Internet Explorer 2.5.4.0
KB2911501 – MS14-009 Security update for the .NET Framework 3.5.1
KB2912390 – MS14-007 Vulnerability in Direct2D could allow remote code execution 2.5.4.0
KB2916036 – MS14-005 Vulnerability in Microsoft XML Core Services could allow information disclosure 2.5.4.0
KB2925418 – MS14-012 Cumulative Security Update for Internet Explorer 2.5.5.0
KB2929961 – MS14-013 Security Update for Windows Embedded Standard 7 2.5.5.0
KB2930275 – MS14-015 Security Update for Windows Embedded Standard 7 2.5.5.0
Microsoft Security Advisory: Update to improve credentials protection and 2.5.6.0
KB2871997
management
KB2922229 – MS14-019 Vulnerability in Windows file handling component could allow remote code execution 2.5.6.0
KB2926765 – MS14-027 Security update for Windows 7 2.5.6.0
KB2931356 – MS14-026 Security update for .Net Framework 3.5.1 2.5.6.0
KB2936068 – MS14-018 Security update for Internet Explorer 2.5.6.0
KB2953522 – MS14-029 Security update for Internet Explorer versions 6, 7, 8, 9, 10, and 11 2.5.6.0
KB2939576 – MS14-033 Vulnerability in Microsoft XML core services could allow information disclosure 2.5.8.0
KB2957189 – MS14-031 Vulnerability in TCP protocol could allow denial of service 2.5.8.0
Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code 2.5.8.0
KB2957503 – MS14-036
Execution (2967487)
KB2957509 Security Update for Windows 7 (KB2957509) 2.5.8.0
KB2957689 – MS14-035 Security update for Internet Explorer versions 6, 7, 8, 9, 10, and 11 2.5.8.0
KB2965788 – MS14-030 Vulnerability in Remote Desktop Could Allow Tampering 2.5.8.0
KB2656411– MS12-034 Security update for the .NET Framework 3.5.1 2.5.9.0
KB2756921 – MS13-004 Security update for the .NET Framework 3.5.1 2.5.9.0
KB2832414 – MS13-052 Security update for the .NET Framework 3.5.1 2.5.9.0
KB2861191 – MS13-082 Security update for the .NET Framework 3.5.1 2.5.9.0
KB2861698 – MS13-082 Security update for the .NET Framework 3.5.1 2.5.9.0
KB2961072– MS14-040 Security update for an ancillary function driver 2.5.9.0
KB2962872 – MS14-037 Cumulative security update for Internet Explorer 2.5.9.0
KB2972280 – MS14-041 Security update for DirectShow 2.5.9.0
KB2973201 – MS14-039 Security update for Windows on-screen keyboard 2.5.9.0
KB2973351 Microsoft Security Advisory: Registry update to improve credentials protection and 2.5.9.0
management for Windows-based systems that have the 2919355 update installed

January, 2022 Page 37

 Canon Production Printing Technical information

8 Security Data Sheet PRISMAsync Print Server Mark 5 (version 17.x.x.x)

based products.

8.1 Products definition and Controller information

The Security Data Sheet for PRISMAsync Print Server Version

17.x.x.x based products is described in this chapter for the
following product:
- Canon varioPRINT 140
- Océ VarioPrint i-series
- Canon iPR C10000VP Series
- Canon iPR C800 Series
- Canon iPR C850 Series

8.1.1 Canon varioPRINT 140 v5.1.0.0

Product name Canon varioPRINT 140

Release version 5.1.0.0
Controller name PRISMAsync
Controller release 17.11.173.83
version

8.1.2 Océ VarioPrint i-series v2.1.0.0

Product name Océ VarioPrint i-series

Release version 2.0.0.0
Controller name PRISMAsync
Controller release 17.11.174.87
version

8.1.3 Canon iPR C10000VP Series v5.1.0.0

Product name Canon iPR C10000VP Series

Release version 5.1.0.0
Controller name PRISMAsync
Controller release 17.9.161.17
version

8.1.4 Canon iPR C800 Series v5.1.0.0

Product name Canon iPR C800 Series

Release version 5.1.0.0
Controller name PRISMAsync
Controller release 17.11.160.5
version

8.1.5 Canon iPR C850 Series v5.1.0.0

Product name Canon iPR C850 Series

Release version 5.1.0.0
Controller name PRISMAsync
Controller release 17.7.159.24
version

January, 2022 Page 38

 Canon Production Printing Technical information

8.2 Security short list

Operating system Microsoft Windows 10 IoT Enterprise LTSB 2016

MS security patches see Annex1: Complete list of security patches
Version PRISMAsync
Security levels NO
Certifications NO
Firewall Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Main Web server Apache Tomcat 8
E-shredding 1 - 35 pass (configurable)
Removable HDD NO
Data encryption NO
Network encryption YES (configurable)
Integrity protection YES (optional)

8.3 Controller Operating system

Controller OS name Microsoft Windows 10 IoT

Enterprise LTSB 2016
10.0.10240.Winx64
OS Patches applied All relevant Microsoft patches
Please see Annex1: Complete list of security patches for further details.

8.4 Virus check

List of software The final ISO is checked

deliveries checked with up to date antivirus as
part of the standard release
process
Delivery checked with McAfee scan engine
version
Date of Anti-Virus on 19/6/2015
signature file
Alert detected No

8.5 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
HotFolder user created Yes Disabled User
account
UPG_USER Yes Enabled User

Note: The HiddenAdministrator is the default 'Administrator' account from

Window 7. This account cannot be deleted and therefore is renamed to
HiddenAdministrator and disabled and also (see ve070#18677) password
protected to prevent security vulnerability.
Oceadmin password is randomized in non-R&D installations immediately
after (non-R&D) license activation.

January, 2022 Page 39

 Canon Production Printing Technical information

8.6 Integrity protection

Protection type McAfee embedded control

Protected area Executables on Disk
Behaviour after corruption Reinstallation and confirmation to the user.

8.7 Control panel access

Key operator Local Control panel + Setting Editor

Super User Local Control panel + Setting Editor
Service User Local Control panel + Setting Editor + Local
SDS interface

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller.

8.8 Network security

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode,
normal
enable/disable protocol TCP UDP
mode, both) service

HTTP Both Enabled Service-user, No 80 (default

Super-user port) or in
range 21-
60535
HTTPS Both Enabled Service-user, No 443(default
Super-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled Service-user, Setting Editor 161
Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Hotfolder Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Scan2SM Super-user
B
SOCKET Both Disabled Super-user Setting Editor 9100
PRINTING (default
port) or in
range
7500-9100
TP IPDS Both Disabled Key operator Setting Editor 5001
(locally), (default
Service-user, port) or in
Super-user range
5001-
65535
IPP Both Enabled Super-user Setting Editor 631

January, 2022 Page 40

 Canon Production Printing Technical information

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode,
normal
enable/disable protocol TCP UDP
mode, both) service

TP PCL Both Disabled Key operator Setting Editor 9001

(locally), (default
Service-user, port) or in
Super-user range
5001-
65535
WS Both Enabled Super-user Setting Editor 5357
Eventing

WS- Both Enabled Super-user Setting Editor 3702

Discovery

FTP Both Disabled Super user Setting Editor 20

active-
data
transfer
used for
Scan to
file
NTP Both Enabled Super-user Setting editor 123
Key Operator
LLMNR Both Enabled Super-user Setting editor 5355

8.9 SMB configuration

From Mark5 onwards, only SMB v3.x is supported (previous versions were dropped as they are
not secure).

Item
1) the SMB file sharing must be disabled by
default
2) no administrative share shall be remotely
available
3) the system administrator must be able to
control/restrict the access to the SMB file
share
4) any binary stored on an SMB file share
must not be executable on the controller
5) the SMB sharing must not provide the
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means
to modify the system configuration
7) it must not be possible to use this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the CPP process that receives the files
submitted to the SMB shares must not run
with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to
minimize the SMB attack surface
Protection
off by default, can only be enabled by the
Super-user
The admin$ share is disabled
The system administrator creates the
hotfolder user account and chooses the
password. No guest access allowed
Files dropped in the hotfolder are never
executed
Protected by item 9)
Protected by item 9)
Account settings prevents this
Runs as normal user account
SMB attack surface is reduced by filtering the
remotely accessible named pipes on the IPC$
share, to only allow the pipes required for
SMB file sharing. Allowed pipes are: browser,
wkssvc, srvsvc.
*

January, 2022 Page 41

 Canon Production Printing Technical information

8.10 Web / FTP server

server.info=Apache Tomcat/8.0.33
server.number=8.0.33.0
server.built=Mar 18 2016

8.11 Operating system

Controller OS name: Microsoft Windows 10 IoT Enterprise LTSB 2016

10.0.10240 Winx64

8.12 Annex1: Complete list of security patches

This OS image contains the cumulative update for Windows 10: May, 2016 (3156387).
This security update includes improvements and fixes in the functionality of Windows 10 and
resolves the following vulnerabilities in Windows:

3155533 MS16-051: Cumulative Security update for Internet Explorer: May 10, 2016
3155538 MS16-052: Cumulative Security update for Microsoft Edge: May 10, 2016
3156754 MS16-055: Security update for Microsoft graphics component: May 10, 2016
3156761 MS16-056: Security update for Windows Journal: May 10, 2016
3156987 MS16-057: Security update for Windows shell: May 10, 2016
3154846 MS16-060: Security update for Windows kernel: May 10, 2016
3155520 MS16-061: Security update to RPC: May 10, 2016
3158222 MS16-062: Security update for kernel mode drivers: May 10, 2016
3155527 MS16-064: Security update to Schannel: May 10, 2016
3156757 MS16-065: Security update for the .NET Framework: May 10, 2016
3155451 MS16-066: Security update to virtual secure mode: May 10, 2016

Windows 10 updates are cumulative. Therefore, this package contains all previously released
fixes.
More detailed information on this update and previous updates can be retrieved from
http://www.microsoft.com and searching with the respective “cumulative windows 10”, “KB” or
“MS” numbers.

January, 2022 Page 42

 Canon Production Printing Technical information

9 Security Data Sheet PRISMAsync Print Server Mark 6.1 (version

18.x.x.x) based products.

9.1 Products definition and Controller information

The Security Data Sheet for PRISMAsync Print Server Version

18.x.x.x based products is described in this chapter for the
following product:
- Canon varioPRINT 135 series / Canon varioPRINT
140 series
- Canon iPR C10000VP Series
- Océ VarioPrint i-series
- Canon iPR C800 Series
- Canon iPR C850 Series
- Océ VarioPrint 6000+ Line / Océ VarioPrint 6000
line (Titan)

9.1.1 Canon varioPRINT 135 v5.2.0.0 / Canon varioPRINT 140 v5.2.0.0

Product name Canon varioPRINT 135 series

Canon varioPRINT 140 series
Release version 5.2.0.0
Controller name PRISMAsync
Controller release 18.3.189.54
version

9.1.2 Canon iPR C10000VP Series v5.2.0.0

Product name Canon iPR C10000VP Series

Release version 5.2.0.0
Controller name PRISMAsync
Controller release 18.3.182.62
version

9.1.3 Océ VarioPrint i-series v2.1.0.0

Product name Océ VarioPrint i-series

Release version 2.1.0.0
Controller name PRISMAsync
Controller release 18.3.181.50
version

9.1.4 Canon iPR C800 Series v5.2.0.0

Product name Canon iPR C800 Series

Release version 5.2.0.0
Controller name PRISMAsync
Controller release 18.3.180.11
version

9.1.5 Canon iPR C850 Series v5.2.0.0

Product name Canon iPR C850 Series

Release version 5.2.0.0
Controller name PRISMAsync
Controller release 18.3.180.8
version

January, 2022 Page 43

 Canon Production Printing Technical information

9.1.6 Océ VarioPrint 6000+ Line / Océ VarioPrint 6000 line (Titan) v7.2.0.0

Product name Océ VarioPrint 6000+ Line

Océ VarioPrint 6000 Line (Titan)
Release version 7.2.0.0
Controller name PRISMAsync
Controller release 18.3.179.35
version

9.1.7 Canon iPR C7010VPS Series v5.2.0.0

Product name Canon iPR C7010VPS Series

Release version 5.2.0.0
Controller name PRISMAsync
Controller release 18.3.183.43
version

9.2 Security short list

Operating system Microsoft Windows 10 IoT Enterprise LTSB 2016

MS security patches 10.0.14393.1198
Version PRISMAsync
Security levels NO
Certifications NO
Firewall Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Main Web server Apache Tomcat 8
E-shredding 1 - 35 pass (configurable)
Removable HDD NO
Data encryption NO
Network encryption YES (configurable)
Integrity protection YES (optional)

9.3 Controller Operating system

Controller OS name Microsoft Windows 10 IoT

Enterprise LTSB 2016.
10.0.14393.WINx64.
OS Patches applied All relevant Microsoft patches
Please see Annex1: Microsoft Security patches for further details.

9.4 Virus check

List of software The final ISO is checked

deliveries checked with up to date antivirus
software as part of the
standard release process
Delivery checked with McAfee scan engine
version
Date of Anti-Virus 06-2017
signature file
Alert detected No

January, 2022 Page 44

 Canon Production Printing Technical information

9.5 BIOS: inaccessible by a random password

The PRISMAsync BIOS has a randomly generated password,

which prevents access to the settings and the possibility to
change any settings.

9.6 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
HotFolder user created Yes Disabled User
account
UPG_USER Yes Enabled User

Note: The HiddenAdministrator is the default 'Administrator' account from

Window 10. This account cannot be deleted and therefore is renamed to
HiddenAdministrator and disabled and also password protected to prevent
security vulnerability.
Oceadmin password is randomized at installations with a resale license
immediately after license activation.

9.7 E-shredding

E-shredding is an optional feature which can be enabled or disabled by the system

administrator via the Settings Editor. The number of e-shredding passes can be
configuraed in the settings editor between 1 and 35 with a default set to 1.

The following data is being shredded:

• The submitted PDL data
• Bitmaps generated by the ripping of the job
• Thumbnails that are generated for job previewing

When does e-shredding occur (timing):

• Case 1: Job is printed: Once the job is printed e-shredding started immediately
(exception: incase the printed queue (history) is enabled, e-shredding starts
after the job has been deleted from the printed queue)
• Case 2: Job in queue: As long as you do not print the job it will be on one of the
queue’s (disk) in such a case you need to explicitly delete it to start the e-
shredding process.
• Case 3: Shredding may also occur when for example job settings are changed
that require a re-rip. In that case, bitmaps of the previous rip are shredded.

As the shredding is a continuous process during printing, shredding is performed in the

background. In general, depending on the load of the system and the number of passes
configured, the shredding is immediate.

9.8 Integrity protection (optional, Licensed)

Protection type McAfee embedded control

Protected area Executables on Disk
Behaviour after corruption Reinstallation and confirmation to the user.

9.9 Control panel access / User authentication

Access to the Control panel (operator panel) depends on the (PRISMAsync)

permissions granted to a specific user . The System Administrator can enable/disable
users, add/delete or adjusts access permissions. The default available users are:

January, 2022 Page 45

 Canon Production Printing Technical information

Operator Control panel: only own personal jobs

Central Oprator Control panel: all jobs and Remote manager
Key operator Control panel: all jobs and Remote manager and
Configuration settings
Maintenance Oprator Control panel: all jobs and maintenace tasks
System administrator Control panel: all jobs, Remote manager, Configuration
and IT settings
Service User Control panel all jobs, Remote manager, Configuration
settings, IT settings and Service tasks
For more information about user authentication see the PRISMAsync User manual.

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller and splash screen can not be minimized.

9.10 Network security

Protocol Availability Default People allowed to Inteface used Ports

(service Install enable/disable service to
mode,
enable/disable TCP UDP
normal
mode, both) protocol
HTTP Both Enabled System Administrator, No 80 (default
Service-user port) or in
range 21-
60535
HTTPS Both Enabled System Administrator, No 443(default
Service-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled System Administrator, Setting Editor 161
Service-user
SMB for Both Disabled System Administrator, Setting Editor 445
Hotfolder Service-user
SMB for Both Disabled System Administrator, Setting Editor 445
Scan2SM Service-user
B
SOCKET Both Disabled System Administrator, Setting Editor 9100
PRINTING (default
port) or in
range
7500-9100
TP IPDS Both Disabled System Administrator, Setting Editor 5001
Key operator (locally), (default
Service-user port) or in
range
5001-
65535
IPP Both Enabled System Administrator Setting Editor 631
TP PCL Both Disabled System Administrator, Setting Editor 9001
Key operator (locally), (default
Service-user port) or in
range
5001-
65535
WS Both Enabled System Administrator Setting Editor 5357
Eventing

January, 2022 Page 46

 Canon Production Printing Technical information

Protocol Availability Default People allowed to Inteface used Ports

(service Install enable/disable service to
mode,
normal
enable/disable TCP UDP
mode, both) protocol
WS- Both Enabled System Administrator Setting Editor 3702
Discovery

FTP Both Disabled System Administrator Setting Editor 20

active-
data
transfer
used for
Scan to
file
NTP Both Enabled System Administrator Setting editor 123
Key Operator
LLMNR Both Enabled System Administrator Setting editor 5355

9.11 SMB configuration

From Mark5 onwards, only SMB v3.x is supported (previous versions were dropped as they are
not secure).

Item
1) the SMB file sharing must be disabled by
default
2) no administrative share shall be remotely
available
3) the system administrator must be able to
control/restrict the access to the SMB file
share
4) any binary stored on an SMB file share
must not be executable on the controller
5) the SMB sharing must not provide the
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means
to modify the system configuration
7) it must not be possible to use this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the CPP process that receives the files
submitted to the SMB shares must not run
with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to
minimize the SMB attack surface
Protection
off by default, can only be enabled by the
Super-user
The admin$ share is disabled
The system administrator creates the
hotfolder user account and chooses the
password. No guest access allowed
Files dropped in the hotfolder are never
executed
Protected by item 9)
Protected by item 9)
Account settings prevents this
Runs as normal user account
SMB attack surface is reduced by filtering the
remotely accessible named pipes on the IPC$
share, to only allow the pipes required for
SMB file sharing. Allowed pipes are: browser,
wkssvc, srvsvc.
*

9.12 Web / FTP server

server.info=Apache Tomcat/8.5.16
server.number=8.5.16.0
server.built=Jun 21 2017

9.13 Operating system

Controller OS name: Microsoft Windows 10 IoT Enterprise LTSB 2016.

10.0.14393.WINx64.
January, 2022 Page 47
 Canon Production Printing Technical information

9.14 Annex1: Microsoft Security patches

This OS image contains the cumulative update for Windows 10 IoT Enterprise LTSB 2016: May,
2017 (KB4019472 (OS Build 14393.1198)).

More detailed information on this update and previous updates can be retrieved from
https://support.microsoft.com and searching with the respective “cumulative windows 10”, “KB”
or “MS” numbers.

Make sure to keep your product up to date by downloading and installing the latest Microsoft
security patches. The latest security patch can be downloaded from https://downloads.oce.com,
Search for your product and click on the security tab.

January, 2022 Page 48

 Canon Production Printing Technical information

10 Security Data Sheet PRISMAsync Print Server Mark 6.2 (version

19.1.x.x) based products.

10.1 Products definition and Controller information

The Security Data Sheet for PRISMAsync Print Server Version

19.1.x.x based products is described in this chapter for the
following product:
- Canon varioPRINT 135 series / Canon varioPRINT
140 series
- Canon iPR C10000VP Series
- Océ VarioPrint i-series
- Canon iPR C800 Series
- Canon iPR C850 Series

10.1.1 Canon varioPRINT 135 v6.1.0.0 / Canon varioPRINT 140 v6.1.0.0

Product name Canon varioPRINT 135 series

Canon varioPRINT 140 series
Release version 6.1.0.0
Controller name PRISMAsync
Controller release 19.1.245.169
version

10.1.2 Canon iPR C10000VP Series v6.1.0.0

Product name Canon iPR C10000VP Series

Release version 6.1.0.0
Controller name PRISMAsync
Controller release 19.1.242.94
version

10.1.3 Océ VarioPrint i-series v2.2.0.0

Product name Océ VarioPrint i-series

Release version 2.2.0.0
Controller name PRISMAsync
Controller release 19.1.241.90
version

10.1.4 Canon iPR C800 Series v6.1.0.0

Product name Canon iPR C800 Series

Release version 6.1.0.0
Controller name PRISMAsync
Controller release 19.1.240.66
version

10.1.5 Canon iPR C850 Series v6.1.0.0

Product name Canon iPR C850 Series

Release version 6.1.0.0
Controller name PRISMAsync
Controller release 19.1.240.56
version

January, 2022 Page 49

 Canon Production Printing Technical information

10.2 Security short list

Operating system Microsoft Windows 10 IoT Enterprise LTSB 2016

MS security patches 10.0.14393.2007
Version PRISMAsync
Security levels NO
Certifications NO
Firewall Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Main Web server Microsoft Internet Information Services (IIS) 10.0
Backend Web server Apache Tomcat 8
E-shredding 1 - 35 pass (configurable)
Removable HDD NO
Data encryption NO
Network encryption YES (configurable)
Integrity protection YES (optional)

10.3 Controller Operating system

Controller OS name Microsoft Windows 10 IoT

Enterprise LTSB 2016.
10.0.14393.2007 (WINx64)
OS Patches applied All relevant Microsoft patches
Please see Annex1: Microsoft Security patches for further details.

10.4 Virus check on software package

List of software The final ISO is checked

deliveries checked with up to date antivirus
software as part of the
standard release process
Delivery checked with McAfee scan engine
version
Date of Anti-Virus 05-2018
signature file
Alert detected No

10.5 BIOS: inaccessible by a random password

The PRISMAsync BIOS has a randomly generated password,

which prevents access to the settings and the possibility to
change any settings.

January, 2022 Page 50

 Canon Production Printing Technical information

10.6 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
HotFolder user created Yes Disabled User
account
UPG_USER Yes Enabled User
Cloud_user Yes Enabled User
Oceadmin password is randomized at installations with a resale license,
immediately after license activation.

10.7 E-shredding

E-shredding is an optional feature which can be enabled or disabled by the system

administrator via the Settings Editor. The number of e-shredding passes can be
configuraed in the settings editor between 1 and 35 with a default set to 1.

The following data is being shredded:

• The submitted PDL data
• Bitmaps generated by the ripping of the job
• Thumbnails that are generated for job previewing

When does e-shredding occur (timing):

• Case 1: Job is printed: Once the job is printed e-shredding started immediately
(exception: incase the printed queue (history) is enabled, e-shredding starts
after the job has been deleted from the printed queue)
• Case 2: Job in queue: As long as you do not print the job it will be on one of the
queue’s (disk) in such a case you need to explicitly delete it to start the e-
shredding process.
• Case 3: Shredding may also occur when for example job settings are changed
that require a re-rip. In that case, bitmaps of the previous rip are shredded.

As the shredding is a continuous process during printing, shredding is performed in the

background. In general, depending on the load of the system and the number of passes
configured, the shredding is immediate.

10.8 Integrity protection (optional, Licensed)

Protection type McAfee embedded control

Protected area Executables on Disk
In case of integrity check A warning is logged in the security audit log
prevention: This warning is also logged in the syslog,
datalog file.

10.9 Control panel access / User authentication

Access to the Control panel (operator panel) depends on the (PRISMAsync)

permissions granted to a specific user . The System Administrator can enable/disable
users, add/delete or adjusts access permissions. The default available users are:

User Access
Operator Control panel and only personal jobs
Central Oprator Control panel, all jobs, Settings Editor and Remote
manager
Key operator Control panel, all jobs, Settings Editor, Remote manager
and Configuration settings

January, 2022 Page 51

 Canon Production Printing Technical information

Maintenance Oprator Control panel, all jobs, Settings Editor, Remote manager
and maintenace tasks
System administrator Control panel, all jobs, Settings Editor, Remote manager,
Configuration settings, Limited access IT settings and IT
settings
Service User Control panel, only personal jobs, Settings Editor, Remote
manager, Configuration settings, Limited access IT
settings and Service tools
For more information about user authentication see the PRISMAsync User manual.

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller and splash screen can not be minimized.

10.10 Network security

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode, both)
HTTP Both Enabled Service-user, No 80 (default
Super-user port) or in
range 21-
60535
HTTPS Both Enabled Service-user, No 443(default
Super-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled Service-user, Setting Editor 161
Super-user
WebDav Both Disabled Service-user, Setting Editor 80
Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Hotfolder Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Scan2SMB Super-user
SOCKET Both Disabled Super-user Setting Editor 9100 (default
PRINTING port) or in
range 7500-
9100
TP IPDS Both Disabled Key operator Setting Editor 5001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535
IPP Both Enabled Super-user Setting Editor 631
TP PCL Both Disabled Key operator Setting Editor 9001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535

WS Both Enabled Super-user Setting Editor 5357

Eventing

January, 2022 Page 52

 Canon Production Printing Technical information

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode, both)
WS- Both Enabled Super-user Setting Editor 3702
Discovery

FTP Both Disabled Super-user Setting Editor 20

active-
data
transfer
used for
Scan to file
NTP Both Enabled Super-user Setting editor 123
Key Operator
LLMNR Both Enabled Super-user Setting editor 5355

10.11 SMB configuration

From Mark5 onwards, only SMB v3.x is supported (previous versions were dropped as they are
not secure).

Item Protection
1) the SMB file sharing must be disabled by off by default, can only be enabled by the Super-user
default
2) no administrative share shall be remotely The admin$ share is disabled
available
3) the system administrator must be able to The system administrator creates the hotfolder user
control/restrict the access to the SMB file account and chooses the password. No guest access
share allowed
4) any binary stored on an SMB file share Files dropped in the hotfolder are never executed
must not be executable on the controller
5) the SMB sharing must not provide the Protected by item 9)
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means Protected by item 9)
to modify the system configuration
7) it must not be possible to use this Account settings prevents this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the CPP process that receives the files Runs as normal user account
submitted to the SMB shares must not run
with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to SMB attack surface is reduced by filtering the remotely
minimize the SMB attack surface accessible named pipes on the IPC$ share, to only allow
the pipes required for SMB file sharing. Allowed pipes
are: browser, wkssvc, srvsvc.*

10.12 Web / FTP server

Main webserver: Microsoft Internet Information Services (IIS) 10.0

Backend webserver: server.info=Apache Tomcat/8.5.24

server.number=8.5.24.0
server.built=Nov 30 2017

Microsoft Internet Information Services (IIS) 10.0 does the encryption/decryption. Tomcat si still
being used to provide the webpages.

January, 2022 Page 53

 Canon Production Printing Technical information

10.13 Operating system

Controller OS name: Microsoft Windows 10 IoT Enterprise LTSB 2016.

10.0.14393.2007

10.14 Annex1: Microsoft Security patches

This OS image contains the cumulative update for Windows 10: Jan, 2018 (KB4056890 (OS
Build 14393.2007)). Windows 10 updates are cumulative. Therefore, this package contains all
previously released fixes.

More detailed information on this update and previous updates can be retrieved from
http://www.microsoft.com and searching with the respective “cumulative windows 10”, “KB” or
“MS” numbers.

https://support.microsoft.com/en-us/help/4056890/windows-10-update-kb4056890

Make sure to keep your product up to date by downloading and installing the latest Microsoft
security patches. The latest security patch can be downloaded from https://downloads.oce.com,
Search for your product and click on the security tab.

January, 2022 Page 54

 Canon Production Printing Technical information

11 Security Data Sheet PRISMAsync Print Server Mark 6.3 (version

19.6.x.x) based products.

11.1 Products definition and Controller information

The Security Data Sheet for PRISMAsync Print Server Version

19.6.x.x based products is described in this chapter for the
following product:
- Océ VarioPrint i-series
- Canon varioPRINT 135 series / Canon varioPRINT
140 series
- Océ VarioPrint 6000+ Line / Océ VarioPrint 6000
line (Titan)

11.1.1 Océ VarioPrint i-series v2.3.1.0 / Océ VarioPrint i-series v2.3.2.0

Product name Océ VarioPrint i-series

Release version 2.3.1.0
2.3.2.0
Controller name PRISMAsync
Controller release 2.3.1.0: 19.6.253.36
version 2.3.2.0: 19.6.253.44

11.1.2 Canon varioPRINT 135 v6.2.0.0 / Canon varioPRINT 140 v6.2.0.0

Product name Canon varioPRINT 135 series

Canon varioPRINT 140 series
Release version 6.2.0.0
Controller name PRISMAsync
Controller release 19.6.252.121
version

11.1.3 Océ VarioPrint 6000+ Line / Océ VarioPrint 6000 line (Titan) v7.3.0.0

Product name Océ VarioPrint 6000+ Line

Océ VarioPrint 6000 Line (Titan)
Release version 7.3..0.0
Controller name PRISMAsync
Controller release 19.6.254.178
version

January, 2022 Page 55

 Canon Production Printing Technical information

11.2 Security short list

Operating system Microsoft Windows 10 IoT Enterprise LTSB 2016

MS security patches 10.0.14393.2312
Version PRISMAsync
Security levels NO
Certifications NO
Firewall Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Main Web server Microsoft Internet Information Services (IIS) 10.0
Backend Web server Apache Tomcat 8
E-shredding 1 - 35 pass (configurable)
Removable HDD NO
Data encryption NO
Network encryption YES (configurable)
Integrity protection YES (optional)

11.3 Controller Operating system

Controller OS name Microsoft Windows 10 IoT

Enterprise LTSB 2016.
10.0.14393.2312 (WINx64)
OS Patches applied All relevant Microsoft patches
Please see Annex1: Microsoft Security patches for further details.

11.4 Virus check on software package

List of software The final ISO is checked

deliveries checked with up to date antivirus
software as part of the
standard release process
Delivery checked with McAfee scan engine
version
Date of Anti-Virus 11-2018
signature file
Alert detected No

11.5 BIOS: inaccessible by a random password

The PRISMAsync BIOS has a randomly generated password,

which prevents access to the settings and the possibility to
change any settings.

11.6 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
HotFolder user created Yes Disabled User

January, 2022 Page 56

 Canon Production Printing Technical information

account
UPG_USER Yes Enabled User
Cloud_user Yes Enabled User
Oceadmin password is randomized at installations with a resale license,
immediately after license activation.

11.7 E-shredding

E-shredding is an optional feature which can be enabled or disabled by the system

administrator via the Settings Editor. The number of e-shredding passes can be
configuraed in the settings editor between 1 and 35 with a default set to 1.

The following data is being shredded:

• The submitted PDL data
• Bitmaps generated by the ripping of the job
• Thumbnails that are generated for job previewing

When does e-shredding occur (timing):

• Case 1: Job is printed: Once the job is printed e-shredding started immediately
(exception: incase the printed queue (history) is enabled, e-shredding starts
after the job has been deleted from the printed queue)
• Case 2: Job in queue: As long as you do not print the job it will be on one of the
queue’s (disk) in such a case you need to explicitly delete it to start the e-
shredding process.
• Case 3: Shredding may also occur when for example job settings are changed
that require a re-rip. In that case, bitmaps of the previous rip are shredded.

As the shredding is a continuous process during printing, shredding is performed in the

background. In general, depending on the load of the system and the number of passes
configured, the shredding is immediate.

11.8 Integrity protection (optional, Licensed)

Protection type McAfee embedded control

Protected area Executables on Disk
In case of integrity check A warning is logged in the security audit log
prevention: This warning is also logged in the syslog,
datalog file.

11.9 Control panel access / User authentication

Access to the Control panel (operator panel) depends on the (PRISMAsync)

permissions granted to a specific user . The System Administrator can enable/disable
users, add/delete or adjusts access permissions. The default available users are:

User Access
Operator Control panel and only personal jobs
Central Oprator Control panel, all jobs, Settings Editor and Remote
manager
Key operator Control panel, all jobs, Settings Editor, Remote manager
and Configuration settings
Maintenance Oprator Control panel, all jobs, Settings Editor, Remote manager
and maintenace tasks
System administrator Control panel, all jobs, Settings Editor, Remote manager,
Configuration settings, Limited access IT settings and IT
settings
Service User Control panel, only personal jobs, Settings Editor, Remote
manager, Configuration settings, Limited access IT
settings and Service tools
For more information about user authentication see the PRISMAsync User manual.

January, 2022 Page 57

 Canon Production Printing Technical information

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller and splash screen can not be minimized.

11.10 Network security

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode, both)
HTTP Both Enabled Service-user, No 80 (default
Super-user port) or in
range 21-
60535
HTTPS Both Enabled Service-user, No 443(default
Super-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled Service-user, Setting Editor 161
Super-user
WebDav Both Disabled Service-user, Setting Editor 80
Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Hotfolder Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Scan2SMB Super-user
SOCKET Both Disabled Super-user Setting Editor 9100 (default
PRINTING port) or in
range 7500-
9100
TP IPDS Both Disabled Key operator Setting Editor 5001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535
IPP Both Enabled Super-user Setting Editor 631
TP PCL Both Disabled Key operator Setting Editor 9001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535

WS Both Enabled Super-user Setting Editor 5357

Eventing

WS- Both Enabled Super-user Setting Editor 3702

Discovery
FTP Both Disabled Super-user Setting Editor 20
active-
data
transfer
used for
Scan to file
NTP Both Enabled Super-user Setting editor 123
January, 2022 Page 58
 Canon Production Printing Technical information

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode, both)
Key Operator
LLMNR Both Enabled Super-user Setting editor 5355

11.11 SMB configuration

From Mark5 onwards, only SMB v3.x is supported (previous versions were dropped as they are
not secure).

Item Protection
1) the SMB file sharing must be disabled by off by default, can only be enabled by the Super-user
default
2) no administrative share shall be remotely The admin$ share is disabled
available
3) the system administrator must be able to The system administrator creates the hotfolder user
control/restrict the access to the SMB file account and chooses the password. No guest access
share allowed
4) any binary stored on an SMB file share Files dropped in the hotfolder are never executed
must not be executable on the controller
5) the SMB sharing must not provide the Protected by item 9)
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means Protected by item 9)
to modify the system configuration
7) it must not be possible to use this Account settings prevents this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the CPP process that receives the files Runs as normal user account
submitted to the SMB shares must not run
with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to SMB attack surface is reduced by filtering the remotely
minimize the SMB attack surface accessible named pipes on the IPC$ share, to only allow
the pipes required for SMB file sharing. Allowed pipes
are: browser, wkssvc, srvsvc.*

11.12 Web / FTP server

Main webserver: Microsoft Internet Information Services (IIS) 10.0

Backend webserver: server.info=Apache Tomcat/8.5.24

server.number=8.5.24.0
server.built=Nov 30 2017

Microsoft Internet Information Services (IIS) 10.0 does the encryption/decryption. Tomcat si still
being used to provide the webpages.

11.13 Operating system

Controller OS name: Microsoft Windows 10 IoT Enterprise LTSB 2016.

10.0.14393.2312

11.14 Annex1: Microsoft Security patches

January, 2022 Page 59

 Canon Production Printing Technical information

This OS image contains the cumulative update for Windows 10: June 12, 2018 (KB4284880
(OS Build 14393.2312)). Windows 10 updates are cumulative. Therefore, this package contains
all previously released fixes.

More detailed information on this update and previous updates can be retrieved from
http://www.microsoft.com and searching with the respective “cumulative windows 10”, “KB” or
“MS” numbers.

https://support.microsoft.com/en-us/help/4284880

Make sure to keep your product up to date by downloading and installing the latest Microsoft
security patches. The latest security patch can be downloaded from https://downloads.oce.com,
Search for your product and click on the security tab.

January, 2022 Page 60

 Canon Production Printing Technical information

12 Security Data Sheet PRISMAsync Print Server Mark 7.1 (version

20.3.x.x/20.4.x.x) based products.
12.1 Products definition and Controller information

The Security Data Sheet for PRISMAsync Print Server Mark 7.1
(version 20.3.x.x/20.4.x.x) based products is described in this
chapter for the following product:
- Canon iPR C910 Series
- Océ VarioPrint 6000+ Line / Océ VarioPrint 6000
line (Titan)

12.1.1 Canon iPR C910 Series v7.1.2.0

Product name Canon iPR C910 Series

Release version 7.1.2.0
Controller name PRISMAsync
Controller release 20.4.278.64 (MARK7.1)
version

12.1.2 Océ VarioPrint 6000+ Line / Océ VarioPrint 6000 line (Titan) v8.1.0.0

Product name Océ VarioPrint 6000+ Line

Océ VarioPrint 6000 Line (Titan)
Release version 8.1..0.0
Controller name PRISMAsync
Controller release 20.3.279.94 (MARK7.1)
version

12.2 Security short list

Operating system Microsoft Windows 10 IoT Enterprise LTSB 2016

MS security patches 10.0.14393.2828
Version PRISMAsync
Security levels NO
Certifications NO
Firewall Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Main Web server Microsoft Internet Information Services (IIS) 10.0
Backend Web server Apache Tomcat 8
E-shredding 1 - 3 pass (configurable)
Complies with NIST SP 800-88
Removable HDD NO
Data encryption NO
Network encryption YES (configurable)
Integrity protection YES (optional)

12.3 Controller Operating system

Controller OS name Microsoft Windows 10 IoT

Enterprise LTSB 2016.
10.0.14393.2312 (WINx64)

January, 2022 Page 61

 Canon Production Printing Technical information

OS Patches applied All relevant Microsoft patches

Please see Annex1: Microsoft Security patches for further details.

12.4 Virus check on software package

List of software The final ISO is checked

deliveries checked with up to date antivirus
software as part of the
standard release process
Delivery checked with McAfee scan engine
version
Alert detected No

12.5 BIOS: inaccessible by a random password

The PRISMAsync BIOS has a randomly generated password,

which prevents access to the settings and the possibility to
change any settings.

12.6 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
HotFolder user created Yes Disabled User
account
UPG_USER Yes Enabled User
Cloud_user Yes Enabled User
Oceadmin password is randomized at installations with a resale license,
immediately after license activation.

12.7 E-shredding

E-shredding is an optional feature which can be enabled or disabled by the system

administrator via the Settings Editor. PRISMAsync E-shredding Complies with current
data sanitization standards (NIST SP 800-88). The number of e-shredding passes can
be configuraed in the settings editor between 1 and 3 with a default set to 1.

The following data is being shredded:

• The submitted PDL data
• Bitmaps generated by the ripping of the job
• Thumbnails that are generated for job previewing

When does e-shredding occur (timing):

• Case 1: Job is printed: Once the job is printed e-shredding started immediately
(exception: incase the printed queue (history) is enabled, e-shredding starts
after the job has been deleted from the printed queue)
• Case 2: Job in queue: As long as you do not print the job it will be on one of the
queue’s (disk) in such a case you need to explicitly delete it to start the e-
shredding process.
• Case 3: Shredding may also occur when for example job settings are changed
that require a re-rip. In that case, bitmaps of the previous rip are shredded.

As the shredding is a continuous process during printing, shredding is performed in the

background. In general, depending on the load of the system and the number of passes
configured, the shredding is immediate.

January, 2022 Page 62

 Canon Production Printing Technical information

12.8 Integrity protection (optional, Licensed)

Protection type McAfee embedded control

Protected area Executables on Disk
In case of integrity check A warning is logged in the security audit log
prevention: This warning is also logged in the syslog,
datalog file.

12.9 Control panel access / User authentication

Access to the Control panel (operator panel) depends on the (PRISMAsync)

permissions granted to a specific user . The System Administrator can enable/disable
users, add/delete or adjusts access permissions. The default available users are:

User Access
Operator Control panel and only personal jobs
Central Oprator Control panel, all jobs, Settings Editor and Remote
manager
Key operator Control panel, all jobs, Settings Editor, Remote manager
and Configuration settings
Maintenance Oprator Control panel, all jobs, Settings Editor, Remote manager
and maintenace tasks
System administrator Control panel, all jobs, Settings Editor, Remote manager,
Configuration settings, installation tasks and IT settings
Service User Control panel, only personal jobs, Settings Editor, Remote
manager, Configuration settings, installation tasks and
tools of Service

For more information about user authentication see the PRISMAsync User manual.

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller and splash screen can not be minimized.

12.10 Network security

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode, both)
HTTP Both Enabled Service-user, No 80 (default
Super-user port) or in
range 21-
60535
HTTPS Both Enabled Service-user, No 443(default
Super-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled Service-user, Setting Editor 161
Super-user
WebDav Both Disabled Service-user, Setting Editor 80
Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Hotfolder Super-user

January, 2022 Page 63

 Canon Production Printing Technical information

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode, both)
SMB for Both Disabled Service-user, Setting Editor 445
Scan2SMB Super-user
SOCKET Both Disabled Super-user Setting Editor 9100 (default
PRINTING port) or in
range 7500-
9100
TP IPDS Both Disabled Key operator Setting Editor 5001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535
IPP Both Enabled Super-user Setting Editor 631
TP PCL Both Disabled Key operator Setting Editor 9001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535

WS Both Enabled Super-user Setting Editor 5357

Eventing

WS- Both Enabled Super-user Setting Editor 3702

Discovery
FTP Both Disabled Super-user Setting Editor 20
active-
data
transfer
used for
Scan to file
NTP Both Enabled Super-user Setting editor 123
Key Operator
LLMNR Both Enabled Super-user Setting editor 5355

12.11 SMB configuration

From Mark5 onwards, only SMB v3.x is supported (previous versions were dropped as they are
not secure).

Item
1) the SMB file sharing must be disabled by
default
2) no administrative share shall be remotely
available
3) the system administrator must be able to
control/restrict the access to the SMB file
share
4) any binary stored on an SMB file share
must not be executable on the controller
5) the SMB sharing must not provide the
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means
to modify the system configuration
7) it must not be possible to use this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the CPP process that receives the files
January, 2022
Protection
off by default, can only be enabled by the Super-user
The admin$ share is disabled
The system administrator creates the hotfolder user
account and chooses the password. No guest access
allowed
Files dropped in the hotfolder are never executed
Protected by item 9)
Protected by item 9)
Account settings prevents this
Runs as normal user account
Page 64
 Canon Production Printing Technical information

submitted to the SMB shares must not run

with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to
minimize the SMB attack surface
SMB attack surface is reduced by filtering the remotely
accessible named pipes on the IPC$ share, to only allow
the pipes required for SMB file sharing. Allowed pipes
are: browser, wkssvc, srvsvc.*

12.12 Web / FTP server

Main webserver: Microsoft Internet Information Services (IIS) 10.0

Backend webserver: server.info=Apache Tomcat/9.0.7

server.number=9.0.7
server.built / download date =April 03 2018

Microsoft Internet Information Services (IIS) 10.0 does the encryption/decryption. Tomcat is still
being used to provide the webpages.

12.13 Operating system

Controller OS name: Microsoft Windows 10 IoT Enterprise LTSB 2016.

10.0.14393.2828

12.14 Annex1: Microsoft Security patches

This OS image contains the cumulative update for Windows 10: Feb 19, 2019 (KB4487006, (OS
Build 14393.2828)). Windows 10 updates are cumulative. Therefore, this package contains all
previously released fixes.

More detailed information on this update and previous updates can be retrieved from
http://www.microsoft.com and searching with the respective “cumulative windows 10”, “KB” or
“MS” numbers.

https://support.microsoft.com/en-us/help/4487006

Make sure to keep your product up to date by downloading and installing the latest Microsoft
security patches. The latest security patch can be downloaded from https://downloads.oce.com,
Search for your product and click on the security tab.

January, 2022 Page 65

 Canon Production Printing Technical information

13 Security Data Sheet PRISMAsync Print Server Mark 7.2 (version

20.6.x.x) based products.
13.1 Products definition and Controller information

The Security Data Sheet for PRISMAsync Print Server Mark 7.2
(version 20.6.x.x) based products is described in this chapter for
the following product:
- Océ VarioPrint i-series

13.1.1 Océ VarioPrint i-series v2.4.2.0

Product name Océ VarioPrint i-series

Release version 2.4.2.0
Controller name PRISMAsync
Controller release 20.6.284.61
version

13.2 Security short list

Operating system Microsoft Windows 10 IoT Enterprise LTSB 2016

MS security patches 10.0.14393.2879
Version PRISMAsync
Security levels NO
Certifications NO
Firewall Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Main Web server Microsoft Internet Information Services (IIS) 10.0
Backend Web server Apache Tomcat 8
E-shredding 1 - 3 pass (configurable)
Complies with NIST SP 800-88
Removable HDD NO
Data encryption NO
Network encryption YES (configurable)
Integrity protection YES (optional)

13.3 Controller Operating system

Controller OS name Microsoft Windows 10 IoT

Enterprise LTSB 2016.
10.0.14393.2879 (WINx64)
OS Patches applied All relevant Microsoft patches
Please see Annex1: Microsoft Security patches for further details.

January, 2022 Page 66

 Canon Production Printing Technical information

13.4 Virus check on software package

List of software The final ISO is checked

deliveries checked with up to date antivirus
software as part of the
standard release process
Delivery checked with McAfee scan engine
version
Alert detected No

13.5 BIOS: inaccessible by a random password

The PRISMAsync BIOS has a randomly generated password,

which prevents access to the settings and the possibility to
change any settings.

13.6 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
HotFolder user created Yes Disabled User
account
UPG_USER Yes Enabled User
Cloud_user Yes Enabled User
Oceadmin password is randomized at installations with a resale license,
immediately after license activation.

13.7 E-shredding

E-shredding is an optional feature which can be enabled or disabled by the system

administrator via the Settings Editor. PRISMAsync E-shredding Complies with current
data sanitization standards (NIST SP 800-88). The number of e-shredding passes can
be configuraed in the settings editor between 1 and 3 with a default set to 1.

The following data is being shredded:

• The submitted PDL data
• Bitmaps generated by the ripping of the job
• Thumbnails that are generated for job previewing

When does e-shredding occur (timing):

• Case 1: Job is printed: Once the job is printed e-shredding started immediately
(exception: incase the printed queue (history) is enabled, e-shredding starts
after the job has been deleted from the printed queue)
• Case 2: Job in queue: As long as you do not print the job it will be on one of the
queue’s (disk) in such a case you need to explicitly delete it to start the e-
shredding process.
• Case 3: Shredding may also occur when for example job settings are changed
that require a re-rip. In that case, bitmaps of the previous rip are shredded.

As the shredding is a continuous process during printing, shredding is performed in the

background. In general, depending on the load of the system and the number of passes
configured, the shredding is immediate.

13.8 Integrity protection (optional, Licensed)

Protection type McAfee embedded control

Protected area Executables on Disk
In case of integrity check A warning is logged in the security audit log
January, 2022 Page 67
 Canon Production Printing Technical information

prevention: This warning is also logged in the syslog,

datalog file.

13.9 Control panel access / User authentication

Access to the Control panel (operator panel) depends on the (PRISMAsync)

permissions granted to a specific user . The System Administrator can enable/disable
users, add/delete or adjusts access permissions. The default available users are:

User Access
Operator Control panel and only personal jobs
Central Oprator Control panel, all jobs, Settings Editor and Remote
manager
Key operator Control panel, all jobs, Settings Editor, Remote manager
and Configuration settings
Maintenance Oprator Control panel, all jobs, Settings Editor, Remote manager
and maintenace tasks
System administrator Control panel, all jobs, Settings Editor, Remote manager,
Configuration settings, installation tasks and IT settings
Service User Control panel, only personal jobs, Settings Editor, Remote
manager, Configuration settings, installation tasks and
tools of Service

For more information about user authentication see the PRISMAsync User manual.

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller and splash screen can not be minimized.

13.10 Network security

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode, both)
HTTP Both Enabled Service-user, No 80 (default
Super-user port) or in
range 21-
60535
HTTPS Both Enabled Service-user, No 443(default
Super-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled Service-user, Setting Editor 161
Super-user
WebDav Both Disabled Service-user, Setting Editor 80
Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Hotfolder Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Scan2SMB Super-user
SOCKET Both Disabled Super-user Setting Editor 9100 (default
PRINTING port) or in
range 7500-

January, 2022 Page 68

 Canon Production Printing Technical information

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode, both)
9100
TP IPDS Both Disabled Key operator Setting Editor 5001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535
IPP Both Enabled Super-user Setting Editor 631
TP PCL Both Disabled Key operator Setting Editor 9001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535

WS Both Enabled Super-user Setting Editor 5357

Eventing

WS- Both Enabled Super-user Setting Editor 3702

Discovery

FTP Both Disabled Super-user Setting Editor 20

active-
data
transfer
used for
Scan to file
NTP Both Enabled Super-user Setting editor 123
Key Operator
LLMNR Both Enabled Super-user Setting editor 5355

13.11 SMB configuration

From Mark5 onwards, only SMB v3.x is supported (previous versions were dropped as they are
not secure).

Item Protection
1) the SMB file sharing must be disabled by off by default, can only be enabled by the Super-user
default
2) no administrative share shall be remotely The admin$ share is disabled
available
3) the system administrator must be able to The system administrator creates the hotfolder user
control/restrict the access to the SMB file account and chooses the password. No guest access
share allowed
4) any binary stored on an SMB file share Files dropped in the hotfolder are never executed
must not be executable on the controller
5) the SMB sharing must not provide the Protected by item 9)
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means Protected by item 9)
to modify the system configuration
7) it must not be possible to use this Account settings prevents this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the CPP process that receives the files Runs as normal user account
submitted to the SMB shares must not run
with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to SMB attack surface is reduced by filtering the remotely
minimize the SMB attack surface accessible named pipes on the IPC$ share, to only allow
January, 2022 Page 69
 Canon Production Printing Technical information

the pipes required for SMB file sharing. Allowed pipes

are: browser, wkssvc, srvsvc.*

13.12 Web / FTP server

Main webserver: Microsoft Internet Information Services (IIS) 10.0

Backend webserver: server.info=Apache Tomcat/9.0.7

server.number=9.0.7
server.built / download date =April 03 2018

Microsoft Internet Information Services (IIS) 10.0 does the encryption/decryption. Tomcat is still
being used to provide the webpages.

13.13 Annex1: Microsoft Security patches

This OS image contains the cumulative update for Windows 10: March 19, 2019 (KB4489889,
(OS Build 14393.2879)). Windows 10 updates are cumulative. Therefore, this package contains
all previously released fixes.

More detailed information on this update and previous updates can be retrieved from
http://www.microsoft.com and searching with the respective “cumulative windows 10”, “KB” or
“MS” numbers.

https://support.microsoft.com/en-us/help/4489889

Make sure to keep your product up to date by downloading and installing the latest Microsoft
security patches. The latest security patch can be downloaded from https://downloads.oce.com,
Search for your product and click on the security tab.

January, 2022 Page 70

 Canon Production Printing Technical information

14 Security Data Sheet PRISMAsync Print Server Mark 7.3 (version

20.9.x.x) based products.
14.1 Products definition and Controller information

The Security Data Sheet for PRISMAsync Print Server Mark 7.3
(version 20.9.x.x) based products is described in this chapter for
the following product:
- Canon varioPRINT 135 series / Canon varioPRINT
140 series
- Océ VarioPrint 6000+ Line / Océ VarioPrint 6000
line (Titan)
- Canon iPR C10000VP Series
- Canon iPR C850 Series

14.1.1 Canon varioPRINT 135 v7.1.0.0 / Canon varioPRINT 140 v7.1.0.0

Product name Canon varioPRINT 135 series

Canon varioPRINT 140 series
Release version 7.1.0.0
Controller name PRISMAsync
Controller release 20.9.295.49 (Mark7.3)
version

14.1.2 Océ VarioPrint 6000+ Line / Océ VarioPrint 6000 line (Titan) v8.2.0.0

Product name Océ VarioPrint 6000+ Line

Océ VarioPrint 6000 Line (Titan)
Release version 8.2.0.0
Controller name PRISMAsync
Controller release 20.9.297.55 (MARK7.3)
version

14.1.3 Canon iPR C10000VP Series v7.3.0.0 / v7.3.1.0

Product name Canon iPR C10000VP Series

Release version 7.3.0.0
7.3.1.0
Controller name PRISMAsync
Controller release 7.3.0.0: 20.9.296.65 (Mark 7.3)
version 7.3.1.0: 20.9.296.118 (Mark 7.3)

14.1.4 Canon iPR C850 Series v7.3.0.0

Product name Canon iPR C850 Series

Release version 7.3.0.0
Controller name PRISMAsync
Controller release 20.9.296.100 (Mark 7.3)
version

January, 2022 Page 71

 Canon Production Printing Technical information

14.2 Security short list

Operating system Microsoft Windows 10 IoT Enterprise LTSB 2016

MS security patches 10.0.14393.3085
Version PRISMAsync
Security levels NO
Certifications NO
Firewall Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Main Web server Microsoft Internet Information Services (IIS) 10.0
Backend Web server Apache Tomcat 8
E-shredding 1 - 3 pass (configurable)
Complies with NIST SP 800-88
Removable HDD NO
Data encryption NO
Network encryption YES (configurable)
Integrity protection YES (optional)

14.3 Controller Operating system

Controller OS name Microsoft Windows 10 IoT

Enterprise LTSB 2016.
10.0.14393.3085 (WINx64)
OS Patches applied All relevant Microsoft patches
Please see Annex1: Microsoft Security patches for further details.

14.4 Virus check on software package

List of software The final ISO is checked

deliveries checked with up to date antivirus
software as part of the
standard release process
Delivery checked with McAfee scan engine
version
Alert detected No

14.5 BIOS: inaccessible by a random password

The PRISMAsync BIOS has a randomly generated password,

which prevents access to the settings and the possibility to
change any settings.

14.6 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
HotFolder user created Yes Disabled User
account
UPG_USER Yes Enabled User
Cloud_user Yes Enabled User
January, 2022 Page 72
 Canon Production Printing Technical information

Oceadmin password is randomized at installations with a resale license,

immediately after license activation.

14.7 E-shredding

E-shredding is an optional feature which can be enabled or disabled by the system

administrator via the Settings Editor. PRISMAsync E-shredding Complies with current
data sanitization standards (NIST SP 800-88). The number of e-shredding passes can
be configuraed in the settings editor between 1 and 3 with a default set to 1.

The following data is being shredded:

• The submitted PDL data
• Bitmaps generated by the ripping of the job
• Thumbnails that are generated for job previewing

When does e-shredding occur (timing):

• Case 1: Job is printed: Once the job is printed e-shredding started immediately
(exception: incase the printed queue (history) is enabled, e-shredding starts
after the job has been deleted from the printed queue)
• Case 2: Job in queue: As long as you do not print the job it will be on one of the
queue’s (disk) in such a case you need to explicitly delete it to start the e-
shredding process.
• Case 3: Shredding may also occur when for example job settings are changed
that require a re-rip. In that case, bitmaps of the previous rip are shredded.

As the shredding is a continuous process during printing, shredding is performed in the

background. In general, depending on the load of the system and the number of passes
configured, the shredding is immediate.

14.8 Integrity protection (optional, Licensed)

Protection type McAfee embedded control

Protected area Executables on Disk
In case of integrity check A warning is logged in the security audit log
prevention: This warning is also logged in the syslog,
datalog file.

14.9 Control panel access / User authentication

Access to the Control panel (operator panel) depends on the (PRISMAsync)

permissions granted to a specific user . The System Administrator can enable/disable
users, add/delete or adjusts access permissions. The default available users are:

User Access
Operator Control panel and only personal jobs
Central Oprator Control panel, all jobs, Settings Editor and Remote
manager
Key operator Control panel, all jobs, Settings Editor, Remote manager
and Configuration settings
Maintenance Oprator Control panel, all jobs, Settings Editor, Remote manager
and maintenace tasks
System administrator Control panel, all jobs, Settings Editor, Remote manager,
Configuration settings, installation tasks and IT settings
Service User Control panel, only personal jobs, Settings Editor, Remote
manager, Configuration settings, installation tasks and
tools of Service

For more information about user authentication see the PRISMAsync User manual.

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller and splash screen can not be minimized.
January, 2022 Page 73
 Canon Production Printing Technical information

14.10 Network security

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode, both)
HTTP Both Enabled Service-user, No 80 (default
Super-user port) or in
range 21-
60535
HTTPS Both Enabled Service-user, No 443(default
Super-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled Service-user, Setting Editor 161
Super-user
WebDav Both Disabled Service-user, Setting Editor 80
Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Hotfolder Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Scan2SMB Super-user
SOCKET Both Disabled Super-user Setting Editor 9100 (default
PRINTING port) or in
range 7500-
9100
TP IPDS Both Disabled Key operator Setting Editor 5001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535
IPP Both Enabled Super-user Setting Editor 631
TP PCL Both Disabled Key operator Setting Editor 9001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535

WS Both Enabled Super-user Setting Editor 5357

Eventing

WS- Both Enabled Super-user Setting Editor 3702

Discovery

FTP Both Disabled Super-user Setting Editor 20

active-
data
transfer
used for
Scan to file
NTP Both Enabled Super-user Setting editor 123
Key Operator
LLMNR Both Enabled Super-user Setting editor 5355

January, 2022 Page 74

 Canon Production Printing Technical information

14.11 SMB configuration

From Mark5 onwards, only SMB v3.x is supported (previous versions were dropped as they are
not secure).

Item Protection
1) the SMB file sharing must be disabled by off by default, can only be enabled by the Super-user
default
2) no administrative share shall be remotely The admin$ share is disabled
available
3) the system administrator must be able to The system administrator creates the hotfolder user
control/restrict the access to the SMB file account and chooses the password. No guest access
share allowed
4) any binary stored on an SMB file share Files dropped in the hotfolder are never executed
must not be executable on the controller
5) the SMB sharing must not provide the Protected by item 9)
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means Protected by item 9)
to modify the system configuration
7) it must not be possible to use this Account settings prevents this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the CPP process that receives the files Runs as normal user account
submitted to the SMB shares must not run
with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to SMB attack surface is reduced by filtering the remotely
minimize the SMB attack surface accessible named pipes on the IPC$ share, to only allow
the pipes required for SMB file sharing. Allowed pipes
are: browser, wkssvc, srvsvc.*

14.12 Web / FTP server

Main webserver: Microsoft Internet Information Services (IIS) 10.0

Backend webserver: server.info=Apache Tomcat/9.0.7

server.number=9.0.7
server.built / download date =April 03 2018

Microsoft Internet Information Services (IIS) 10.0 does the encryption/decryption. Tomcat is still
being used to provide the webpages.

14.13 Annex1: Microsoft Security patches

This OS image contains the cumulative update for Windows 10: July 9, 2019 (KB4507460, (OS
Build 14393.3085)). Windows 10 updates are cumulative. Therefore, this package contains all
previously released fixes.

More detailed information on this update and previous updates can be retrieved from
http://www.microsoft.com and searching with the respective “cumulative windows 10”, “KB” or
“MS” numbers.

https://support.microsoft.com/en-us/help/4507460

Make sure to keep your product up to date by downloading and installing the latest Microsoft
security patches. The latest security patch can be downloaded from https://downloads.oce.com,
Search for your product and click on the security tab.

January, 2022 Page 75

 Canon Production Printing Technical information

15 Security Data Sheet PRISMAsync Print Server Mark 7.4.x based

products.
15.1 Products definition and Controller information

The Security Data Sheet for PRISMAsync Print Server Mark 7.4.x
based products is described in this chapter for the following
product:
- Canon iPR C910 Series
- varioPRINT 6000 Ultra line / varioPRINT 6000+
line (Titan) / varioPRINT 6000 series TITAN
- Canon varioPRINT 135 series / Canon varioPRINT
140 series
- Canon iPR C850 Series
- Canon iPR C10000VP Series
- Canon iPR C10010VP Series
- Océ VarioPrint i-series
- Canon varioPRINT iX-series

15.1.1 Canon iPR C910 Series v7.4.0.0 / v7.4.3.0

Product name Canon iPR C910 Series

Release version 7.4.0.0
7.4.3.0
Controller name PRISMAsync
Controller release 7.4.0.0: 21.2.304.29 (Mark 7.4)
version 7.4.3.0: 21.5.311.210 (Mark 7.4.1)
Operating system 7.4.0.0: 10.0.17763.973
version 7.4.3.0: 10.0.17763.973

15.1.2 varioPRINT 6000 Ultra line / varioPRINT 6000+ line (Titan) / varioPRINT 6000
series TITAN v8.3.0.0 / 8.3.2.0 / 8.4.0.0

Product name varioPRINT 6000 Ultra line

varioPRINT 6000+ Line
varioPRINT 6000 series TITAN
Release version 8.3.0.0
8.3.2.0
8.4.0.0
Controller name PRISMAsync
Controller release 8.3.0.0: 21.2.300.46 (Mark 7.4)
version 8.3.2.0: 21.2.300.51 (Mark7.4)
8.4.0.0: 21.5.310.159 (Mark7.4.1.0)
Operating system 8.3.0.0: 10.0.17763.973
version 8.3.2.0: 10.0.17763.973
8.4.0.0: 10.0.17763.973

15.1.3 Canon varioPRINT 135 v7.2.1.0 / Canon varioPRINT 140 v7.2.1.0

Product name Canon varioPRINT 135 series

Canon varioPRINT 140 series
Release version 7.2.1.0
Controller name PRISMAsync
Controller release 7.2.1.0: 21.2.303.70 (Mark 7.4)
version
Operating system 7.2.1.0: 10.0.17763.973
version

January, 2022 Page 76

 Canon Production Printing Technical information

15.1.4 Canon iPR C10010VP Series v7.4.0.0 / 7.4.1.0

Product name Canon iPR C10000VP Series

Release version 7.4.0.0
7.4.1.0
Controller name PRISMAsync
Controller release 7.4.0.0: 21.2.299.152 (Mark 7.4)
version 7.4.1.0: 21.2.299.183 (Mark 7.4)
Operating system 7.4.0.0: 10.0.17763.973
version 7.4.1.0: 10.0.17763.973

15.1.5 Canon iPR C850 Series v7.4.2.0

Product name Canon iPR C850 Series

Release version 7.4.2.0
Controller name PRISMAsync
Controller release 7.4.2.0 : 21.9.316.160 (Mark 7.4.2)
version
Operating system 7.4.2.0: 10.0.17763.1397
version

15.1.6 Canon iPR C10000VP Series v7.4.2.0

Product name Canon iPR C10000VP Series

Release version 7.4.2.0
Controller name PRISMAsync
Controller release 7.4.2.0 : 21.9.316.160 (Mark 7.4.2)
version
Operating system 7.4.2.0: 10.0.17763.1397
version

15.1.7 Océ VarioPrint i-series v4.1.2.0

Product name Océ VarioPrint i-series

Release version 4.1.2.0
Controller name PRISMAsync
Controller release 4.1.2.0: 21.9.315.80 (Mark 7.4.2)
version
Operating system 4.1.2.0: 10.0.17763.1397
version

15.1.8 Canon varioPRINT iX-series v4.1.0.0 / 4.1.1.0 / 4.1.2.0

Product name Canon varioPRINT iX-series

Release version 4.1.0.0
4.1.1.0
4.1.2.0
Controller name PRISMAsync
Controller release 4.1.0.0: 21.5.309.83 (Mark 7.4.1)
version 4.1.1.0: 21.9.315.46 (Mark 7.4.2)
4.1.2.0: 21.9.315.80 (Mark 7.4.2)
Operating system 4.1.0.0: 10.0.17763.973
version 4.1.1.0: 10.0.17763.1397
4.1.2.0: 10.0.17763.1397

January, 2022 Page 77

 Canon Production Printing Technical information

15.2 Security short list

Operating system Microsoft Windows 10 IoT Enterprise LTSC 2019

Platform PRISMAsync
Security levels NO
Certifications NO
Firewall YES: Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Main Web server Microsoft Internet Information Services (IIS) 10.0
Backend Web server Apache Tomcat 9
E-shredding 1 - 3 pass (configurable)
Complies with NIST SP 800-88
Removable HDD NO
Data encryption YES (optional – depending on availablilty hardware)
Network encryption YES (configurable)
Integrity protection YES (optional)
Decommissioning YES (optional – depending on availablilty hardware)

15.3 Controller Operating system

Controller OS name Microsoft Windows 10 IoT Enterprise LTSC 2019.

10.0.17763.xxxx (WINx64)
OS Patches applied All relevant Microsoft patches
Please see Annex1: Microsoft Security patches for further details.

15.4 Virus check on software package

List of software The final ISO is checked

deliveries checked with up to date antivirus
software as part of the
standard release process
Delivery checked with McAfee scan engine
version
Alert detected No

15.5 BIOS: inaccessible by a random password

The PRISMAsync BIOS has a randomly generated password,

which prevents access to the settings and the possibility to
change any settings.

15.6 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
HotFolder user created Yes Disabled User
account
UPG_USER Yes Enabled User
Cloud_user Yes Enabled User

January, 2022 Page 78

 Canon Production Printing Technical information

Oceadmin password is randomized at installations with a resale license,

immediately after license activation.

15.7 Disk encryption

Harddisk encryption used in he PRISMAsync is based on BitLocker. Harddisk

encryption is always enabled when supported by the PRISMAsync print server
hardware. This is done early in the installation phase, such that all data ever written to
the disk is encrypted. In order to check that the hardware of your system supports
encryption, a readonly setting is shown in the Settings Editor (Configuration 
Security):

15.8 Decommissioning

When printing systems reach the end of their operational life deommissioning can be
used to be sure that all the customer (confidential) data has been securily erased.
To protect the use of this functionality, next to the System Adminsitartor, it is also
required that the service operator logs in to confim the decommesioning action.

When the system reboots the BIOS clears the TPM and shows a boot failure screen
that tells the user no operating system can be found. This signals that the procedure
was completed successfully.

15.9 E-shredding

E-shredding is an optional feature which can be enabled or disabled by the system

administrator via the Settings Editor. PRISMAsync E-shredding Complies with current
data sanitization standards (NIST SP 800-88). The number of e-shredding passes can
be configuraed in the settings editor between 1 and 3 with a default set to 1.

The following data is being shredded:

• The submitted PDL data
• Bitmaps generated by the ripping of the job
• Thumbnails that are generated for job previewing

When does e-shredding occur (timing):

• Case 1: Job is printed: Once the job is printed e-shredding started immediately
(exception: incase the printed queue (history) is enabled, e-shredding starts
after the job has been deleted from the printed queue)
• Case 2: Job in queue: As long as you do not print the job it will be on one of the
queue’s (disk) in such a case you need to explicitly delete it to start the e-
shredding process.
• Case 3: Shredding may also occur when for example job settings are changed
that require a re-rip. In that case, bitmaps of the previous rip are shredded.

As the shredding is a continuous process during printing, shredding is performed in the

background. In general, depending on the load of the system and the number of passes
configured, the shredding is immediate.

January, 2022 Page 79

 Canon Production Printing Technical information

15.10 Integrity protection (optional, Licensed)

Protection type McAfee embedded control

Protected area Executables on Disk
In case of integrity check A warning is logged in the security audit log
prevention: This warning is also logged in the syslog,
datalog file.

15.11 Control panel access / User authentication

Access to the Control panel (operator panel) depends on the (PRISMAsync)

permissions granted to a specific user . The System Administrator can enable/disable
users, add/delete or adjusts access permissions. The default available users are:

User Access
Operator Control panel and only personal jobs
Central Oprator Control panel, all jobs, Settings Editor and Remote
manager
Key operator Control panel, all jobs, Settings Editor, Remote manager
and Configuration settings
Maintenance Oprator Control panel, all jobs, Settings Editor, Remote manager
and maintenace tasks
System administrator Control panel, all jobs, Settings Editor, Remote manager,
Configuration settings, installation tasks and IT settings
Service User Control panel, only personal jobs, Settings Editor, Remote
manager, Configuration settings, installation tasks and
tools of Service

For more information about user authentication see the PRISMAsync User manual.

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller and splash screen can not be minimized.

15.12 Network security

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode,
both)
HTTP Both Enabled Service-user, No 80 (default
Super-user port) or in
range 21-
60535
HTTPS Both Enabled Service-user, No 443(default
Super-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled Service-user, Setting Editor 161
Super-user
WebDav Both Disabled Service-user, Setting Editor 80

January, 2022 Page 80

 Canon Production Printing Technical information

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode,
both)
Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Hotfolder Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Scan2SMB Super-user
SOCKET Both Disabled Super-user Setting Editor 9100 (default
PRINTING port) or in
range 7500-
9100
TP IPDS Both Disabled Key operator Setting Editor 5001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535
IPP Both Enabled Super-user Setting Editor 631
TP PCL Both Disabled Key operator Setting Editor 9001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535

WS Eventing Both Enabled Super-user Setting Editor 5357

WS- Both Enabled Super-user Setting Editor 3702

Discovery
FTP active- Both Disabled Super-user Setting Editor 20
data transfer
used for
Scan to file

NTP Both Enabled Super-user Setting editor 123

Key Operator
LLMNR Both Enabled Super-user Setting editor 5355
IPsec Both Disabled Super-user Setting editor 500

15.13 SMB configuration

From Mark5 onwards, only SMB v3.x is supported (previous versions were dropped as they are
not secure).

Item Protection
1) the SMB file sharing must be disabled by off by default, can only be enabled by the Super-user
default
2) no administrative share shall be remotely The admin$ share is disabled
available
3) the system administrator must be able to The system administrator creates the hotfolder user
control/restrict the access to the SMB file account and chooses the password. No guest access
share allowed
4) any binary stored on an SMB file share Files dropped in the hotfolder are never executed
must not be executable on the controller
5) the SMB sharing must not provide the Protected by item 9)
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means Protected by item 9)
January, 2022 Page 81
 Canon Production Printing Technical information

to modify the system configuration

7) it must not be possible to use this Account settings prevents this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the CPP process that receives the files Runs as normal user account
submitted to the SMB shares must not run
with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to SMB attack surface is reduced by filtering the remotely
minimize the SMB attack surface accessible named pipes on the IPC$ share, to only allow
the pipes required for SMB file sharing. Allowed pipes
are: browser, wkssvc, srvsvc.*

15.14 Web / FTP server

Main webserver: Microsoft Internet Information Services (IIS) 10.0

Backend webserver: server.info=Apache Tomcat/9.0.24

server.number=9.0.24
server.built date =20190814

Microsoft Internet Information Services (IIS) 10.0 does the encryption/decryption. Tomcat is still
being used to provide the webpages.

15.15 Annex1: Microsoft Security patches

This OS images of Mark 7.4.x contain one of the following cumulative updates for Windows 10:
- January 14, 2020 (KB4534273, (OS Build 17763.973)).
- August 11, 2020 (KB4565349, (OS Build 17763.1397))

Windows 10 updates are cumulative. Therefore, this package contains all previously released
fixes.

More detailed information on this update and previous updates can be retrieved from
http://www.microsoft.com and searching with the respective “cumulative windows 10”, “KB” or
“MS” numbers.

https://support.microsoft.com/en-us/help/4534273
https://support.microsoft.com/en-us/help/4565349

Make sure to keep your product up to date by enabling automatic Operating system updates via
On Remote Service or by downloading and installing the latest Microsoft security patches. The
latest security patch can be downloaded from https://downloads.cpp.canon, Search for your
product and click on the security tab.

January, 2022 Page 82

 Canon Production Printing Technical information

16 Security Data Sheet PRISMAsync Print Server Mark 8.1.x based

products.
16.1 Products definition and Controller information

The Security Data Sheet for PRISMAsync Print Server Mark 8.1.X
based products is described in this chapter for the following
product:
- Canon varioPRINT 135 series / Canon varioPRINT
140 series
- Canon iPR C10010VP Series
- Canon iPR C10000VP Series
- Canon iPR C910 Series
- Canon varioPRINT iX-series
- varioPRINT 6000 Ultra line / varioPRINT 6000+
line (Titan) / varioPRINT 6000 series TITAN

16.1.1 Canon varioPRINT 135 v8.1.1.0 / Canon varioPRINT 140 v8.1.1.0

Product name Canon varioPRINT 135 series

Canon varioPRINT 140 series
Release version v8.1.1.0
Controller name PRISMAsync
Controller release 21.12.322.191 (Mark 8.1)
version
Operating system v8.1.1.0: 10.0.17763.1577
version

16.1.2 Canon iPR C10010VP Series v8.1.0.0 / v8.2.0.0 / v8.3.0.0

Product name Canon iPR C10000VP Series

Release version v8.1.0.0
v8.2.0.0
v8.3.0.0
Controller name PRISMAsync
Controller release v8.1.0.0 : 22.12.323.230 (Mark 8.1)
version v8.2.0.0 : 22.3.331.41 (Mark 8.1.1)
v8.3.0.0 : 22.3.331.84 (Mark 8.1.2)
Operating system v8.1.0.0: 10.0.17763.1577
version v8.2.0.0: 10.0.17763.1790
v8.3.0.0: 10.0.17763.2114

16.1.3 Canon iPR C10000VP Series v8.1.0.0 / v8.2.1.0

Product name Canon iPR C10000VP Series

Release version v8.1.0.0
v8.2.1.0
Controller name PRISMAsync
Controller release 22.12.323.249 (Mark 8.1)
version 22.3.331.95 (Mark 8.1.2)
Operating system v8.1.0.0: 10.0.17763.1577
version v8.2.0.0: 10.0.17763.2114

16.1.4 Canon iPR C910 Series v8.1.0.0 / v8.2.0.0

Product name Canon iPR C910 Series

January, 2022 Page 83
 Canon Production Printing Technical information

Release version v8.1.0.0

v8.2.0.0
Controller name PRISMAsync
Controller release v8.1.0.0: 21.12.323.265 (Mark 8.1)
version v8.2.0.0: 22.3.331.75 (Mark 8.1.2)
Operating system v8.1.0.0: 10.0.17763.1577
version v8.2.0.0: 10.0.17763.2114

16.1.5 Canon varioPRINT iX-series v4.1.3.0 / 4.2.0.0 / 4.2.1.0

Product name Canon varioPRINT iX-series

Release version v4.1.3.0
v4.2.0.0
v4.2.1.0
Controller name PRISMAsync
Controller release v4.1.3.0: 21.12.321.212 (Mark 8.1)
version v4.2.0.0: 22.4.330.62 (Mark 8.1.1)
v4.2.1.0: 22.4.330.98 (Mark 8.1.1)
Operating system v4.1.3.0: 10.0.17763.1577
version v4.2.0.0: 10.0.17763.1790
v4.2.1.0: 10.0.17763.2029

16.1.6 varioPRINT 6000 Ultra line / varioPRINT 6000+ line / varioPRINT 6000 series TITAN
v8.5.0.0

Product name VarioPrint 6000 Ultra line

VarioPRINT 6000+ Line
varioPRINT 6000 series TITAN
Release version v8.4.2.0
v8.5.0.0
Controller name PRISMAsync
Controller release v8.4.2.0: 21.12.322.211 (Mark 8.1)
version v8.5.0.0: 22.3.329.75 (Mark 8.1.2)
Operating system v8.4.2.0 : 10.0.17763.1577
version v8.5.0.0: 10.0.17763.1971

16.2 Security short list

Operating system Microsoft Windows 10 IoT Enterprise LTSC 2019

Version PRISMAsync
Security levels NO
Certifications NO
Firewall YES, Windows firewall
Ports configurable YES, via enabling / disabling functionality
Protocols configurable YES
Address filtering NO
Anti-virus NO
Main Web server Microsoft Internet Information Services (IIS) 10.0
Backend Web server Apache Tomcat 9
E-shredding 1 - 3 pass (configurable)
Complies with NIST SP 800-88
Removable HDD NO
Data encryption YES (optional – depending on availablilty hardware)
Network encryption YES (configurable)
Integrity protection YES (optional)
Decommissioning YES (optional – depending on availablilty hardware)
January, 2022 Page 84
 Canon Production Printing Technical information

16.3 Controller Operating system

Controller OS name Microsoft Windows 10 IoT Enterprise LTSC 2019.

10.0.17763.xxxx (WINx64)
OS Patches applied All relevant Microsoft patches
Please see Annex1: Microsoft Security patches for further details.

16.4 Virus check on software package

List of software The final ISO is checked

deliveries checked with up to date antivirus
software as part of the
standard release process
Delivery checked with McAfee scan engine
version
Alert detected No

16.5 BIOS: inaccessible by a random password

The PRISMAsync BIOS has a randomly generated password,

which prevents access to the settings and the possibility to
change any settings.

16.6 Controller OS Accounts

Password Default setting Privilege

protected? after installation level
UI_USER Yes Enabled User
Network_USER Yes Enabled User
Oceadmin Yes Enabled OS-admin
HiddenAdministrator Yes Disabled OS-admin
HotFolder user created Yes Disabled User
account
UPG_USER Yes Enabled User
Cloud_user Yes Enabled User
Oceadmin password is randomized at installations with a resale license,
immediately after license activation.

16.7 Disk encryption

Harddisk encryption used in he PRISMAsync is based on BitLocker. Harddisk

encryption is always enabled when supported by the PRISMAsync print server
hardware. This is done early in the installation phase, such that all data ever written to
the disk is encrypted. In order to check that the hardware of your system supports
encryption, a readonly setting is shown in the Settings Editor (Configuration 
Security):

16.8 Decommissioning

When printing systems reach the end of their operational life deommissioning can be
used to be sure that all the customer (confidential) data has been securily erased.
To protect the use of this functionality, next to the System Adminsitartor, it is also
required that the service operator logs in to confim the decommesioning action.

January, 2022 Page 85

 Canon Production Printing Technical information

When the system reboots the BIOS clears the TPM and shows a boot failure screen
that tells the user no operating system can be found. This signals that the procedure
was completed successfully.

16.9 E-shredding

E-shredding is an optional feature which can be enabled or disabled by the system

administrator via the Settings Editor. PRISMAsync E-shredding Complies with current
data sanitization standards (NIST SP 800-88). The number of e-shredding passes can
be configuraed in the settings editor between 1 and 3 with a default set to 1.

The following data is being shredded:

• The submitted PDL data
• Bitmaps generated by the ripping of the job
• Thumbnails that are generated for job previewing

When does e-shredding occur (timing):

• Case 1: Job is printed: Once the job is printed e-shredding started immediately
(exception: incase the printed queue (history) is enabled, e-shredding starts
after the job has been deleted from the printed queue)
• Case 2: Job in queue: As long as you do not print the job it will be on one of the
queue’s (disk) in such a case you need to explicitly delete it to start the e-
shredding process.
• Case 3: Shredding may also occur when for example job settings are changed
that require a re-rip. In that case, bitmaps of the previous rip are shredded.

As the shredding is a continuous process during printing, shredding is performed in the

background. In general, depending on the load of the system and the number of passes
configured, the shredding is immediate.

16.10 Integrity protection (optional, Licensed)

Protection type McAfee embedded control

Protected area Executables on Disk
In case of integrity check A warning is logged in the security audit log
prevention: This warning is also logged in the syslog,
datalog file.

16.11 Control panel access / User authentication

Access to the Control panel (operator panel) depends on the (PRISMAsync)

permissions granted to a specific user . The System Administrator can enable/disable
users, add/delete or adjusts access permissions. The default available users are:

User Access
Operator Control panel and only personal jobs
Central Oprator Control panel, all jobs, Settings Editor and Remote
manager
Key operator Control panel, all jobs, Settings Editor, Remote manager
and Configuration settings
Maintenance Oprator Control panel, all jobs, Settings Editor, Remote manager
and maintenace tasks
System administrator Control panel, all jobs, Settings Editor, Remote manager,
Configuration settings, installation tasks and IT settings
Service User Control panel, only personal jobs, Settings Editor, Remote
manager, Configuration settings, installation tasks and
tools of Service

For more information about user authentication see the PRISMAsync User manual.

January, 2022 Page 86

 Canon Production Printing Technical information

Note: the OS interface is not available because there is no keyboard and mouse
connected to the controller and splash screen can not be minimized.

16.12 Network security

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode,
both)
HTTP Both Enabled Service-user, No 80 (default
Super-user port) or in
range 21-
60535
HTTPS Both Enabled Service-user, No 443(default
Super-user port) or in
range 21-
60535
LPR Both Enabled Nobody Setting Editor 515
NetBIOS Service Disable Nobody Setting Editor 139 137, 138
(When netbios
enabled and
scan2smb or
hotfolder enabled)
SNMP Both Enabled Service-user, Setting Editor 161
Super-user
WebDav Both Disabled Service-user, Setting Editor 80
Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Hotfolder Super-user
SMB for Both Disabled Service-user, Setting Editor 445
Scan2SMB Super-user
SOCKET Both Disabled Super-user Setting Editor 9100 (default
PRINTING port) or in
range 7500-
9100
TP IPDS Both Disabled Key operator Setting Editor 5001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535
IPP Both Enabled Super-user Setting Editor 631
TP PCL Both Disabled Key operator Setting Editor 9001 (default
(locally) port) or in
Service-user range 5001-
Super-user 65535

WS Eventing Both Enabled Super-user Setting Editor 5357

WS- Both Enabled Super-user Setting Editor 3702

Discovery

January, 2022 Page 87

 Canon Production Printing Technical information

Protocol Availability Default People allowed Inteface used to Ports

(service Install to enable/disable
mode, enable/disable protocol TCP UDP
normal service
mode,
both)
FTP active- Both Disabled Super-user Setting Editor 20
data transfer
used for
Scan to file

NTP Both Enabled Super-user Setting editor 123

Key Operator
LLMNR Both Enabled Super-user Setting editor 5355
IPsec Both Disabled Super-user Setting editor 500

16.13 SMB configuration

From Mark5 onwards, only SMB v3.x is supported (previous versions were dropped as they are
not secure).

Item Protection
1) the SMB file sharing must be disabled by off by default, can only be enabled by the Super-user
default
2) no administrative share shall be remotely The admin$ share is disabled
available
3) the system administrator must be able to The system administrator creates the hotfolder user
control/restrict the access to the SMB file account and chooses the password. No guest access
share allowed
4) any binary stored on an SMB file share Files dropped in the hotfolder are never executed
must not be executable on the controller
5) the SMB sharing must not provide the Protected by item 9)
following information: available OS accounts,
OS partitions, running processes and services
6) the SMB sharing must not provide a means Protected by item 9)
to modify the system configuration
7) it must not be possible to use this Account settings prevents this
functionality in order to brute force <OS-
Administrator> or <Super-User> passwords
8) the CPP process that receives the files Runs as normal user account
submitted to the SMB shares must not run
with <OS-Administrator> privileges (or
equivalent)
9) the system must be configured in order to SMB attack surface is reduced by filtering the remotely
minimize the SMB attack surface accessible named pipes on the IPC$ share, to only allow
the pipes required for SMB file sharing. Allowed pipes
are: browser, wkssvc, srvsvc.*

16.14 Web / FTP server

Main webserver: Microsoft Internet Information Services (IIS) 10.0

Backend webserver: server.info=Apache Tomcat/9.0.40

server.number=9.0.40
server.built date =20201112

Microsoft Internet Information Services (IIS) 10.0 does the encryption/decryption. Tomcat is still
being used to provide the webpages.

January, 2022 Page 88

 Canon Production Printing Technical information

16.15 Annex1: Microsoft Security patches

This OS images of Mark 8.1.x can contain one of the following cumulative updates for Windows
10, depending on release moment the included windows update is newer, see paragraph
Products definition and Controller information to included windows updat):
- November 10, 2020 (KB4586793, (OS Build 17763.1577)).
- February 16, 2020 (KB4601383, (OS Build 17763.1790))
- May 20, 2020 (KB5003217, (OS Build 17763.1971))
- July 6, 2021-KB5004947 (OS Build 17763.2029)
- August 10, 2021 (KB5005030 (OS Build 17763.2114))

Windows 10 updates are cumulative. Therefore, this packages contains all previously released
fixes.

More detailed information on this update and previous updates can be retrieved from
http://www.microsoft.com and searching with the respective “cumulative windows 10”, “KB” or
“MS” numbers.

Windows update Detailed information

17763.1577 https://support.microsoft.com/en-
us/help/4586793

17763.1790 https://support.microsoft.com/en-
us/help/4601383

17763.1971 https://support.microsoft.com/en-
us/help/5003217

17763.2029 https://support.microsoft.com/en-
us/help/5004947

17763.2114 https://support.microsoft.com/en-
us/help/5005030

Make sure to keep your product up to date by enabling automatic Operating system updates via
On Remote Service or by downloading and installing the latest Microsoft security patches. The
latest security patch can be downloaded from https://downloads.cpp.canon, Search for your
product and click on the security tab.

January, 2022 Page 89

Canon Inc.
canon.com

Canon U.S.A., Inc.

usa.canon.com

Canon Canada, Inc.

canon.ca

Canon Europa Ltd.

canon-europe.com

Canon Latin America Inc.

cla.canon.com

Canon Production Printing Australia PTY. Ltd

anz.cpp.canon

Canon China Co., Ltd

canon.com.cn

Canon Singapore PTE. Ltd

sg.canon

Canon Hongkong Co., Ltd

hk.canon

© 2020 – 2022 Canon Production Printing