User's Guide BH C35

User’s Guide [Security Operations]
2010. 10
Ver. 1.00
Contents
1 Security
1.1 Introduction ..................................................................................................................................... 1-2
Compliance with the ISO15408 Standard ......................................................................................... 1-2
Operating Precautions ....................................................................................................................... 1-2
INSTALLATION CHECKLIST.............................................................................................................. 1-3
1.2 Security Functions .......................................................................................................................... 1-4
Check Count Clear Conditions .......................................................................................................... 1-4
1.3 Data to be Protected ...................................................................................................................... 1-5
1.4 Precautions for Operation Control ................................................................................................ 1-6
Roles and Requirements of the Administrator ................................................................................... 1-6
Password Usage Requirements ........................................................................................................ 1-6
Network Connection Requirements for the Machine......................................................................... 1-6
User information control system control requirements ..................................................................... 1-6
Security function operation setting operating requirements.............................................................. 1-7
Operation and control of the machine ............................................................................................... 1-7
Machine Maintenance Control ........................................................................................................... 1-7
Operating conditions for the IC card and IC card reader .................................................................. 1-7
IC card owner requirements .............................................................................................................. 1-7
1.5 Miscellaneous.................................................................................................................................. 1-8
Password Rules ................................................................................................................................. 1-8
Precautions for Use of Various Types of Applications....................................................................... 1-8
Encrypting communications .............................................................................................................. 1-9
IPP printing ........................................................................................................................................ 1-9
Items of Data Cleared by Data Erase Function................................................................................ 1-10
HDD Format ..................................................................................................................................... 1-11
Upgrading of the firmware ............................................................................................................... 1-11
2 Administrator Operations
2.1 Accessing the Admin Settings....................................................................................................... 2-2
Accessing the Admin Settings ........................................................................................................... 2-2
2.2 Enhancing the Security Function................................................................................................... 2-5
Setting the Enhanced Security Mode ................................................................................................ 2-7
2.3 Setting the Authentication Method ............................................................................................... 2-9
Setting the Authentication Method .................................................................................................... 2-9
2.4 ID & Print Setting Function........................................................................................................... 2-12
Setting the ID & Print........................................................................................................................ 2-12
2.5 Auto Reset Function ..................................................................................................................... 2-13
Setting the Auto Reset function ....................................................................................................... 2-13
2.6 User Setting Function ................................................................................................................... 2-16
Making user setting.......................................................................................................................... 2-16
2.7 IC card information Setting Function.......................................................................................... 2-18
Registering information from the control panel ............................................................................... 2-18
2.8 Changing the Administrator Password....................................................................................... 2-20
Changing the Administrator Password ............................................................................................ 2-20
2.9 Erasing data when the machine is to be discarded or use of a leased machine is
terminated...................................................................................................................................... 2-22
2.9.1 Setting the Overwrite All Data.......................................................................................................... 2-22
2.9.2 Setting the SSD Low-level Format................................................................................................... 2-25
2.9.3 Setting the Restore All ..................................................................................................................... 2-26
2.10 SSL Setting Function .................................................................................................................... 2-27
2.10.1 Device Certificate Setting ................................................................................................................ 2-27
2.10.2 SSL Setting ...................................................................................................................................... 2-29
2.10.3 Removing a Certificate..................................................................................................................... 2-30
bizhub C35 Contents-1

2.11 SNMP Setting Function ................................................................................................................ 2-32
2.11.1 Changing the auth-password and priv-password ........................................................................... 2-32
2.11.2 SNMP access authentication function............................................................................................. 2-33
2.11.3 SNMP v3 setting function ................................................................................................................ 2-33
2.11.4 SNMP network setting function ....................................................................................................... 2-33
2.12 Accessing the Scan to HDD file................................................................................................... 2-34
Accessing the image file .................................................................................................................. 2-34
2.13 TCP/IP Setting Function ............................................................................................................... 2-36
2.13.1 Setting the IP Address ..................................................................................................................... 2-36
2.13.2 Registering the DNS Server ............................................................................................................. 2-36
2.14 NetWare Setting Function ............................................................................................................ 2-37
Making the NetWare Setting ............................................................................................................ 2-37
2.15 SMB Setting Function ................................................................................................................... 2-38
Making the SMB Setting .................................................................................................................. 2-38
2.16 AppleTalk Setting Function .......................................................................................................... 2-39
Making the AppleTalk Setting .......................................................................................................... 2-39
2.17 E-Mail Setting Function ................................................................................................................ 2-40
Setting the SMTP Server (E-Mail Server) ......................................................................................... 2-40
3 User Operations
3.1 User Authentication Function ........................................................................................................ 3-2
3.1.1 Performing user authentication (authentication through entry of the user name and
user password)....................................................................................................................................3-3
3.1.2 Performing user authentication (identification through the IC card) .................................................. 3-7
3.1.3 Performing user authentication (authentication through the IC card + user password) .................... 3-8
3.2 ID & Print Function ........................................................................................................................ 3-12
3.2.1 Registering ID & Print files ............................................................................................................... 3-12
3.2.2 Accessing the ID & Print file............................................................................................................. 3-14
3.3 Change Password Function ......................................................................................................... 3-16
Performing Change Password ......................................................................................................... 3-16
3.4 Secured Job Function................................................................................................................... 3-18
3.4.1 Registering Secured Job files .......................................................................................................... 3-18
3.4.2 Accessing the Secured Job file ....................................................................................................... 3-20
3.5 Scan to HDD Function .................................................................................................................. 3-23
3.5.1 Registering image files..................................................................................................................... 3-23
3.5.2 Accessing the image file .................................................................................................................. 3-25
4 Application Software
4.1 PageScope Data Administrator ..................................................................................................... 4-2
Precautions during backup or restore ............................................................................................... 4-2
4.1.1 Accessing from PageScope Data Administrator ............................................................................... 4-2
4.1.2 Setting the user authentication method............................................................................................. 4-4
4.1.3 Changing the authentication mode.................................................................................................... 4-6
4.1.4 Making the user settings.................................................................................................................... 4-9
4.1.5 Setting the IC card information........................................................................................................ 4-10
4.2 TWAIN driver.................................................................................................................................. 4-12
Accessing from the TWAIN driver.................................................................................................... 4-12
bizhub C35 Contents-2

1 Security
1.1 Introduction
1
1 Security
1.1 Introduction
Thank you for purchasing our product.
This User's Guide contains the operating procedures and precautions to be used when using the security
functions offered by the bizhub C35 machine. To ensure the best possible performance and effective use of
the machine, read this manual thoroughly before using the security functions. The Administrator of the ma-
chine should keep this manual for ready reference. The manual should be of great help in finding solutions to
operating problems and questions.
This User's Guide (Ver. 1.00) describes bizhub C35 Multi Function Peripheral Control Software (Controller
Firmware: A12130G050105, Boot Control Section: A12199G0040000).
Compliance with the ISO15408 Standard

When the Enhanced Security Mode on this machine is set to [ON], more enhanced security functions are
available.
The security functions offered by the bizhub C35 machine comply with ISO/IEC15408 (level: EAL3).
Operating Precautions
The machine gives an alarm message or an alarm sound (peep) when a wrong operation is performed or a
wrong entry is made during operation of the machine. (No "peep" alarm sound is issued if a specific sound
setting in Sound Setting of Accessibility Setting is set to [No].) If the alarm message or alarm sound is given,
perform the correct operation or make the correct entry according to the instructions given by the message
or other means.
The Administrator of the machine should not leave the machine with the setting screen left displayed after
the access to that mode is completed or in the middle of the mode. If it is absolutely necessary to leave the
machine, the Administrator of the machine should log off from the mode.
The Administrator of the machine should make sure that each individual general user logs off from the current
mode whenever the access to that mode is completed or if the user leaves the machine in the middle of the
mode with the mode screen left displayed.
To prevent settings of the machine from being duplicated, the Administrator of the machine should not at-
tempt to change the settings in a condition of having logged onto a mode simultaneously from the control
panel and the client PC.
bizhub C35 1-2

1.1 Introduction
1
INSTALLATION CHECKLIST
This Installation Checklist contains items that are to be check by the Service Engineer installing this machine.
The Service Engineer should check the following items, then explain each checked item to the Administrator
of the machine.
To Service Engineer
Make sure that each of these items is properly carried out by checking the box on the right of each item.
1. Perform the following steps before installing this machine. Completed

Check with the Administrator to determine if the security functions of this machine
should be enhanced. If the functions should be enhanced, check the following.
If the security functions are not to be enhanced, quit the operation without checking
the following.
I swear that I would never disclose information as it relates to the settings of this ma-
chine to anybody, or perform malicious or intentional act during setup and service
procedures for the machine.
When giving the User’s Guide Security Operations to the Administrator of the ma-
chine, check that the User’s Guide is the security-compatible version and explain to
the Administrator that it is security-compatible.
2. After this machine is installed, refer to the Service Manual and perform the following
steps.
Set the CE Password.
Check that the Firmware version and revision of "Controller" and "Boot" checked
with the Service Manual match the values shown in the Firmware Version screen.
If there is a mismatch in the Firmware version and revision, explain to the Adminis-
trator of the machine that upgrading of the Firmware is necessary and perform up-
grading of the Firmware.
3. After this machine is installed, refer to this User’s Guide and perform the following
steps.
Check that the Administrator Password has been set by the Administrator of the ma-
chine.
Check that User Authentication has been set to [Device] or [External Server] (Active
Directory only) by the Administrator of the machine.
Check that the self-signed certificate for SSL communications has been registered
by the Administrator of the machine.
Check that Password Rules has been set to [ON] by the Administrator of the ma-
chine.
Let the Administrator of the machine set Enhanced Security Mode to [ON].
The languages, in which the contents of the User’s Guide Security Operations have
been evaluated, are Japanese and English.
Explain the way how to get the manual in the language, in which it is evaluated.
Explain to the administrator that the settings for the security functions for this ma-
chine have been specified.
When the above steps have been properly carried out, the Service Engineer should make a copy of this page
and give the original of this page to the Administrator of the machine. The copy should be kept at the corre-
sponding Service Representative for filing.
Product Name Company Name User Division Name Person in charge

Customer (Administrator of Machine)
Service Representative -
bizhub C35 1-3

1.2 Security Functions
1
1.2 Security Functions
Setting the Enhanced Security Mode to [ON] will validate the security function of this machine. For details of
the settings of different security functions to be changed by turning [ON] the Enhanced Security Mode, see
page 2-5.
Setting the Enhanced Security Mode to [ON] will enhance the authentication function. Access control is then
provided through password authentication for any access to the Admin Settings, User Authentication mode,
and Secured Job file. Access is thereby granted only to the authenticated user.
A password that can be set must meet the requirements of the Password Rules. The machine does not ac-
cept setting of an easily decipherable password. For details of the Password Rules, see page 1-8.
If a wrong password has been entered three cumulative times during password authentication, the machine
determines that it is unauthorized access through Prohibited Functions When Authentication Error, prohibit-
ing any further entry of the password. By prohibiting the password entry operation, the machine prevents un-
authorized use or removal of data, thereby ensuring secured used of the machine. This function is not,
however, governed by authentication by the ISO15408.
When the machine is to be discarded, or use of a leased machine is terminated at the end of the leasing con-
tract, the data erase function overwrites and erases all data stored in all spaces of the HDD and SSD. The
function also resets all passwords saved in the NVRAM to factory settings, preventing leak of data. For details
of items to be cleared by data erase function, see page 1-10.
Check Count Clear Conditions

The following are the conditions for clearing or resetting the check count of the number of wrong entries at
the time of authentication.
NOTICE
The check count is cleared or reset by restarting the machine. If there is any user who frequently turns ON
and OFF the machine, warn him or her of the fact or take necessary steps.
<Admin Settings>
- Authentication of Admin Settings is successful.
- The machine is restarted
<User Authentication Mode>
- User Authentication mode is successful.
<Secured Job>
- Authentication of Secured Job is successful.
<SNMP Password (auth-password, priv-password)>
- Authentication of SNMP is successful.
bizhub C35 1-4

1.3 Data to be Protected
1
1.3 Data to be Protected
The underlying concept of this machine toward security is "to protect data that can be disclosed against the
intention of users."
The following types of image files that have been stored in the machine and made available for use by its
users are protected while the machine is being used.
- Image files stored in the HDD by Secured Job
- Image files stored as "Personal" in the HDD by Scan to HDD
- Image files stored in the HDD by ID & Print
The following data are also counted among the assets to be protected:
- Password
– User passwords and Secured Job passwords stored in the HDD and Administrator passwords and
SNMP passwords stored in the NVRAM
- User identification information
– User identification information stored in the HDD
- IC card information
– User IC card information stored in the HDD
- Trusted channel setting data
– Trusted channel setting data stored in the NVRAM
- External server identification setting data
– External server identification setting data stored in the HDD
The following types of data stored in the HDD, SSD, and NVRAM are protected when use of a leased machine
is terminated at the end of the leasing contract, the machine is to be discarded, or when the HDD is stolen.
- Image files stored in the HDD by Secured Job
- Image files stored as "Personal" in the HDD by Scan to HDD
- Image files stored in the HDD by ID & Print
- Image files of a job in the queue
- Any image files stored in the HDD data space and SSD data space other than the Secured Job files,
files stored as "Personal" by Scan to HDD, and ID & Print files.
- Data files left in the HDD data space and SSD data space, used as image files and not deleted through
the general deletion operation
- Temporary data files generated during print image file processing
- Destination recipient data (e-mail address, telephone number)
- Administrator passwords, SNMP passwords, trusted channel setting data, and machine setting data
stored in the NVRAM
- User identification information, user IC card information, User passwords, Secured Job passwords, and
external server identification setting data stored in the HDD
This machine offers the SSL function as a data protection method to ensure confidentiality of images (Scan
to HDD files) transmitted and received over the network.
When transmitting and receiving highly confidential image data (Secured Job files, Scan to HDD files, ID &
Print files) among different pieces of IT equipment within an office LAN, the machine carries out communica-
tions with the correct destination via reliable paths or through anti-sniffing measures, assuming an office en-
vironment that responds to most stringent security requirements.
NOTICE
Secured Job files and ID & Print files transmitted from the client PC to the machine are not encrypted. To
protect the Secured Job files and ID & Print files, take necessary anti-sniffing measures, including installation
of cryptographic communications equipment or a sniffing detector.
If the HDD is stolen, data is protected by the HDD encryption function, however, the HDD encryption function
is not governed by authentication by the ISO15408.
bizhub C35 1-5

1.4 Precautions for Operation Control
1
This machine and the data handled by this machine should be used in an office environment that meets the
following conditions.
Roles and Requirements of the Administrator

The Administrator should take full responsibility for controlling the machine, thereby ensuring that no improp-
er operations are performed.
<To Achieve Effective Security>
- A single individual person who is capable of taking full responsibility for controlling the machine should
be appointed as the Administrator to make sure that no improper operations are performed.
- When using an SMTP server (mail server) or an DNS server, each server should be appropriately man-
aged by the Administrator and should be periodically checked to confirm that settings have not been
changed without permission.
Password Usage Requirements

The Administrator must control the Administrator Password, auth-password, and priv-password appropriate-
ly so that they may not be leaked. These passwords should not be ones that can be easily guessed. The user,
on the other hand, should control the Secured Job Password and User Password appropriately so that they
may not be leaked. Again, these passwords should not be ones that can be easily guessed.
- Make absolutely sure that only the Administrator knows the Administrator Password, auth-password,
and priv-password.
- The Administrator must change the Administrator Password, auth-password, and priv-password at
regular intervals.
- The Administrator should make sure that any number that can easily be guessed from birthdays, em-
ployee identification numbers, and the like is not set for the Administrator Password, auth-password,
and priv-password.
- If a User Password has been changed, the Administrator should have the corresponding user change
the password as soon as possible.
- If the Administrator Password has been changed by the Service Engineer, the Administrator should
change the Administrator Password as soon as possible.
- The Administrator should have users ensure that the passwords set for the User Authentication and Se-
cured Job are known only by the user concerned.
- The Administrator should have users change the passwords set for the User Authentication at regular
intervals.
- The Administrator should make sure that any user does not set any number that can easily be guessed
from birthdays, employee identification numbers, and the like for the passwords set for the User Au-
thentication and Secured Job.
- Upon change of the Administrators, the old Administrator of the machine should promptly have the new
one change the Administrator password.
Network Connection Requirements for the Machine

If the LAN is to be connected to an outside network, no unauthorized attempt to establish connection from
the external network should be permitted.
- If the LAN, in which the machine is installed, is connected to an outside network, install a firewall or
similar network device to block any access to the machine from the outside network and make the nec-
essary settings.
- Provide an appropriate network control at all times to make sure that no other copying machine is con-
nected without prior notice to the office LAN to which this machine is connected.
User information control system control requirements

The administrator of the machine and the server administrator are required to apply patches to, or perform
account control for, this machine and the user information control system connected to the office LAN in
which the machine is installed to ensure operation control that achieves appropriate access control.
bizhub C35 1-6

1
- Apply patches so that the user information management system is always up-to-date.
- Change the corresponding account information promptly as soon as user authorities are changed.
- Delete the corresponding account information promptly as soon as the specific user is transferred.
Security function operation setting operating requirements

The Administrator should make sure of correct operation control so that the machine is used with the En-
hanced Security Mode set to [ON].
Operation and control of the machine

The Administrator of the machine should perform the following operation control.
- The Administrator of the machine should log off from the Admin Settings whenever the operation in the
Admin Settings is completed. The Administrator of the machine should also make sure that each indi-
vidual user logs off from the User Authentication mode after the operation in the User Authentication
mode is completed, including operation of the Secured Job file.
Machine Maintenance Control

The Administrator of the machine should perform the following maintenance control activities.
- Provide adequate control over the machine to ensure that only the Service Engineer is able to perform
physical service operations on the machine.
- Provide adequate control over the machine to ensure that any physical service operations performed
on the machine by the Service Engineer are overseen by the Administrator of the machine.
Operating conditions for the IC card and IC card reader

The machine supports the following types of IC card and IC card reader.
IC card type IC card reader

Type A AU-201
Felica IDm AU-201
HID Prox AU-201H (North America only)
Operate the IC card reader under the following conditions.

- Be sure to use the IC card reader provided by the Service Representative. For details, contact your Ser-
vice Representative.
- To use the IC card reader, it is necessary to install the loadable driver in the machine. For details, con-
tact your Service Representative.
- Only one IC card reader can be connected to the machine.
- No guarantee is given for correct operation, if the IC card reader is not connected to the machine when
the machine is turned ON or if it is removed and reinserted with the machine turned ON.
- Even if the IC card reader supports two or more types of IC cards, only one type of IC card can be used
for authentication. No guarantee is given for correct operation, if authentication is performed by using
two or more types of IC cards.
- No guarantee is given for correct operation in authentication with two or more types of IC cards simul-
taneously read by the IC card reader.
IC card owner requirements

The Administrator of the machine should make sure that operating rules that specify the following operations
exist within the organization and that the operations are implemented according to the rules.
- The person responsible within the organization that uses the machine should distribute the IC card is-
sued for use by the organization to a specific person who is authorized to own the IC card.
- The person responsible within the organization that uses the machine should prohibit the user from
transferring or lending the IC card to any third person and make sure that the user reports any lost IC
card.
bizhub C35 1-7

1.5 Miscellaneous
1
1.5 Miscellaneous
Password Rules
According to certain Password Rules, registration of a password consisting of a string of a single character
or change of a password to one consisting of a string of a single character is rejected for the Administrator
Password, User Password, Secured Job Password, and SNMP Password. For the Administrator Password,
User Password, and SNMP Password, the same password as that currently set is not accepted.
Study the following table for more details of the number of digits and characters that can be used for each
password.
NOTICE
Before setting the Enhanced Security Mode, be sure to enable the Password Rules. The Password Rules can
be turned on by selecting [ON] for [Password Rules] that can be accessed from the control panel as follows:
[Utility/Counter] ö [Admin Settings] ö [↓] ö [Security Settings] ö [Security Details].
Types of passwords No. of digits Characters

User Password 8 digits or more • Numeric characters: 0 to 9
• Alpha characters: upper and lower case letters
• Symbols: !, #, $, %, &, ', (, ), *, ,, -, ., /, :, ;, <, =, >,
?, @, [, \, ], ^, _, `, {, |, }, ~, +
Selectable from among a total of 93 characters
Administrator Password 8 digits • Numeric characters: 0 to 9
• Symbols: !, #, $, %, &, ', (, ), *, ,, -, ., /, :, ;, <, =, >,
?, @, [, \, ], ^, _, `, {, |, }, ~, +, SPACE
Secured Job Password 8 digits • Numeric characters: 0 to 9
• Symbols: !, #, $, %, &, ', (, ), *, ,, -, ., /, :, ;, <, =, >,
?, @, [, \, ], ^, _, `, {, |, }, ~, SPACE
SNMP Password 8 digits or more • Numeric characters: 0 to 9
• auth-password • Alpha characters: upper and lower case letters
• priv-password • Symbols: !, $, %, &, (, ), *, ,, -, ., /, :, ;, <, =, >, ?, @,
[, ], ^, _, `, {, |, }, ~, +
Precautions for Use of Various Types of Applications

Comply with the following requirements when using various types of applications.
- When PageScope Web Connection or an application of various other types is used, the password con-
trol function of the application stores the password that has been entered in your PC. If you want the
password not stored, disable the password control function of the application.
When using the PageScope Web Connection or an application of various other types, use one that
shows "*" or "●" for the password entered. Do not use a function, if any, that directly shows on the
screen the password entered.
- Internet Explorer or other type of web browser, "SSL v3" or "TLS v1" should be used, not "SSL v2," for
the SSL setting.
- PageScope Direct Print cannot be used if the Enhanced Security Mode is set to [ON].
bizhub C35 1-8

1.5 Miscellaneous
1
Encrypting communications
The following are the cryptographic algorithms of key exchange and communications encryption systems
supported in generation of encryption keys.
- TLS_RSA_WITH_RC4_128_MD5
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA
NOTICE
No algorithms can be selected during generation of encryption keys. SSL v3 is automatically selected for the
SSL setting according to the application and browser. Do not therefore change the setting manually to SSL
v2.
Use the following browsers to ensure SSL encryption communication with appropriate strength. Use of any
of the following browsers achieves SSL encryption communication that ensures confidentiality of the image
data transmitted and received.
Windows 2000, XP, Server2003, Vista, Server2008
- Recommended is Microsoft "Internet Explorer 6" or later.
- Recommended is Mozilla Firefox 2.0 or later.
Macintosh MacOS X
Linux
IPP printing
IPP (Internet Printing Protocol) is a function that allows Secured Job and image data stored in HDD to be
printed via the Internet by using the HTTP (HyperText Transfer Protocol) of the TCP/IP Protocol. IPPS (IPP
over SSL/TLS) is the type of IPP that performs the SSL encryption communication.
<Installing printer driver>
To perform IPP printing, the printer driver must be installed. From "Add Printer Wizard," select "Connect to
a printer on the Internet or on a home or office network" and type the URL of this machine in the following
format in the "URL" field. The printer, for which the settings have been made, can be used in the same manner
as the ordinary local printer.
http:// <IP address of this machine> /ipp
E.g.: If the machine IP address is 192.168.1.20
Type http://192.168.1.20/ipp
To set IPPS printing:
Type https:// <IP address of the machine> /ipp.
<Registering the certificate in Windows Vista/Server2008>

Windows Vista/Server2008, which offers enhanced security functions, gives a certificate error message if the
SSL certificate is one that is not issued by a certification body. In such cases, it becomes necessary to reg-
ister with Windows Vista the certificate of this machine as that issued by a reliable party for the computer
account.
First, register Host Name and IP address of this machine in the DNS server in advance. Then, in [TCP/IP Set-
tings] of PageScope Web Connection, set the DNS Host Name and DNS Default Domain Name registered
with the DNS server.
It should also be noted that, for the certificate to be imported, a certificate for SSL encryption communication
should be registered in PageScope Web Connection and exported in advance as the certificate including the
public key.
1 From "Continue to this website" call the PageScope Web Connection window to the screen.
2 Click "Certificate Error" to display the certificate. Then, click "Install Certificate" to install the certificate.
3 Display the physical stores. Then, deploy the certificate, which has earlier been exported, in "Local
Computer" of "Trusted Root Certification Authorities" to thereby import the certificate.
bizhub C35 1-9

1.5 Miscellaneous
1
<IPPS printing settings in Windows Vista/Server2008>
Through additional printer setting, type "https://Host Name.Domain Name/ipp."
For [Host Name] and [Domain Name], specify the names set with the DNS server.
Items of Data Cleared by Data Erase Function

The data erase function clears the following items of data.
Items of Data Cleared Description Method

Enhanced Security Mode Set to [OFF] Overwrite All Data
SSD Low-level Format
Restore All
User registration data Deletes all user-related data that has been Overwrite All Data
registered
Secured Job Password/file Deletes all Secured Job-related informa- Overwrite All Data
tion and files saved
Scan to HDD file Deletes all files stored as "Personal" by Overwrite All Data
Scan to HDD
ID & Print file Deletes all ID & Print files Overwrite All Data
Image files • Image files saved other than the Se- Overwrite All Data
cured Job files, files stored as "Person- SSD Low-level Format
al" by Scan to HDD, and ID & Print files
• Image files of jobs in job queue state
• Remainder data files, used as image
files and not deleted through only the
general deletion operation
• Temporary data files generated during
print image file processing
Destination recipient data Deletes all destination recipient data in- SSD Low-level Format
files cluding e-mail addresses and telephone
numbers
Administrator Password Clears the currently set password, reset- Restore All
ting it to the factory setting
SNMP Password Clears the currently set password, reset- Restore All
ting it to the factory setting (MAC address)
SSL certificate Deletes the currently set SSL certificate Overwrite All Data
SSD Low-level Format
Restore All
Network Setting Clears the currently set network settings Restore All
(DNS Server setting, IP Address setting,
SMTP Server setting, NetWare Setting,
NetBIOS setting and AppleTalk Printer
Name setting), resetting it to the factory
setting
Machine setting data Deletes the machine setting data Restore All
Trusted channel setting data Deletes the trusted channel setting data Restore All
External server identification Deletes the external server identification Overwrite All Data
setting data setting data
bizhub C35 1-10

1.5 Miscellaneous
1
HDD Format
Execute HDD format when, for example, to initialize the HDD (to be reset to the default state) or when the
HDD is replaced with a referent one. Executing HDD format deletes data saved in the machine’s HDD. Dif-
ferent types of data are deleted depending on the type of Format.
- Executing [User Area Only] deletes the Secured Job file and ID & Print file.
- Executing [User Area (Scan)] deletes the registered user information and Scan to HDD files.
- Executing [All] formats all areas in the HDD, deleting all data saved. In addition, the formatting turns
[OFF] the Enhanced Security Mode. So, it must be turned [ON] again. For details of settings, see
page 2-5.
Upgrading of the firmware

If upgrading of the firmware has been performed by the service engineer, the Administrator of the machine
must execute [Restore All]. Execute [Restore All] after the firmware has been upgraded. For details of the ex-
ecution of [Restore All], see page 2-26.
- For details of items of data to be cleared by [Restore All], see page 1-10.
- The execution of [Restore All] will turn [OFF] the Enhanced Security Mode. So, it must be turned [ON]
again. For details of settings, see page 2-5.
bizhub C35 1-11

2.1 Accessing the Admin Settings
2

This machine implements authentication of the user of the Admin Settings function through the 8-digit Ad-
ministrator Password that verifies the identity as the Administrator of the person who accesses the function.
During the authentication procedure, the Administrator Password entered for the authentication purpose ap-
pears as "*" or "●" on the display. A failure in authentication as a result of the entry of a wrong password is
counted as unauthorized access.
NOTICE
Make sure that none of the general users of the machine will know the Administrator Password.
If the Administrator Password is forgotten, it must be set again by the Service Engineer. Contact your Service
Representative.
Accessing the Admin Settings

The machine does not accept access to the Admin Settings under any of the following conditions. Wait for
some while before attempting to gain access to the Admin Settings again.
- There is a job being executed by the machine.
- There is a reserved job (timer TX, fax redial waiting, etc.) in the machine.
- Immediately after the power switch has been turned ON.
- A malfunction code is displayed on the machine.
<From the Control Panel>
0 Do not leave the machine with the setting screen of Admin Settings left shown on the display. If it is
absolutely necessary to leave the machine, be sure first to log off from the Admin Settings.
1 Press the [Utility/Counter] key.
2 Touch [↓].
3 Touch [Admin Settings].
bizhub C35 2-2

2
4 Enter the 8-digit Administrator Password from the keyboard or keypad.
% Press the [C] key to clear all characters.

% Touch [Delete] to delete the last character entered.
% Touch [↑] to show the upper case screen.
% Touch [!#?/] to show the symbol screen.
5 Touch [OK].
% If a wrong Administrator Password is entered, a message that tells that the authentication has failed
appears. Enter the correct Administrator Password.
% A failure in authentication as a result of the entry of a wrong password is counted as unauthorized
access. If the cumulative number of unauthorized accesses reaches three during operation of the
machine, the machine is set into an access lock state and prohibits any subsequent password entry
operations. To cancel the access lock state, turn off, then on, the power switch of the machine.
When the power switch is turned off, then on again, wait at least 10 seconds to turn it on after turn-
ing it off. This interval is necessary to ensure that the machine functions properly.
6 Press the [Reset] key to log off from the Admin Settings.
bizhub C35 2-3

2
<From PageScope Web Connection>
0 If an attempt is made to log on to the Admin Mode while a job is being executed, the machine gives a
message that tells that it is now impossible to log on to the Admin Mode. Click [OK] and try logging on
to the Admin Mode after the execution of the job is completed.
0 Do not leave the machine with the Admin Mode setting screen left shown on the display. If it is abso-
lutely necessary to leave the machine, be sure first to log off from the Admin Mode.
1 Start the Web browser.
2 Enter the IP address of the machine in the address bar.
3 Press the [Enter] key to start PageScope Web Connection.
4 Click the Administrator radio button and [Log in].
5 Enter the 8-digit Administrator Password in the password box.
% When accessing the Admin Mode using the PageScope Web Connection, enter the same Adminis-
trator Password as that for the machine.
6 Click [OK].
% If a wrong Administrator Password is entered, a message that tells that the authentication has failed
appears. Enter the correct Administrator Password.
7 Click [Log out]. This allows you to log off from the Admin Mode.
bizhub C35 2-4

2.2 Enhancing the Security Function
2
When access to the machine by the Administrator of the machine through the Admin Settings from the control
panel is authenticated, the machine enables setting of the Enhanced Security Mode that allows settings for
enhancing each of different security functions to be converted all at once.
In the Enhanced Security Mode, the machine allows selection of whether to use the Enhanced Security Mode
or not. When the Enhanced Security Mode is set to [ON], the security function is enhanced by automatically
setting such functions as that which determines whether each password meets predetermined requirements.
The following settings must first be made before the Enhanced Security Mode is set to [ON].
Settings to be Made in Advance Description

Administrator Password An 8-digit password that meets the Password Rules.
The factory setting is "12345678."
User Authentication Set to either [Device] or [External Server] (Active Directory).
Certificate for SSL Register the self-signed certificate for SSL communications.
Password Rules Set to [ON].
Setting the Enhanced Security Mode to [ON] changes the setting values of the following functions.
Function Name Factory Setting When Enhanced Security Mode is set to [ON]
Public Access Restrict Restrict (not to be changed)
User List Display Setting OFF OFF (not to be changed)
SSL OFF ON (not to be changed)
SSL Encryption Strength AES-256, 3DES, AES-256, 3DES (not to be changed to one containing
RC4-128, strength lower than AES/3DES)
DES, RC4-40
FTP Server Enable Selection can be made between [Enable] and [Disable]
SNMPv1/v2c Read/Write en- Only Read is enabled (not to be changed)
abled
SNMP v3 Security Level auth-password/ The security level can be selected from among [auth-
and auth-password/priv- priv-password password] or [auth-password/priv-password].
password An 8-digit-or-more auth-password or priv-password
(SNMP v3 Write User) can both be set.
Administrator Password Enabled Restrict
Change Via Network
(Pagescope Web Con-
nection)
Network firmware update Invalid Valid
protect
CS Remote Care Usable Remote device setting disabled
Telnet Enable Disable (not to be changed)
NOTICE
When Password Rules is set to [ON] the characters and the number of digits used for each password are
restricted. For details of the Password Rules, see page 1-8.
Turning ON the Enhanced Security Mode does not enable the ID & Print function. Enable the function man-
ually to protect image files. For details of the ID & Print function, see page 2-12.
bizhub C35 2-5

2
The Enhanced Security Mode is set to [OFF], if the Administrator of the machine executes any of the following
functions. Set the Enhanced Security Mode to [ON] again.
- [All] is executed of [HDD Format].
- [Overwrite All Data] is executed.
- [SSD Low-level Format] is executed.
- [Restore All] is executed.
- [Restore Network] is executed.
- [Restore System] is executed.
bizhub C35 2-6

2
Setting the Enhanced Security Mode
0 For the procedure to call the Admin Settings on the display, see page 2-2.
0 The Enhanced Security Mode is factory-set to [OFF]. Be sure to turn [ON] the Enhanced Security Mode
so as to enable the security function of the machine.
1 Call the Admin Settings on the display from the control panel.
2 Touch [↓].
3 Touch [Security Settings].
4 Touch [Enhanced Security Mode].
5 Select [ON] to enable the Enhanced Security Mode and touch [OK].
Touch [OK], then the machine restarts automatically.
bizhub C35 2-7

2
% [ON] can be selected only if the Administrator of the machine has made the necessary settings be-
forehand. For details of the necessary settings, see page 2-5.
% If the Enhanced Security Mode is properly set to [ON], a key icon appears at the portion enclosed
by a red frame of the screen, indicating that the machine is in the Enhanced Security Mode.
bizhub C35 2-8

2.3 Setting the Authentication Method
2
When access to the machine by the Administrator of the machine through the Admin Settings is authenticat-
ed, the machine enables setting of the authentication method for User Authentication.
The User Authentication method may be [Device] that uses the authentication system the machine has, [Ex-
ternal Server] that uses a user information control system of the external server, or [Off]. If the Enhanced Se-
curity Mode is set to [ON], the authentication method should be operated by either [Device] or [External
Server] (Active Directory).
If [Device] is selected, the IC card function can be set. The IC card function uses an IC card reader connected
to the machine and reads the IC card with the IC card reader to perform user authentication.
NOTICE
If [External Server] is selected for the authentication method, be sure to select [Active Directory] in the Exter-
nal Server Settings.
Setting the Authentication Method

0 For the procedure to access the Admin Mode, see page 2-2.
1 Start PageScope Web Connection and access the Admin Mode.
2 Click the [Security] tab.
bizhub C35 2-9

2
3 Select [Device] or [External Server] from the User Authentication pull-down menu.
If [Device] is selected, perform steps 4 through 5.
If [External Server] is selected, perform steps 6 through 10.
4 If [Device] is selected, click [General Settings] from the [Authentication Device Settings] menu and set
[Authentication Type] and [IC Card Type].
Authentication Method Description

None Uses no IC card for user authentication; a user name and a user
password are to be entered for authentication.
Card Authentication Uses an IC card for authentication, in addition to that based on entry
of a user name and a user password.
Card Authentication Uses an IC card placed on the IC card reader and entry of a user
+ Password password for authentication, in addition to that based on entry of a
user name and a user password.
% If the IC card function is to be used, it is necessary to register user IC card information in the ma-
chine. For details, see page 2-18.
5 Click [Apply].
bizhub C35 2-10

2
6 If [External Server] is selected, click [External Server List] from [Authentication] menu.
7 Click [Edit].
8 Select [Active Directory] and click [Next].
9 Make the necessary settings.
10 Click [Apply].
bizhub C35 2-11

2.4 ID & Print Setting Function
2
2.4 ID & Print Setting Function
ed, the machine enables setting of the operation of the ID & Print function.
The ID & Print function temporarily stores print data transmitted from the PC in the HDD of the machine and,
after user authentication is successful in this machine, automatically prints the print data of the user in ques-
tion.
NOTICE
The Administrator must first make User Authentication settings before setting the ID & Print function. For de-
tails of the User Authentication, see page 2-9.
Setting the ID & Print

2 Click the [Security] tab and [ID & Print Settings].
3 Select [Enable] from the pull-down menu of [ID & Print].
% If [Enable] is set, the document is stored as ID & Print file even if [Print] is selected on the printer
driver side.
% Even if [Disable] is set, the document is stored as ID & Print file if [ID & Print] is selected on the printer
driver side.
4 Click [Apply].
bizhub C35 2-12

2.5 Auto Reset Function
2
panel is authenticated, the machine enables setting of the operation of the Auto Reset function.
If no operations are performed for a predetermined period of time during access to the Admin Settings or
user mode (during setting of User Authentication) from the control panel, the Auto Reset function automati-
cally causes the user to log off from the mode.
The predetermined period of time, after which the Auto Reset function is activated, can be selected from
among nine values between 1 min. and 9 min. Auto Reset can also be set to [OFF]. If no operations are per-
formed for 1 min. even with Auto Reset set to [OFF], the function causes the user to log off from the mode
automatically.
Reference
- Processing of a specific job, however, takes precedence over the Auto Reset function. That is, even if
a predetermined period of time elapses during which no operations are performed, once the processing
of the specific job has been started, the Auto Reset function does not cause the user to log off from the
mode. The user logs off from the mode after the lapse of a predetermined period of time after the pro-
cessing of the specific job is completed.
Setting the Auto Reset function

2 Touch [Machine Settings].
3 Touch [↓].
4 Touch [Auto Reset Settings].
bizhub C35 2-13

2
5 Touch [Enable].
6 Select [ON] and touch [OK].
% If no operations are performed for 1 min. even with Auto Reset set to [OFF], the function is activated
to cause the user to log off from the mode automatically.
7 Touch [Auto Reset].
bizhub C35 2-14

2
8 Enter the period of time (1 min. to 9 min.) after which Auto Reset is activated using [-]/[+] key.
% The time for Auto Reset can be set to a value between 1 min. and 9 min., variable in 1-min. incre-
ments.
9 Touch [OK].
bizhub C35 2-15

2.6 User Setting Function
2
ed, the machine enables registration of the users who can use the machine. It also enables operations for
deleting a user and changing a User Password.
User Registration allows the User Name, User Password, and other user information to be registered for en-
abling access to, or operation of, the machine. Up to 1,000 different users can be registered. User Registra-
tion allows identification and authentication of each individual user, thereby preventing unauthorized use of
the machine. A User Password may consist of 8 to 64 digits. The password entered is displayed as "*" or "●."
Reference
- If [External Server] (Active Directory) is set for the authentication method, it is not possible to make user
registration or change a User Password from PageScope Web Connection. To register or change a us-
er, make the settings on the server side. If PageScope Data Administrator is used for registering user
information, however, the user name must match that registered in the External Server. Further, a User
Password can be set, but is not to be used for authentication.
- If [External Server] (Active Directory) is set for the authentication method and if a user not registered
with this machine is authenticated through user authentication, that particular user name is automati-
cally registered in the machine.
- If [External Server] (Active Directory) is set for the authentication method and if a user registered with
this machine is authenticated through user authentication, that particular user name, along with the Ex-
ternal Server name, is automatically registered in the machine. No two User Names registered in an Ex-
ternal Server may be alike.
- If the user authentication method is changed between [Device] and [External Server], the user informa-
tion registered under the previous authentication method cannot be used under the new authentication
method. Set the user information again after the user authentication method is changed.
- To change a user name from the external server side when [External Server] (Active Directory) is set for
the authentication method, first delete the user whose name is to be changed from the machine.
- If a user name is changed when [Device] is set for the authentication method, the image file owned by
the user in question before the change are deleted.
- If authentication is implemented using two or more external servers, make sure that the user name reg-
istered in each of the different servers remains the same.
- If [External Server] (Active Directory) is set for the authentication method and if the External Server is
deleted, the following user registration information and data as they relate to the server will be deleted.
– User name, user password
– Scan to HDD files, Secured Job files, and ID & Print files owned by the user
Making user setting

0 If a user has been registered, promptly notify the user in question of the registration and have him or
her change the password.
2 Click the [Security] tab and [User List].
bizhub C35 2-16

2
3 Click [New Registration].
% To change a User Password, click [Edit] and select the "Change Password" check box. Then, enter
the new User Password.
% A User Name that already exists cannot be redundantly registered.

% Click [Cancel] to go back to the previous screen.
5 Click [Apply].
% If the entered User Password does not meet the requirements of the Password Rules, a message
that tells that the entered User Password cannot be used appears. Enter the correct User Password.
For details of the Password Rules, see page 1-8.
6 Check the message that tells that the setting has been completed. Then, click [OK].
% To delete a previously registered user, click [Delete] in step 3. Check the contents of registration on
the confirmation screen and click [OK] if the user is to be deleted. If a user is deleted, the image files
owned by that specific user are deleted.
bizhub C35 2-17

2.7 IC card information Setting Function
2
ed, the machine enables setting of the operation of the IC card information.
The machine allows authentication using an IC card, in addition to that based on entry of a user name and a
user password. To use the IC card function, it is necessary to register user IC card information in the machine.
Any user whose IC card information has been registered can log onto the machine through user authentica-
tion using the IC card.
There is a choice of either of the following two methods for registering the IC card information.
- Connect the IC card reader to the machine and register information directly in the machine.
- Connect the IC card reader to the PC of the Administrator of the machine and register information by
using PageScope Data Administrator.
For details of how to register information by using PageScope Data Administrator, see page 4-10.
NOTICE
The Administrator must first make User Authentication and Authentication Device settings before registering
the IC card information. For details of the User Authentication and Authentication Device settings, see
page 2-9.
Registering information from the control panel

2 Touch [Authentication Setting].
3 Touch [Card Authentication].
bizhub C35 2-18

2
4 Select the user name to be registered and touch [OK].
% Press [All] to display all users. Press [Search] to extract target users with search characters.
5 Touch [Edit].
% Touch [Edit] also if the IC card information which has previously been registered is to be modified
or a card ID has been registered through [Input the card ID directly] of PageScope Data Administra-
tor.
% To delete a previously registered IC card information, touch [Delete]. Select [Yes] and touch [OK] on
the confirmation screen that will appear.
6 Place the IC card on the IC card reader and touch [OK].
7 Touch [Close].
bizhub C35 2-19

2.8 Changing the Administrator Password
2
panel is authenticated, the machine enables the operation of changing the Administrator Password required
for accessing the Admin Settings.
The Administrator Password entered for the authentication purpose appears as "*" on the display.
Changing the Administrator Password

0 For the procedure to call the Security Settings screen on the display, see steps 1 through 3 of page 2-7.
1 Call the Security Settings screen on the display from the control panel.
2 Touch [Administrator Password].
3 Touch the upper [Password].
4 Enter the new 8-digit Administrator Password from the keyboard or keypad.

bizhub C35 2-20

2
5 Touch [OK].
6 Touch the lower [Password].
7 To prevent entry of a wrong Administrator Password, enter the new 8-digit Administrator Password
once again.

8 Touch [OK].
% If the entered Administrator Password does not meet the requirements of the Password Rules, a
message that tells that the entered Administrator Password cannot be used appears. Enter the cor-
rect Administrator Password. For details of the Password Rules, see page 1-8.
% If the entered Administrator Password does not match, a message that tells that the Administrator
Password does not match appears. Enter the correct Administrator Password.
bizhub C35 2-21

2.9 Erasing data when the machine is to be discarded or use of a leased machine is terminated
2
2.9 Erasing data when the machine is to be discarded or use of a
leased machine is terminated
panel is authenticated, the machine enables setting of the operations of the Overwrite All Data, SSD Low-
level Format, and Restore All functions.
When the machine is to be discarded or use of a leased machine is terminated at the end of the leasing con-
tract, be sure to erase all data to prevent data left in the machine from leaking. Different methods of erase
apply depending on the data space. See the table below for more details.
Data space Erase method

HDD Overwrite All Data
SSD SSD Low-level Format
NVRAM Restore All
NOTICE
Perform erase operations for all of HDD, SSD, and NVRAM.
When erase operations are performed, make sure that the operation is normally terminated for data in each
of the three different data spaces. If an error occurs during execution of the erase operations, contact your
Service Representative for appropriate action.
The Enhanced Security Mode is set to [OFF], if Overwrite All Data, SSD Low-level Format, or Restore All is
executed.
2.9.1 Setting the Overwrite All Data

The HDD Overwrite Method offers the choice of eight different modes, [Mode 1] through [Mode 8]. Overwrite
All Data takes about less than one hour in [Mode 1] at the minimum and about 9 hours in [Mode 8] at the
maximum.
Mode Description
Mode 1 Overwrites once with "0x00".
Mode 2 Overwrites with "random numbers" ö "random numbers" ö "0x00".
Mode 3 Overwrites with "0x00" ö "0xff" ö "random numbers" ö verifies.
Mode 4 Overwrites with "random numbers" ö "0x00" ö "0xff".
Mode 5 Overwrites with "0x00" ö "0xff" ö "0x00" ö "0xff".
Mode 6 Overwrites with "0x00" ö "0xff" ö "0x00" ö "0xff" ö "0x00" ö "0xff" ö "random
numbers".
Mode 7 Overwrites with "0x00" ö "0xff" ö "0x00" ö "0xff" ö "0x00" ö "0xff" ö "0xaa".
Mode 8 Overwrites with "0x00" ö "0xff" ö "0x00" ö "0xff" ö "0x00" ö "0xff" ö "0xaa"
ö verifies.
0 For details of items that are cleared, see page 1-10.
bizhub C35 2-22

2
2 Touch [HDD Settings].
3 Touch [Overwrite All Data].
4 Touch [Mode].
5 Select the desired mode.
bizhub C35 2-23

2
6 Touch [OK].
7 Touch [Execute].
8 A confirmation message appears. Touch [OK].
% Do not turn off the power switch of the machine during execution of Overwrite All Data. If the power
switch is inadvertently turned off during the execution of Overwrite All Data and the machine, as a
result, fails to recognize the HDD or develops other fault, contact your Service Representative.
bizhub C35 2-24

2
2.9.2 Setting the SSD Low-level Format
Overwrite and erase is executed with a fixed value (0x00) for the SSD data space.
2 Touch [↓].
3 Touch [SSD Low-level Format].
% Do not turn off the power switch of the machine during execution of SSD Low-level Format. If the
power switch is inadvertently turned off during the execution of SSD Low-level Format and the ma-
chine, as a result, develops a fault, contact your Service Representative.
bizhub C35 2-25

2
2.9.3 Setting the Restore All
The NVRAM is initialized and reset to the default state.
2 Touch [↓].
3 Touch [Restore Defaults].
4 Touch [Restore All].
% Do not turn off the power switch of the machine during execution of Restore All. If the power switch
is inadvertently turned off during the execution of Restore All and the machine, as a result, develops
a fault, contact your Service Representative.
bizhub C35 2-26

2.10 SSL Setting Function
2
ed, the machine enables the setting of encryption of image data transmitted and received between the PC
and the machine.
2.10.1 Device Certificate Setting

0 The key length set for the public key of the server generated in SSL certificate setting is 1024 bits.
0 The Enhanced Security Mode is not turned [OFF] even if the validity of the certificate expires during the
Enhanced Security Mode. The Administrator of the machine should register a new certificate before the
validity of the old certificate expires.
2 Click the [Security] tab and [PKI Settings].
3 Click [New Registration].
4 Select [Create a Self-signed Certificate] and click [Next].
bizhub C35 2-27

2
% Settings are all cleared if [Apply] is clicked with data entered for each item not meeting the require-
ments.
6 Click [Apply].
The certificate can now be registered.
bizhub C35 2-28

2
2.10.2 SSL Setting
NOTICE
When making the SSL Setting, be sure to make sure in advance that the device certificate has been registered
in the machine. For the procedure to register the device certificate, see page 2-27.
2 Click the [Security] tab and [SSL/TLS Settings] from [PKI Settings] menu.
3 Set "Encryption Strength" and click [Apply].
% For encryption strength, select the strong "AES-256, 3DES."

% In the Enhanced Security Mode, the setting cannot be changed to one containing strength lower
than AES/3DES.
bizhub C35 2-29

2
2.10.3 Removing a Certificate
0 In the Enhanced Security Mode, no certificates can be removed.
2 Click the [Security] tab and [PKI Settings].
3 Click [Edit].
4 Select [Delete a Certificate] and click [Next].
bizhub C35 2-30

2
5 Click [OK].
bizhub C35 2-31

2.11 SNMP Setting Function
2
ed, the machine enables changing of the SNMP v3 Write User Password (auth-password, priv-password) re-
quired for accessing the MIB object over the network using the SNMP from the PC.
Each of the auth-password and priv-password can consist of 8 to 32 digits. The password entered for the
authentication purpose appears as "●" on the display.
2.11.1 Changing the auth-password and priv-password

2 Click the [Network] tab and [SNMP Settings].
3 Click the [Change Password] check box and enter the auth-password and priv-password in the boxes
marked by the rectangle, that is, the Write side SNMP v3 Setting.
% The default setting of auth-password and priv-password is the MAC address set in the machine.
4 Click [Apply].
% If the entered auth-password or priv-password does not meet the requirements of the Password
Rules, a message that tells that the entered auth-password or priv-password cannot be used ap-
pears. Enter the correct auth-password or priv-password. For details of the Password Rules, see
page 1-8.
bizhub C35 2-32

2
2.11.2 SNMP access authentication function
If the settings of the Administrator mode are to be changed using SNMP from the PC, the user attempting to
gain access is authenticated to be the Administrator of the machine by using the Write User Name and SNMP
Password (auth-password, priv-password) of the SNMP v3 Write settings made in this machine.
Operation of the network setting function and the SNMP password change function of the security control
functions that can be used over the network using SNMP is granted to the Administrator who is identified by
a matching SNMP password for the Write User Name.
Reference
- If [auth-password] has been selected for Security Level, hashing is used for the authentication informa-
tion (auth-password) to be transmitted. The machine allows you to select either HMAC-MD5 or HMAC-
SHA1 for hashing.
- If [auth-password/priv-password] has been selected for Security Level, the authentication information
(auth-password/priv-password) and data (object ID that specifies the object to be changed, value to be
set, etc.) to be transmitted are used for hashing and encryption. The machine allows you to select either
CBC-DES or CBC-AES for encryption.
- For accessing the MIB, use the MIB browser corresponding to the above encryption algorithm.
2.11.3 SNMP v3 setting function

The Administrator who has been authenticated through SNMP access authentication from the PC is allowed
to operate the SNMP password change function.
For the auth-password and priv-password, enter the password that meets the requirements of the Password
Rules. For details of the Password Rules, see page 1-8.
To change the setting, specify the corresponding object ID. See the table below for the setting items.
Setting Item Object ID

Write User Name 1.3.6.1.4.1.18334.1.1.2.1.5.6.4.2.1.2.2
auth-password 1.3.6.1.4.1.18334.1.1.2.1.5.6.4.2.1.3.2
priv-password 1.3.6.1.4.1.18334.1.1.2.1.5.6.4.2.1.4.2
Security Level 1.3.6.1.4.1.18334.1.1.2.1.5.6.4.2.1.5.2
2.11.4 SNMP network setting function

The Administrator who has been authenticated through SNMP access authentication from the PC is allowed
to operate the network setting function. To change the setting, specify the corresponding object ID. See the
table below for the setting items.
Setting Item Object ID

IP address setting IP Address 1.3.6.1.4.1.18334.1.1.2.1.5.7.1.1.1.3.1
BOOT Protocol use setting 1.3.6.1.4.1.18334.1.1.2.1.5.7.1.1.1.6.1
BOOT Protocol Type 1.3.6.1.4.1.18334.1.1.2.1.5.7.1.1.1.7.1
DNS server address setting 1.3.6.1.4.1.18334.1.1.2.1.5.7.1.2.1.3.1.1
SMTP server address setting 1.3.6.1.4.1.18334.1.1.2.1.5.7.13.1.1.3.1
NetWare setting Print Server Name 1.3.6.1.4.1.18334.1.1.2.1.5.8.3.1.3.1.1
Printer Name 1.3.6.1.4.1.18334.1.1.2.1.5.8.5.1.3.1.1
AppleTalk Printer Name Setting 1.3.6.1.4.1.18334.1.1.2.1.5.9.2.1.3.1.1
NetBIOS setting 1.3.6.1.4.1.18334.1.1.2.1.5.10.1.1.4.1
bizhub C35 2-33

2.12 Accessing the Scan to HDD file
2
ed, the machine enables controls of the Scan to HDD files.
Scan to HDD stores the image file scanned by the machine in the HDD together with user information. The
image file can be stored as "Public" or "Personal". The Administrator of the machine can access the machine
from the PC to view a list of image files stored in the HDD or back them up (or download them).
NOTICE
The image files stored as "Personal" are protected. The Administrator of the machine should instruct the user
to use "Personal" when saving highly confidential files.
Accessing the image file

0 Do not leave the machine with the setting screen of Admin Mode left shown on the display. If it is ab-
solutely necessary to leave the machine, be sure first to log off from the Admin Mode.
2 Click the [Storage] tab and click [View] of the User Name by which the desired document is stored.
3 A list appears showing image files saved in the HDD.

To back up (download) a file, click [Copy] of the file in question.
% If [Delete] is selected, a confirmation message appears. Click [OK] to delete the specified file.
bizhub C35 2-34

2
4 Select [Save] to back up (download) the image file in the PC.
% The backed up (downloaded) file is not deleted from the machine.
bizhub C35 2-35

2.13 TCP/IP Setting Function
2
2.13 TCP/IP Setting Function
ed, the machine enables setting of the IP Address and registration of the DNS Server.
2.13.1 Setting the IP Address

2 Touch [↓].
3 Touch [Ethernet].
4 Touch [TCP/IP].
5 Touch [IP Address].
6 Touch [Address] and set the IP Address.
7 Touch [OK].
8 Touch [OK] and touch [Close].

2 Click the [Network] tab and [IPv4 Settings] from [TCP/IP Settings] menu.
3 Clear the Auto IP check box.
4 Enter the IP Address in the IP Address box.

% If Auto IP is selected from the IP Address Setting Method in step 3, select the means with which to
acquire the IP Address automatically, including DHCP, BootP, ARP/PING, and Auto IP setting, and
click the check box.
5 Click [Apply].
2.13.2 Registering the DNS Server

2 Click the [Network] tab and [DNS Settings] from [TCP/IP Settings] menu.
3 Enter the address in the DNS Server box.
5 Click [Apply].
bizhub C35 2-36

2.14 NetWare Setting Function
2
2.14 NetWare Setting Function
ed, the machine enables registration as the Print Server.
Making the NetWare Setting

0 For the procedure to call the Ethernet screen on the display, see steps 1 through 3 of page 2-36.
1 Call the Ethernet screen on the display from the control panel.
2 Touch [Netware].
3 Touch [Enable] and touch [OK].
4 Touch [Close].

2 Click the [Network] tab and [Netware Settings].
4 Click [Apply].
bizhub C35 2-37

2.15 SMB Setting Function
2
2.15 SMB Setting Function
ed, the machine enables making of the SMB Settings.
Making the SMB Setting

2 Click the [Network] tab and [SMB Settings].
4 Click [Apply].
bizhub C35 2-38

2.16 AppleTalk Setting Function
2
2.16 AppleTalk Setting Function
ed, the machine enables making of the AppleTalk Settings.
Making the AppleTalk Setting

0 For the procedure to call the Ethernet screen on the display, see steps 1 through 3 of page 2-36.
1 Call the Ethernet screen on the display from the control panel.
2 Touch [AppleTalk].
4 Touch [Close].

2 Click the [Network] tab and [AppleTalk Settings].
4 Click [Apply].
bizhub C35 2-39

2.17 E-Mail Setting Function
2
2.17 E-Mail Setting Function
ed, the machine enables setting of the SMTP Server (E-Mail Server).
Setting the SMTP Server (E-Mail Server)

0 For the procedure to call the TCP/IP screen on the display, see steps 1 through 4 of page 2-36.
1 Call the TCP/IP screen on the display from the control panel.
2 Touch [↓].
3 Touch [SMTP].
5 Touch [Close].

2 Click the [Network] tab and [E-mail TX (SMTP)] from [E-mail Settings] menu.
4 Click [Apply].
bizhub C35 2-40

3 User Operations
3.1 User Authentication Function
3
3 User Operations

When [Device] or [External Server] (Active Directory) is set for Authentication Method of the Admin Settings,
the User Authentication function implements authentication of the user of this machine before he or she ac-
tually uses it through the User Password that consists of 8 to 64 digits. During the authentication procedure,
the User Password entered for the authentication purpose appears as "*" or "●" on the display. A failure in
authentication as a result of the entry of a wrong password is counted as unauthorized access.
The entry of a wrong password is counted as unauthorized access, even if it is not likely that the assets to be
protected will be affected during user authentication operations via application software. For detailed oper-
ating procedures, see the corresponding user’s guide.
NOTICE
Before operating the machine, the user him/herself should change the User Password from that registered
by the Administrator of the machine. For details of changing the User Password, see page 3-16. For more
details of User Name and User Password, ask the Administrator of the machine.
If the User Password is changed by the Administrator of the machine during operation of this machine, the
user him/herself should immediately change the User Password.
Make absolutely sure that your User Password is not known by any other users.
If the IC card function has been set by the Administrator of the machine, authentication using the IC card can
be performed, in addition to that based on entry of a user name and a user password.
Authentication Method Description

None Uses no IC card for user authentication; a user name and a user
password are to be entered for authentication.
Card Authentication Uses an IC card for authentication, in addition to that based on en-
try of a user name and a user password.
Card Authentication + Password Uses an IC card placed on the IC card reader and entry of a user
password for authentication, in addition to that based on entry of
a user name and a user password.
Reference
- If authentication is to be performed by using the IC card, the Administrator of the machine should set
the IC card function and information recorded on the IC card be registered in the machine in advance.
For more details, contact the Administrator of the machine.
- Authentication using the IC card is enabled only when [Device] is selected.
- Authentication using the IC card is disabled, if it is performed from a device other than this machine,
such as printing from PageScope Web Connection or printer driver.
bizhub C35 3-2

3
3.1.1 Performing user authentication (authentication through entry of the user
name and user password)
0 Do not leave the machine while you are in the user operation mode. If it is absolutely necessary to leave
the machine, be sure first to log off from the user operation mode.
0 If any User Name not registered with this machine is authenticated through User Authentication when
[External Server] (Active Directory) is set for Authentication Method, the User Name is automatically reg-
istered with this machine.
1 Touch [User Name].
% The screen as shown below appears if the ID & Print function has been set.
If the ID & Print function is yet to be set, [Begin Printing] and [Access Basic Screen] are not available
on the screen even with an ID & Print file is saved in the machine.
In this case, log onto the machine through the ordinary procedure, select the desired file from [ID &
Print] and have it printed. For details of how to access the ID & Print file, see page 3-14.
2 Touch [Direct Input].
bizhub C35 3-3

3
3 Enter the User Name from the keyboard or keypad.

4 Touch [OK].
5 Touch [OK].
6 Touch [Password].
bizhub C35 3-4

3
7 Enter the 8-to-64-digit User Password from the keyboard or keypad.

8 Touch [OK].
9 Touch [Login].
% If an ID & Print file has been saved, select [Begin Printing] or [Access Basic Screen] and then touch
[Login].
Login Method Description

[Begin Printing] Prints only the ID & Print file of the corresponding user. The user op-
eration mode screen is not called to the screen.
[Access Basic Screen] Only the ordinary login procedure is applicable and no ID & Print files
are printed.
bizhub C35 3-5

3
% If a wrong User Name is entered, a message that tells that the authentication has failed appears.
Enter the correct User Name.
% If a wrong User Password is entered, a message that tells that the authentication has failed appears.
Enter the correct User Password.
% If there are two or more ID & Print files involved, all of them will be printed. To select and print only
a desired file, select [Access Basic Screen], select the desired file from [ID & Print], and have it print-
ed. For the detailed procedure to access the ID & Print files, see page 3-14.
% If the ID & Print file is not saved even with the ID & Print function set, you log on to the machine
through the ordinary procedure regardless of whether [Begin Printing] or [Access Basic Screen] is
selected.
10 Press the [Access] key to log off.
bizhub C35 3-6

3
3.1.2 Performing user authentication (identification through the IC card)
2 Placing the IC card on the IC card reader allows you to log onto the machine.
If an ID & Print file has been saved, select [Begin Printing] or [Access Basic Screen] and then place the
IC card on the IC card reader.

are printed.
selected.
bizhub C35 3-7

3
3.1.3 Performing user authentication (authentication through the IC card + user
password)
2 Place the IC card on the IC card reader.
3 Touch [Password].
bizhub C35 3-8

3
4 Enter the 8-to-64-digit User Password from the keyboard or keypad.

5 Touch [OK].
6 Touch [Login].
% If an ID & Print file has been saved, select [Begin Printing] or [Access Basic Screen] and then touch
[Login].

are printed.
bizhub C35 3-9

3
selected.
bizhub C35 3-10

3
0 If any User Name not registered with this machine is authenticated through User Authentication when
[External Server] (Active Directory) is set for Authentication Method, the User Name is automatically reg-
istered with this machine.
1 Start the Web browser.
2 Enter the IP address of the machine in the address bar.
3 Press the [Enter] key to start PageScope Web Connection.
4 Click the Registered User radio button and enter the User Name and User Password.
5 Click [Log in].

6 Click [Log out] to log off from the user operation mode.
bizhub C35 3-11

3.2 ID & Print Function
3
For all users who have been authenticated through User Authentication, the machine enables all users who
have been authenticated through user authentication to register and access ID & Print files.
After authentication by a user from the control panel is successful with the ID & Print function set in the ma-
chine by the Administrator of the machine, the user can automatically print his or her print data saved in the
HDD of the machine. Because printing occurs after user authentication is performed via the control panel of
this machine, it is suitable for printing highly confidential documents.
Reference
- If the Administrator of the machine sets the ID & Print function, a file is saved as an ID & Print file even
if [Print] is selected on the printer driver side.
- Even if the Administrator of the machine does not set the ID & Print function, a file is saved as an ID &
Print file if [ID & Print] is selected on the printer driver side.
- If the Administrator of the machine sets the ID & Print function, a direct print file from PageScope Web
Connection is also saved as an ID & Print file.
3.2.1 Registering ID & Print files

1 Click [Properties] in the Print dialog box to show the Printing Preference window.
2 Click the [Basic] tab.
3 Select [ID & Print] in [Job Retention].
4 Click [Authentication/Account Track].
bizhub C35 3-12

3
5 Enter the user name and password and then click [OK].
% If the user password does not correspond to the user name entered, the ID & Print file is discarded
without being registered.
% If an attempt is made to print or save a file by specifying a user name that contains ["] (a double
quotation mark), a login error results and the machine cancels the print job.
6 Print the document.
bizhub C35 3-13

3
3.2.2 Accessing the ID & Print file
0 For the logon procedure, see page 3-2.
1 Log on to the user operation mode through User Authentication from the control panel.
2 Touch [USB/HDD].
3 Touch [ID & Print].
4 Touch [Login User].
bizhub C35 3-14

3
5 Select the desired ID & Print file and touch [Print].
% The ID & Print file is automatically deleted as soon as the printing is normally terminated.
bizhub C35 3-15

3.3 Change Password Function
3
When [Device] is set for Authentication Method of User Authentication, the machine permits each of all users
who have been authenticated through User Authentication to change his or her User Password.
The User Password entered is displayed as "●."
Performing Change Password

0 Change the user password at regular intervals.
0 Make absolutely sure that nobody but you may know your user password.
0 Do not set any number that can easily be guessed from birthday, employee identification number, and
the like for the user password.
1 Log on to the user operation mode through User Authentication from the PageScope Web Connection.
2 Click the [System] tab and [Authentication].
3 Enter the currently registered User Password and a new User Password. Then, to make sure that you
have entered the correct new password, enter the new User Password once again.
bizhub C35 3-16

3
4 Click [Apply].
% If a wrong User Password is entered in the "Current Password" box, a message that tells that the
User Password does not match appears. Enter the correct User Password.
% If the entered User Password in the "New Password" box does not meet the requirements of the
Password Rules, a message that tells that the entered User Password cannot be used appears. En-
ter the correct User Password. For details of the Password Rules, see page 1-8.
% If the entered User Password in the "New Password" box and "Retype New Password" box does
not match, a message that tells that the User Password does not match appears. Enter the correct
User Password.
bizhub C35 3-17

3.4 Secured Job Function
3
The Secured Job function allows a Secured Job file specified by a corresponding password from the PC to
be used in the condition registered in the machine.
To access a Secured Job file, authentication is performed through an 8-digit password that verifies an au-
thenticated user of the Secured Job file. The password entered is displayed as "*." A failure in authentication
as a result of the entry of a wrong password is counted as unauthorized access.
3.4.1 Registering Secured Job files

0 The Secured Job password must consist of 8 digits and meet the requirements of the Password Rules.
For details of the Password Rules, see page 1-8.
0 Make absolutely sure that nobody but you may know your Secured Job password.
0 Do not set any number that can easily be guessed from birthday, employee identification number, and
the like for the Secured Job password.
1 Click [Properties] in the Print dialog box to show the Printing Preference window.
2 Click the [Basic] tab.
3 Select [Secured Job (Encryption)] in [Job Retention].
% If the Enhanced Security mode is turned ON, select "Secured Job (Encryption)". Selection of "Se-
cured Job" does not result in the print data being saved in the machine.
4 Click [User Settings].
bizhub C35 3-18

3
5 Enter the 8-digit Secured Job Password in the Password box.
6 Click [OK].
7 Click [Authentication/Account Track].
8 Enter the user name and password, and then click [OK].
% If the user password does not correspond to the user name entered, the Secured Job file is discard-
ed without being registered.
% If an attempt is made to print or save a file by specifying a user name that contains ["] (a double
quotation mark), a login error results and the machine cancels the print job.
9 Print the document.
bizhub C35 3-19

3
3.4.2 Accessing the Secured Job file
0 Enter the Secured Job password through the printer driver on the PC side. The password entered is
displayed as "*."
2 Touch [USB/HDD].
3 Touch [Proof Print].
4 Select the user name and touch [OK].
% The name of the user of the PC from which the Secured Job file has been sent appears.
bizhub C35 3-20

3
5 Select the desired Secured Job file and touch [Print].
6 Touch [Password].
7 Enter the 8-digit Secured Job Password from the keyboard or keypad.
% For the Secured Job Password, enter the 8-digit one set on the printer driver side.
8 Touch [OK].
bizhub C35 3-21

3
9 Touch [OK].
% If a wrong Secured Job Password is entered, a message that tells that the authentication has failed
appears. Enter the correct Secured Job Password.
10 Check the details of the file and touch [OK].
% Touch [Cancel] to go back to the screen of step 5.

% The Secured Job file is automatically deleted as soon as the printing is normally terminated.
bizhub C35 3-22

3.5 Scan to HDD Function
3
For all users who have been authenticated through User Authentication, the machine enables the operation
of Scan to HDD function. It also enables operations for acquiring and printing image files stored in the HDD.
Scan to HDD stores the image file scanned by the machine in the HDD together with user information. The
image file can be stored as "Public" or "Personal". The stored image file can be accessed from the control
panel or PC through authentication of the user name and password.
Encryption communication using the SSL/TLS protocol is performed when the image file is downloaded from
the machine to the PC, so that the data is protected.
3.5.1 Registering image files

2 Touch [Scan to Folder].
3 Touch [Direct Input] tab and touch [HDD].
bizhub C35 3-23

3
4 Touch [Save Document].
5 Select the destination to which the file is to be saved and touch [OK] or [Start].
% The image file stored in [Personal] is protected. Select [Personal] whenever saving a highly confi-
dential file.
bizhub C35 3-24

3
3.5.2 Accessing the image file
2 Touch [Scan to Folder].
3 Touch [Direct Input] tab and touch [HDD].
4 Touch [File Document].
bizhub C35 3-25

3
5 A list of documents saved will appear.
% To delete image file, select the specific document and press [Delete].
bizhub C35 3-26

3
1 Log on to the user operation mode through User Authentication from the PageScope Web Connection.
2 Click the [Storage] tab and click [View] of the User Name by which the desired file is stored.
3 Click [Copy] of the desired file.
% If [Delete] is selected, a confirmation message appears. Click [OK] to delete the specified file.
4 Select [Open] or [Save] to execute the desired function.
% The downloaded file is not deleted from the machine.
bizhub C35 3-27

4.1 PageScope Data Administrator
4

PageScope Data Administrator is an application for management purpose that allows the authentication and
destination functions of the machine to be edited or registered from a PC connected over the network.
It allows the authentication and destination list to be downloaded in your PC, the data in the list to be edited
on the PC, and then the data to be written in the machine.
A destination list of file formats including XML, CSV, TAB, LDIF, and Lotus Notes Structured Text can be
downloaded. A destination list can also be downloaded by searching through or browsing destinations using
the LDAP protocol for a directory server such as Active Directory.
NOTICE
Make sure that none of the general users of the machine will know the Administrator Password.
If the Administrator Password is forgotten, it must be set again by the Service Engineer. Contact your Service
Representative.
Precautions during backup or restore

This machine allows authentication information, address list, and other types of data to be backed up (ex-
ported) in your PC or restored (imported) in the machine using the PageScope Data Administrator. Use the
following precautions when backing up or restoring data.
- When backing up or restoring data using the PageScope Data Administrator with the Enhanced Secu-
rity mode turned ON, do not restore data that is backed up when the Enhanced Security mode is turned
OFF.
- Edit backup data only with the PageScope Data Administrator.
4.1.1 Accessing from PageScope Data Administrator

0 Do not leave the site while you are gaining access to the machine through PageScope Data Adminis-
trator. If it is absolutely necessary to leave the site, be sure first to log off from the PageScope Data
Administrator.
1 Start the PageScope Data Administrator.
2 Select this machine from Device List and click [Authentication Settings/Address Settings].
bizhub C35 4-2

4
3 Check the settings on the Import device information screen and click [Import].
4 Type the 8-digit Administrator Password registered in the machine and click [OK].
% If the "Save" check box has been selected, the Administrator Password entered is stored in the PC
being used. If you do not want the Administrator Password stored, clear the "Save" check box.
% If a wrong Administrator Password is entered, a message appears that tells that there is a mismatch
in the passwords. Enter the correct Administrator Password.
% If the "Save" check box is selected, enter the 8-digit Administrator Password once again to make
sure that the Administrator Password has been entered correctly.
% If a wrong Administrator Password is entered for confirmation, a message appears that tells that
there is a mismatch in the Administrator Password. Enter the correct Administrator Password.
5 Check the data displayed on the SSL certificate check screen and click [Yes].
bizhub C35 4-3

4
4.1.2 Setting the user authentication method
0 If the IC card function has been set, the user authentication method cannot be changed.
0 For the procedure to access the machine, see steps 1 through 5 of page 4-2.
Administrator.
1 Access the machine through [Authentication Settings/Address Settings] mode of PageScope Data Ad-
ministrator.
2 Click [Authentication settings].
3 Click [User authentication].
bizhub C35 4-4

4
4 From the pull-down menu of User authentication, select the user authentication method.
% To change the user authentication method from "Device authentication" to "Network server authen-
tication," it is necessary first to register the domain name of Active Directory on the machine side.
% If "Network server authentication" is selected, "Active Directory" must invariably be selected.
5 Click [Export to the device].

% If there is a job being executed or a reserved job (timer TX, fax redial waiting, etc.) in the machine,
the machine displays a message that tells that the write operation has not been successful because
of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to
the device] again.
bizhub C35 4-5

4
4.1.3 Changing the authentication mode
Administrator.
ministrator.
2 Click [Authentication settings].
3 From [Edit] on the tool bar, select [Authentication] and click [Change authentication mode].
4 Click [Next].
bizhub C35 4-6

4
5 Select the specific [Authentication mode] to be changed and click [Next].
% If [User Authentication and Account Track] is selected, set [The allocation of the number of Users]
and [The allocation of the number of Accounts].
6 Verify the new authentication mode and click [Write].
the device] again.
bizhub C35 4-7

4
7 Click [Finished].
% If [User Authentication and Account Track] is selected in step 5, [Synchronize] is set for "Synchro-
nize user authentication and account track." If you want user authentication not synchronized with
account track, click to deselect [Synchronize user authentication and account track] and execute
[Export to the device] once again.
bizhub C35 4-8

4
4.1.4 Making the user settings
Administrator.
ministrator.
2 Click the Authentication settings expand button.
3 Click [User authentication settings].
4 Select the desired function.

% To register the user, click [Add].
% To change data registered for the user, click [Edit].
% To delete the user, click [Delete] and a screen appears that prompts you to confirm the execution
of deletion. Click [Yes] to delete the user.
% If the User Password does not meet the requirements of the Password Rules, a message appears
that tells that this particular User Password cannot be used. Click [OK] and enter the correct User
Password. For details of the Password Rules, see page 1-8.
% If the User Name has not been entered, a message appears that tells that the User Name is yet to
be entered. Click [OK] and enter the User Name.
% A User Name that already exists cannot be redundantly registered.
5 Click [OK].

the device] again.
% If a previously registered user is deleted in step 4, the image files owned by that specific user are
deleted.
bizhub C35 4-9

4
4.1.5 Setting the IC card information
0 The IC card driver (USB driver) of the IC card reader and the IC card plug-in must be installed in the PC
of the Administrator of the machine in advance. For details, refer to the User’s Guide furnished with the
machine.
Administrator.
ministrator.
2 Click the Authentication settings expand button.
3 Select [User authentication settings] and click [Add].
4 Click [OK].
5 Enter the user name and password, and select the [IC card authentication] tab.
bizhub C35 4-10

4
6 Place the IC card on the IC card reader, and click [Start reading].
% To delete a previously registered IC card information, click [Delete].

% A card ID may be registered through direct input. Select the [Input the card ID directly] radio button
and then input the card ID.
% The types of IC card that permit direct input are "Type A" and "Felica IDm".
7 Click [OK].
9 Click [Write].
10 Click [OK].
% If the user IC card information is registered through [Input the card ID directly], the user must be
associated with the card through the Admin Settings of the machine. For more details, see
page 2-18.
bizhub C35 4-11

4.2 TWAIN driver
4
4.2 TWAIN driver
The TWAIN driver, which is to be installed in the PC of a general user, is a TWAIN driver used exclusively for
allowing the machine to be recognized as a TWAIN device. It allows the image data read by the machine to
be captured in the image processing application of the PC.
When an attempt is made to gain access to the machine through the TWAIN driver, the user is authenticated
to be an authorized user by using an 8-to-64-digit User Password and an 8-digit User Box Password. During
the authentication procedure, the User Password entered for the authentication purpose appears as "*" on
the display. A failure in authentication as a result of the entry of a wrong password is counted as unauthorized
access.
Accessing from the TWAIN driver

0 Do not leave the site while you are gaining access to the machine through the TWAIN driver. If it is ab-
solutely necessary to leave the site, be sure first to log off from the TWAIN driver.
1 Start the image processing application.
2 From the [File] menu, click [Read], and then select [KONICA MINOLTA bizhub C35 TWAIN Ver.1].
3 Select the "Login as the Registered user" radio button and enter the User Name and the 8-to-64-digit
User Password.
% If [External Server] (Active Directory) is set for the authentication method, enter the desired external
server.
4 Click [OK].
% If [External Server] (Active Directory) is set for the authentication method and if user authentication
is successful, the User Name not registered in the machine is automatically registered.
5 Make the necessary settings and capture the image.
bizhub C35 4-12

http://konicaminolta.com
Copyright
A121-9301B-00 2010

User&#39;s Guide BH C35

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

User&#39;s Guide BH C35

Uploaded by

Copyright:

Available Formats

User’s Guide [Security Operations]

bizhub C35 Contents-1

bizhub C35 Contents-2

Compliance with the ISO15408 Standard

bizhub C35 1-2

1. Perform the following steps before installing this machine. Completed

Product Name Company Name User Division Name Person in charge

bizhub C35 1-3

Check Count Clear Conditions

bizhub C35 1-4

bizhub C35 1-5

Roles and Requirements of the Administrator

Password Usage Requirements

Network Connection Requirements for the Machine

User information control system control requirements

bizhub C35 1-6

Security function operation setting operating requirements

Operation and control of the machine

Machine Maintenance Control

Operating conditions for the IC card and IC card reader

IC card type IC card reader

Operate the IC card reader under the following conditions.

IC card owner requirements

bizhub C35 1-7

Types of passwords No. of digits Characters

Precautions for Use of Various Types of Applications

bizhub C35 1-8

<Registering the certificate in Windows Vista/Server2008>

bizhub C35 1-9

Items of Data Cleared by Data Erase Function

Items of Data Cleared Description Method

bizhub C35 1-10

Upgrading of the firmware

bizhub C35 1-11

2.1 Accessing the Admin Settings

Accessing the Admin Settings

1 Press the [Utility/Counter] key.

3 Touch [Admin Settings].

bizhub C35 2-2

% Press the [C] key to clear all characters.

bizhub C35 2-3

1 Start the Web browser.

2 Enter the IP address of the machine in the address bar.

3 Press the [Enter] key to start PageScope Web Connection.

4 Click the Administrator radio button and [Log in].

5 Enter the 8-digit Administrator Password in the password box.

bizhub C35 2-4

Settings to be Made in Advance Description

bizhub C35 2-5

bizhub C35 2-6

3 Touch [Security Settings].

4 Touch [Enhanced Security Mode].

bizhub C35 2-7

bizhub C35 2-8

Setting the Authentication Method

1 Start PageScope Web Connection and access the Admin Mode.

2 Click the [Security] tab.

bizhub C35 2-9

Authentication Method Description

bizhub C35 2-10

8 Select [Active Directory] and click [Next].

9 Make the necessary settings.

bizhub C35 2-11

Setting the ID & Print

User's Guide BH C35

User's Guide BH C35