bizhubC351_C450SecurityFunctionServiceManual

SERVICE MANUAL

2007.022007.02Ver. 1.04Ver. 1.04

This Service Manual (Ver. 1.04) describes bizhub C450/bizhub C351

Multi Function Peripheral Control Software

(MFP Controller: 4037-0100-GM0-08-000).

SECURITY FUNCTION

Confidential for internal use only, do not distribute

Revision historyAfter publication of this service manual, the parts and mechanism may be subject to change forimprovement of their performance. Therefore, the descriptions given in this service manual may not coincide with the actual machine.

When any change has been made to the descriptions in the service manual, a revised version will beissued with a revision mark added as required.

Revision mark: To indicate clearly a section revised, show to the left of the revised section.

A number within represents the number of times the revision has been made.

To indicate clearly a section revised, show in the lower outside section of the correspond-ing page. A number within represents the number of times the revision has been made.

NOTERevision marks shown in a page are restricted only to the latest ones with the old ones deleted.

When a page revised in Ver. 2.0 has been changed in Ver. 3.0: The revision marks for Ver. 3.0 only are shown with those for Ver. 2.0 deleted.

When a page revised in Ver. 2.0 has not been changed in Ver. 3.0: The revision marks for Ver. 2.0 are left as they are.

11

1

1

2007/02 1.04 F/W version is changed

2006/11 1.03 Error Corrections



2006/01 1.00 Issue of the first edition

Date Service manual Ver. Revision mark Descriptions of revision


biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

Security Function Ver. 1.04 Feb. 2007

i

CONTENTS

Security Function1. Overview ................................................................................................................. 12. Compliance with the ISO15408 standard................................................................ 13. Data to be protected................................................................................................ 14. Precautions for operation control ............................................................................ 15. Checking the firmware version number................................................................... 3

5.1 Security authentication firmware version number................................................. 35.2 Checking the firmware version number ................................................................ 3

6. Enhancing the security function .............................................................................. 56.1 Details of settings ................................................................................................. 56.2 Security enhancing procedure.............................................................................. 5

6.2.1 Making and checking the service settings .................................................... 56.2.2 Requests to the administrator ..................................................................... 106.2.3 Functions disabled by the setting of Enhanced Security Mode................... 116.2.4 Functions whose settings are changed by Enhanced Security Mode......... 11

7. Service Mode ........................................................................................................ 137.1 Access method to the Service Mode .................................................................. 137.2 CE Authentication function ................................................................................. 14

7.2.1 Setting the CE Authentication function........................................................ 147.3 Administrator Password function ........................................................................ 14

7.3.1 Setting the administrator password............................................................. 147.4 CE Password function......................................................................................... 16

7.4.1 Setting the CE password............................................................................. 167.5 Data Clear function............................................................................................. 19

7.5.1 Data Clear method...................................................................................... 207.6 HDD Format........................................................................................................ 21

7.6.1 HDD format execution procedure................................................................ 227.7 HDD installation setting ...................................................................................... 23

7.7.1 HDD installation setting procedure ............................................................. 238. Overwrite All Data function.................................................................................... 24

8.1 Overwrite All Data procedure.............................................................................. 248.2 Items to be cleared by Overwrite All Data .......................................................... 24

8.2.1 Items cleared by Overwrite All Data............................................................ 249. Firmware upgrade ................................................................................................. 25

9.1 Preparations for firmware rewriting by Cygwin ................................................... 259.1.1 Outline......................................................................................................... 25


biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

nSecurity Function Ver. 1.04 Feb. 2007

ii

9.1.2 Service environment ................................................................................... 259.1.3 Installing the Cygwin................................................................................... 259.1.4 Settings of the Windows Environmental Variable ....................................... 289.1.5 Writing into the compact flash..................................................................... 29

9.2 Preparations for firmware rewriting by Firmware Imaging Toolkit 2006.............. 329.2.1 Correspond model ...................................................................................... 329.2.2 Function outline .......................................................................................... 329.2.3 System environment ................................................................................... 329.2.4 Installation of software ................................................................................ 339.2.5 Update of software...................................................................................... 359.2.6 Screen ........................................................................................................ 369.2.7 Details of each function .............................................................................. 389.2.8 How to write firmware data ......................................................................... 40

9.3 Firmware rewriting by compact flash.................................................................. 459.3.1 Updating method ........................................................................................ 459.3.2 Action when data transfer fails.................................................................... 47

9.4 Firmware Version Up/Down procedure............................................................... 479.4.1 Firmware version requiring HDD Version Up/Down.................................... 479.4.2 HDD Version Up/Down procedure .............................................................. 48


Security Function Ver. 1.04 Feb. 2007 1. Overview

1

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

1. OverviewThis Service Manual contains the essential operating procedures and precautions for using the security functions.

2. Compliance with the ISO15408 standardThis machine has an enhanced security function: Set the Enhanced Security Mode, in Administrator Setting, to [ON].The security functions offered by this machine comply with ISO15408/IEC15408 (level: EAL3).

3. Data to be protectedThe underlying concept of this machine toward security is to protect data that can be dis-closed against the intention of users.The following types of image files that have been stored in the machine and made available for use by its users are protected while the machine is being used. Image files stored by secure print Image files stored in personal user box and public user box

The following types of data stored in the HDD are protected when use of a leased machine is terminated at the end of the leasing contract, the machine is to be discarded, or when the HDD is stolen. Image files stored by secure print Image files stored in personal user box and public user box Image files of a job in the queue Image files other than secure print file and user box file Data files left in the data space used as image files Temporary data files generated during print image file processing Destination recipient data (e-mail address, telephone number)

4. Precautions for operation controlA. Requirements of the service engineerThe service engineer should take full responsibility for controlling the machine during his or her procedures for setting up and servicing the machine so that no improper operations are performed.

The service engineer who sets up and services the machine should have completed the

course in security and be certified accordingly. The service engineer should swear that he or she would never disclose information as it

relates to the settings of this machine to anybody in accordance with the Installation Checklist contained in Users Guide [Security Operations].

The service engineer should perform his or her physical service jobs in the presence of the administrator of the machine.


4. Precautions for operation control Security Function Ver. 1.04 Feb. 2007

2

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

B. Protection of setting data in Service ModeThe CE password used to access Service Mode must be adequately controlled by the ser-vice engineer concerned to ensure that it is not leaked. Make sure that any password that could be easily guessed by a third person is not used as the CE password.

The CE password should: Not be one that is easily guessed by third persons. Not be known by any third person. Be changed at regular intervals. Be set again quickly if one has been initialized.

C. Network connection requirements for the machinePackets being transmitted over the LAN installed in the office, in which the machine is installed, should be protected from unauthorized manipulation. If the LAN is to be con-nected to an outside network, no unauthorized attempt to establish connection from the external network should be permitted.

If the LAN, in which the machine is installed, is connected to an outside network, install a

firewall or similar network device to block any access to the machine from the outside network and make the necessary settings.

Configure the LAN installed in the office, in which the machine is installed, by using a switching hub and other devices to ensure that the packets are protected from unautho-rized manipulation.

Provide an appropriate network control at all times to make sure that no other copying machine is connected without prior notice to the office LAN to which this machine is con-nected.

D. Machine maintenance controlWhen the service engineer performs maintenance service jobs for the machine, he or she should check the firmware version number and the checksum value, and make sure that the system has not been altered.

E. MiscellaneousThe service engineer should explain to the administrator of the machine that the lan-guages, in which the contents of the Users Guide [Security Operations] have been evalu-ated, are Japanese and English. He or she should also explain the way how to get the manual in the language, in which it is evaluated.In addition, the service engineer should promptly provide the version of the Users Guide that has been evaluated for the user whenever the user needs one.


Security Function Ver. 1.04 Feb. 2007 5. Checking the firmware version number

3

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

5. Checking the firmware version numberConfirm the need to enhance or not to enhance the security function with the administrator of this machine: If administrator wants to enhance, check the firmware version number and the checksum value.If the firmware version number of this machine is different from numbers shown in the list below, it will be necessary to re-write to the firmware version corresponding to security.See P.25

5.1 Security authentication firmware version number

5.2 Checking the firmware version number1. Press the Utility/Counter key.2. Touch [Details] on Meter Count display.3. Press the following keys in this order:

Stop 0 0 Stop 0 14. The Service Mode screen will appear.

NOTE If [CE Authentication] is turned ON by accessing it through [Service Mode]

[Enhanced Security], authentication of the CE Password becomes necessary. In this case, enter the 8-digit CE Password and touch [OK]. (The default value of CE Password is 92729272.

If you leave the site with the Service Mode setting screen being displayed, unau-thorized changes could occur for any set values. When you finish the setting of Service Mode, or if you have to leave the site by necessity when the Service Mode has been set, be sure to press [Exit] to the main screen.

5. Touch [Firmware Version].

Ver. Check SumMFP Controller 4037-0100-GM0-08-000 D928

4037S1E517DA


5. Checking the firmware version number Security Function Ver. 1.04 Feb. 2007

4

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

6. Check the Firmware version number of MFP Controller and the checksum value using firmware version number.

4037S1E518DB

4037-0100-GM0-08-000 D928


Security Function Ver. 1.04 Feb. 2007 6. Enhancing the security function

5

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

6. Enhancing the security function Perform the Enhanced Security Mode procedures while making checks of installation

checklist in Users Guide [Security Operations]. To make the Enhanced Security Mode, service settings must first be made. Make the

necessary service settings and check that they have been correctly made.

6.1 Details of settings

NOTE If any one of the above functions is not set properly, the machine does not allow

the Enhanced Security setting to be made. The CE Password must be set to any value other than the default one.

6.2 Security enhancing procedure6.2.1 Making and checking the service settings1. Press the Utility/Counter key.2. Touch [Details] on Meter Count display.3. Press the following keys in this order to display the Service Mode screen:

Stop 0 0 Stop 0 1NOTE If [CE Authentication] is turned ON by accessing it through [Service Mode]

[Enhanced Security], authentication of the CE Password becomes necessary. In this case, enter the 8-digit CE Password and touch [OK]. (The default value of CE Password is 92729272.

Item Setting/Check Default SettingCE Authentication ON OFF

CE Password Set arbitrarily. 92729272CS Remote Care Execute RAM Clear.

Image Controller Setting Check the setting of Controller 0. Controller 0HDD installation setting Check the setting of Installed. Installed

Management Function Choice Check the setting of Unset. Unset

4037S1E517DA


6. Enhancing the security function Security Function Ver. 1.04 Feb. 2007

6

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

4. Press the following keys in this order to display the Enhanced Security screen: Stop 0 Clear

5. Touch [CE Authentication].6. Touch [ON].

7. Touch [END] and [CE Password].8. The default setting is 92729272. Using the keyboard shown on the display, enter

92729272 in Current Password and touch [END].

4037S1E519DA

4037S1E520DA

4037S1E521DA



7

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9. From the keyboard shown on the display, enter a new 8-digit password and touch [END].

NOTE Be sure to change the CE password. If the Password Rule setting is set to ON, a password consisting of only the

same character, one consisting of less than 8 digits, or the same password as that set before the change cannot be set. In this case, therefore, do not set a password having only the same character or one consisting of less than 8 digits.

Set any value other than the default one for the CE Password. Exiting from the Service Mode after the new CE password has been set validates

the setting of the new password. NEVER forget the CE password. When forgetting the CE password, call responsi-

ble person of KONICA MINOLTA.

10. Type the new CE password again and touch [END].11. Touch [CS Remote Care].12. If CS Remote Care has been set, [Detail Setting] appears on the display. Touch [Detail

Setting].

4037S1E522DA

4037S1E523DA



8

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

13. Touch [RAM Clear].14. Touch [Set] and [END].

15. Touch [END] to display the Service Mode screen.16. Touch [System 2].17. Touch [Image Controller Setting].18. Check that Controller 0 is selected.

19. Touch [END] to display the Service Mode screen.20. Touch [System 2].21. Touch [HDD] and check that Installed is selected.

22. Touch [END].23. Touch [Firmware Version].

4037S1E524DA

4037S1E525DA

4037S1E547DA



9

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

24. Touch [END] to display the Service Mode screen.25. Press the following keys in this order to display the Billing Setting screen:

Stop 9

26. Touch [Management Function Choice].27. Check that UnSet is selected and then touch [END].

4037S1E527DA

4037S1E528DA



10

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

6.2.2 Requests to the administrator When making the Enhance Security setting, the Administrator setting must first be made.

The Administrator must perform or check the following settings.

NOTE Make sure that the Administrator Password has been changed to one that meets

the requirements of the Password Rules. If the administrator of the machine registers a new HDD Lock Password or Encryp-

tion Key when the Enhanced Security is to be made, be sure first to perform [Phys-ical Format] by accessing [Service Mode] [State Confirmation] [HDD Format].

Item Setting/Check Default Setting

Administrator Password Check that the password meets the requirements of the Password Rules. 12345678

User Authentication Check that either MFP or External Server (Active Directory only) is set. Not authenticated

HDD Lock Password or Encryption Key

Setting of either the HDD Lock Password or Encryption Key (when the optional Security Kit SC-503 is mounted), or both.

No setting

PageScope Web Connection SSL/TLS certificate No setting



11

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

6.2.3 Functions disabled by the setting of Enhanced Security Mode Note that setting Enhanced Security Mode to ON disables the following functions.(1) Terminal Debug (forcibly prohibited when Enhanced Security Mode is set to

ON)(2) Print Data Capture (forcibly prohibited when Enhanced Security Mode is set to

ON)(3) CS Remote Care (RAM Clear is executed)(4) Firmware upgrading through Internet ISW (When the Enhanced Security Mode is

set to ON, the setting of this function cannot be changed from OFF.)

6.2.4 Functions whose settings are changed by Enhanced Security Mode Setting the Enhanced Security Mode to [ON] changes the setting values of the following

functions.

Function Name Default Setting When Enhanced Security mode is set to [ON]Password Rules To apply the password rule

to enhance security.OFF ON (not to be changed)

Prohibit Functions When Auth. Error To set the function for pro-

hibiting Authentication operation in order to pre-vent the unauthorized access.

Mode 1Mode 2 (not to be changed): Three times is set.* The number of times can be changed to once, twice, or three times.

User Name List To display the list key for

User names on User Authentication screen.

OFF OFF (not to be changed)

Print without Authentication To allow or restrict printing

which user and account are not specified.

Restrict Restrict (not to be changed)

User Box Admin. Setting To set whether to allow or

restrict the Box Adminis-trator to use the system.

Restrict Restrict (not to be changed)

Secure Document Access Method To display the status of the

Authentication system on the control panel for the Confidential document access.

Mode1

Mode 2 (not to be changed)* In association with Prohibit Functions When Auth. Error, the method is changed from authentication using Secure Document ID and password (Mode 1) to that using the password with the Secure Document first narrowed down by Secure Document ID (Mode 2).

SSL To set whether to encrypt

access by SSL.OFF ON (not to be changed)

FTP Server To set whether to use FTP

server or not.ON OFF (not to be changed)

SNMPv1/v2c To use when changing

Write setting.Read/Write enable Only Read is enabled (not to be changed)



12

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

SNMP v3 Write User Security Level To set the security level for

the Reading/Writing Authority User which is used for SNMP v3.

auth-password/priv-password Not to be changed to Authentication OFF

Print Data Capture To set whether to allow or

restrict capturing the Print Job Data.

Allow Restrict (not to be changed)

Incorrect User BoxNo. Entry To set the operation when

the unregistered box num-ber is entered.

Print Print (Setting can be changed to Show Error Message)

Internet ISW Set To set firmware upgrading

by Internet ISW, and enable or disable various settings.

OFF OFF (not to be changed)

Function Name Default Setting When Enhanced Security mode is set to [ON]


Security Function Ver. 1.04 Feb. 2007 7. Service Mode

13

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

7. Service ModeThe Service Mode is used to set various service functions.The Service Mode screen can be accessed using the CE password.

NOTE Authentication through the CE password is implemented only when [CE Authenti-

cation] is set to ON.

7.1 Access method to the Service Mode1. Press the Utility/Counter key.2. Touch [Details] on Meter Count display.3. Press the following keys in this order: Stop 0 0 Stop 0 1.4. Enter the CE password.

NOTE The CE password entered is displayed as . Access to the Service Mode through the CE password is restricted by the number

of times (1 to 3) set for Prohibit Functions When Auth. Error of the Administrator Setting. If entry of a wrong CE password exceeds the set number of times, the machine considers that the access is illegal. It then becomes necessary to turn OFF and ON the main power switch of the machine.

Each time a wrong CE password is entered, the CE password illegal access count is incremented by one.

If a wrong CE Password has been entered, no further entry can be made for 5 sec. Wait, therefore, for at least 5 sec. before attempting to enter the correct CE Pass-word.

When the access to the Service Mode has been successful with the correct CE password entered, the CE password illegal access count is cleared and reset to 0.

To go from the CE password screen to another, enter the CE password and call the Service Mode menu to the screen. Then, quit the Service Mode. You can also exit from the CE password screen by turning OFF and ON the sub power switch; how-ever, be careful that any jobs entered will be cleared at this time.

If you leave the site with the Service Mode setting screen being displayed, unau-thorized changes could occur for any set values. When you finish the setting of Service Mode, or if you have to leave the site by necessity when the Service Mode has been set, be sure to press [Exit] to the basic screen.

NEVER forget the CE password. When forgetting the CE password, call responsi-ble person of KONICA MINOLTA.

4037S1E529DA


7. Service Mode Security Function Ver. 1.04 Feb. 2007

14

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

7.2 CE Authentication functionThe service engineer uses an 8-digit CE password for verifying his or her identity as service engineer, as he or she attempts to use the functions available from the Service Mode. Spe-cific keys must first be entered before carrying out this authentication procedure.

7.2.1 Setting the CE Authentication function1. Press the Utility/Counter key.2. Touch [Details] on Meter Count display.3. Press the following keys in this order:

Stop 0 0 Stop 0 1.4. Press the following keys in this order to display the Enhanced Security screen:

Stop 0 Clear5. Touch [CE Authentication].6. Touch [ON] and [END].

7.3 Administrator Password functionThis function is used when the administrator sets the administrator password. It also allows a new administrator password to be set without requiring the entry of the currently set administrator password. It is therefore used when the administrator forgets the administra-tor password.

NOTE If the administrator password is temporarily changed by the service engineer,

never fail to have the administrator change the administrator password accord-ingly.

7.3.1 Setting the administrator password1. Call the Service Mode to the screen.See P.13

NOTE If you leave the site with the service mode setting screen being displayed, unau-

thorized changes could occur for any set values. When you finish the setting of Service Mode, or if you have to leave the site by necessity when the Service Mode has been set, be sure to press [Exit] to the basic screen.

4037S1E517DA



15

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n


3. Touch [Administrator Password].4. Enter the default value 12345678 as the new password from the keyboard on the

screen. Then, touch [END].NOTE Use the default value 12345678 as the password used only temporarily.

5. Enter the new Administrator Password (the default value 12345678) once again and touch [END].

6. Get the Administrator of the machine to access the Administrator Setting using the default password. Then, have him or her select the following functions in this order and change the default password: Administrator Setting Security Setting Administrator Password.

4037S1E519DA

4037S1E530DA



16

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

7.4 CE Password function The CE Password function is used to change the CE password to call the Service Mode

to the screen.

7.4.1 Setting the CE password1. Call the Service Mode to the screen.See P.13

NOTE If you leave the site with the service mode setting screen being displayed, unau-

thorized changes could occur for any set values. When you finish the setting of Service Mode, or if you have to leave the site by necessity when the Service Mode has been set, be sure to press [Exit] to the basic screen.


4037S1E517DA

4037S1E519DA



17

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

3. Touch [CE Password].4. Type the currently used CE password from the keyboard shown on the display and

touch [END].NOTE If there is a mismatch in the CE Password between that currently set and that just

entered, the machine displays a message telling that the CE Password entered is wrong. Enter the correct one.

If a wrong CE password as against the currently set correct one is entered a prede-termined number of times, the machine considers that the access is illegal, which is an access locked state. To clear this access locked state, it then becomes nec-essary to turn OFF and ON the main power switch of the machine.

Each time a wrong CE password is entered, the CE password illegal access count is incremented by one.

When the access to the Service Mode has been successful with the correct CE password entered, the CE password illegal access count is cleared and reset to 0.

5. Type the 8-digit password to be newly used from the keyboard shown on the display and touch [END].

NOTE If Password Rules of Security Setting available from Administrator Setting is set to

ON, the machine does not accept any new password that contains only the same character, consists of less than 8 digits, or that is the same as the previous pass-word.

For the CE Password, set a value other than the default. Quitting the Service Mode after the new password has been set will validate the

setting of the new password. NEVER forget the CE password. When forgetting the CE password, call responsi-

ble person of KONICA MINOLTA.

4037S1E521DA



18

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

6. Retype the new CE password and touch [END].NOTE If there is a mismatch in the CE Password between that typed first and that just

typed, the machine displays a message telling that the CE Password entered is wrong. In this case, set the CE Password once again.

4037S1E522DA

Characters and symbols to be used for the CE password Numeric characters: 0 to 9 Alpha characters: upper and lower case letters Symbols: !, #, $, %, &, , (, ), *, ,, -, ., /, :, ;, , ?, @, [, \, ], ^, _, , {, |, }, ~Selectable from among a total of 92 characters



19

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

7.5 Data Clear function The Data Clear function resets the current settings for various functions to the default

values. Since all subsequent data will be cleared, execute Data Clear function with care.

Once Data Clear has been executed, be sure to again designate the settings of items whose data has been cleared. (For the functions to be set in Administrator Setting, have the administrator make the settings again.)

Item Details

Adm

inis

trato

r Se

tting

Enhanced Security Mode Enhanced Security Mode is set to [OFF].Administrator Password Administrator password is reset to 12345678.Password Rules Password Rules is set to [OFF].

User Authentication

User Authentication is set to [OFF], and the following setting is set to Restrict. Public User User Name List Print without Authentication

User Box Admin. Setting User Box Admin. Setting is set to [Restrict].HDD Lock Password HDD Lock Password function is set to OFF.HDD Encryption Setting HDD Encryption Setting function is set to OFF.Temporary Data Overwrite Setting Temporary Data Overwrite Setting is set to [OFF].

Prohibit Functions When Auth. Error Prohibit Functions When Auth. Error is set to [Mode1].

Secure Documents Access Method

Secure Documents Access Method is set to [Mode1]. (Linked to Prohibit Functions When Auth. Error)

SSL certificate The SSL certificate becomes unregistered.

FTP server functionThe following function is permitted. Print Data Capture Acquisition of VCM count data

SNMP v1/v2c Write Setting of the SNMP v1/v2c Setting is set to Enable.

SNMP v3 Security Level Setting of the SNMP v3 Setting is set to auth-password/priv-password.SNMP password v3 SNMP password v3 is reset to the default value (MAC address).Network Setting Settings of Network Setting are reset.System Auto Reset System Auto Reset is set to [1 min.].

Oth

ers

User ID/Password All is deleted.Box ID/Password/Files All Box-related data is deleted.Secure Documents ID/Pass-word/Files All Secure Documents-related data is deleted.

One-Touch Registration Data All is deleted.Change made by the user of destination registration Change by the user is enabled of destination registration.



20

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

7.5.1 Data Clear method1. Call the Service Mode to the screen.See P.132. Touch [System 1].3. Touch [Initialization].4. Touch [Data Clear] and press the Start key.

5. When OK is displayed, turn off the main power switch and turn it on again more than 10 seconds after.

NOTEWhen the Data Clear function has been executed, be sure to make the following set-tings again. Since the Administrator Password is reset to the default value, be sure to have the

administrator of the machine set once again an Administrator Password that meets the requirements of the Password Rules.

Since the SNMP Password v3 is reset to the default value (MAC address), be sure to have the administrator of the machine set once again a password that meets the requirements of the Password Rules.

If you leave the site with the Service Mode setting screen being displayed, unau-thorized changes could occur for any set values. When you finish the setting of Service Mode, or if you have to leave the site by necessity when the Service Mode has been set, be sure to press [Exit] to the main screen.

Since the Enhanced Security Mode is reset to OFF, be sure to have the adminis-trator set the Enhanced Security Mode to ON.

4037S1E532DA



21

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

7.6 HDD Format Do not perform HDD format carelessly, as performing HDD format clears the fol-

lowing data. Whenever HDD format is executed, be sure to make the settings again for the types of data that have been reset. (For the functions available from Admin-istrator Setting, have the administrator make the settings again.)

Two types of HDD format to be executed in the Service Mode are available: Logi-cal Format and Physical Format. Different items are cleared by each of these two types of HDD format.

A. Items cleared by logical format

4037S1E548DA

Item DetailsEnhanced Security Mode Set to [OFF]User Authentication Set to [OFF]Public User Access Set to [Restrict]User Name List Set to [OFF]Print Without Authentication Set to [Restrict]User registration data Deletes all user-related data that has been registered

Box registration data/file Deletes all User Box-related information and files saved in User BoxSecure Print Document ID/ Password/file Deletes all Secure Document-related information and files saved

Destination recipient data files

Deletes all destination recipient data including e-mail addresses and telephone numbers



22

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

B. Items cleared by physical format

7.6.1 HDD format execution procedure1. Call the Service Mode to the screen.See P.132. Touch [State Confirmation].3. Touch [Memory/HDD Adj.].4. Touch [].5. Touch [HDD Format].6. Touch [Physical Format] or [Logical Format] and press the Start key.

7. HDD format is automatically terminated as soon as it is completed.8. Turn off the main power switch and turn it on again more than 10 seconds after.

Item DetailsEnhanced Security Mode Set to [OFF]User Authentication Set to [OFF]Public User Access Set to [Restrict]User Name List Set to [OFF]Print Without Authentication Set to [Restrict]

HDD Lock Password HDD Lock Password Setting is set to OFF and the HDD Lock Password is cleared.User registration data Deletes all user-related data that has been registered

Box registration data/file Deletes all User Box-related information and files saved in User BoxSecure Print Document ID/ Password/file Deletes all Secure Document-related information and files saved

Destination recipient data files

Deletes all destination recipient data including e-mail addresses and telephone numbers

4037S1E548DA



23

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

7.7 HDD installation setting HDD installation setting sets whether the hard disk is installed or not. Changing the HDD installation setting from Installed to Not Installed will clear the fol-

lowing types of data. Do not do that carelessly. If the HDD installation setting is made again, be sure to make the settings again for those that have been changed. (Have the administrator make the settings again for the setting items of Administrator Setting.)

NOTE If the HDD installation setting is changed to Not Installed and then back to

Installed again, reusing the original hard disk will allow image files stored in the box or secure print documents to be used. Note, however, that all boxes become Public.

7.7.1 HDD installation setting procedure1. Call the Service Mode to the screen.See P.132. Touch [System 2].3. Touch [HDD].4. Touch [Installed] or [Not Installed].

5. Touch [END] and exit the Service Mode.

Item Details

Adm

inis

trato

r Se

tting Enhanced Security Mode Enhanced Security Mode is set to [OFF].

User Authentication

User Authentication is set to [OFF], and the following setting is set to Restrict. Public User User Name List Print without Authentication

Box functions It is not possible to use.

4037S1E547DA


8. Overwrite All Data function Security Function Ver. 1.04 Feb. 2007

24

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

8. Overwrite All Data function The Overwrite All Data function overwrites and deletes all data saved in all areas of the

HDD and resets all passwords stored in NVRAM to the default settings. It can be used when the machine is to be discarded or use of a leased machine is terminated at the end of the leasing contract, thereby properly blocking leaks of data.

8.1 Overwrite All Data procedure The Overwrite All Data function ca be set by the following.

[Administrator Setting] [Security Setting] [HDD Setting] [Overwrite All Data] For the details of Overwrite All Data procedure, see the Users Guide Security Opera-

tions.

8.2 Items to be cleared by Overwrite All Data If the administrator of the machine executes Overwrite All Data by mistake, all

items that have been cleared must be set or registered again.(For the items to be set in Administrator Setting, be sure to have the administrator perform the setting and registration procedures again.)

8.2.1 Items cleared by Overwrite All Data

Item Contents

Adm

inis

trato

r Se

tting

HDD Lock Password The currently set password is cleared.Encryption key The currently set encryption key is cleared.

Administrator Password The currently set password is cleared and reset to the default setting.

SNMP Password The currently set password is cleared and reset to the default setting (MAC address).

Network Setting

The currently set network settings (DNS Server setting, IP Address setting, SMTP Server setting, NetWare Setting, Net-BIOS setting and ApplTalk Printer Name setting) is cleared and reset to the default setting.

Oth

ers

User registration data All information on the user registered with the machine is deleted.

Use Box registration data/files All information on the box registered with the machine and files saved in the box are deleted.Secure Print Document ID/Pass-word/File

All information on Secure Print Document registered with, and files saved in, the machine are deleted.

Image Data File

The following data is deleted: Saved image files other than Secure Print Document files

and User Box files Image files of jobs in queue

Destination data files All destination data is deleted, including e-mail addresses and telephone numbers.


Security Function Ver. 1.04 Feb. 2007 9. Firmware upgrade

25

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9. Firmware upgrade9.1 Preparations for firmware rewriting by Cygwin9.1.1 Outline Write the firmware into the compact flash using Cygwin. Cygwin consists of two types: Full install version and light version that is comprised only

of necessary files.

9.1.2 Service environment OS: Windows 2000/XP Drive which enables writing/reading of compact flash Compact flash (Service Tool: 4037 0751 ##)

9.1.3 Installing the CygwinA. For the full installation version

1. Double click the [setup.exe] on CD-ROM in which Cygwin is stored.

2. Click [Next (N)].

3. Select Install from Local Directory, and click [Next (N)].

4037F2C501DA

4037F2E545DA

4037F2E546DA


9. Firmware upgrade Security Function Ver. 1.04 Feb. 2007

26

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

4. Specify the folder for installation.Check to make sure that Root Directory is in default setting, [C:\cygwin].

NOTE Make sure to check that Root Directory is in default setting, [C:\cygwin]. Do not change the setting value except Root Directory.


6. Specify the place of the data to be installed.For installing from CD-ROM, select the [cygwin] folder in CD-ROM drive.(Described below is the sample procedure when CD-ROM drive is E-drive.)


4037F2E547DA

4037F2E548DA



27

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n


9. Click [Complete] to start installing.

B. For the light version1. Decompress the downloaded compressed file cygwin_rhein_phase2.zip directly to

the C drive (Windows system drive).2. Confirm that the Cygwin folder is created directly in the C drive (Windows system

drive).

4037F2E549DA

4037F2E550DA



28

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9.1.4 Settings of the Windows Environmental Variable1. After installing, open the property of My Computer, and click the Environmental Vari-

able of Advanced tab.2. Click the New in System Variable Setting.

3. Set the following two values as the Windows Environmental Variable.

4036fs2620e0

Variable name Variable valueCYGWIN ntsec

HOME /home/username

4036fs2621e0



29

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9.1.5 Writing into the compact flash1. Put the data of firmware in the optional directory. (C:\bizhub in the below figure)

NOTE The file name of firmware data consists of the Release

Date_Version_CHECKSUM-****.exe.

2. Double-click the Firmware data, and specify the directory to be uncompressed, and then uncompress it.

NOTE When old firmware is still left in the specified directory to be uncompressed,

delete it before uncompressing. When the firmware data is decompressed, card_work folder is created in the

selected directory and the data is decompressed in this folder.

4038F2E562DB

4038F2E563DB



30

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

3. Mount the compact flash on the PC, and check the drive name, which was recognized in the Windows. (F-drive in the following figure)

4. Click Start Program Accessories Command Prompt to open the com-mand prompt.

5. Use the command prompt to move into the uncompressed directory.6. Specify the drive of compact flash, which was recognized through the procedure 3, and

execute the mksf.bat. (Input the C: \bizhub\card_work>mkcf f (Drive number): in the below figure, and push the Enter.)

4036fs2623e0

4038F2E564DB



31

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

7. Once the mkcf.bat is executed, data writing into the compact flash is started.8. Upon completion of writing, CHECKSUM is executed. If CHECKSUM value is precisely

matched, VERIFY OK appears.

9. Remove the compact flash from PC.

NOTE When removing the compact flash, be sure to check if data is written as normal

and then remove it according to the precise removing method.

4038F2E565DB



32

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9.2 Preparations for firmware rewriting by Firmware Imaging Toolkit 2006

This software is designed as the tool to write firmware data of MFP/printer released by KMBT into the compact flash card.

9.2.1 Correspond model Correspond models of the software is as follows.

9.2.2 Function outline The following functions are available with this software.

9.2.3 System environment The following system environments are required or recommended to use the software.

Color machine bizhub C250/C300/C350/C351/C352/C450 bizhub C250P/C352P/C450P

B/W machine bizhub 200/250/350 Di2510/3010/3510/2510f/3010f/3510f

Function type Function name Description

Basic functions

Write Firmware to a card Write firmware data into the compact flash card.

See P.38Compare Firmware with a card Compare the firmware data written into the

compact flash card with the one saved in PC.See P.38

Advanced functions

Create a Firmware Image from a card Create the firmware image form using the firmware data written into the compact flash card.

See P.39Format a card Format the compact flash card by the FAT or

vxWorks form.

NOTE vxWorks form is not applicable.

See P.39Display information about a card Acquisition the information of firmware data

written into the compact flash card.See P.39

Computer IBM PC/AT compatible machineCPU Pentium III / 500 MHz or higher is recommended.

Correspond OS Windows 2000, Windows XP or Windows Server 2003

Required memory More than 128 MB (Windows 2000), 256MB (Windows XP/2003) is rec-ommended.

Others Drive that is able to Read/Write compact flash



33

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9.2.4 Installation of software Follow the procedures shown below to install the software.

NOTE Install the software to the PC with the administration authentication. When any anti-virus program is activated, quite the program before the installa-

tion.

1. Double click [setup.exe] to start the installation of the software.

2. Click [Next >].

9J06F2C673DA

9J06F2E700DA



34

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

3. After checking the contents of license agreement, select [I accept the terms in the license agreement] and click [Next >].

4. Select the installed destination folder of Firmware Imaging Toolkit 2006, and click [Next>].

9J06F2E701DA

9J06F2E702DA



35

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

5. Click [Install] to start installation.6. Click [Finish] to complete the installation.

7. Shortcut file will be created inside Windows Start menu ([Program] [KONICA MINOLTA] [Firmware Imaging Toolkit 2006]).

9.2.5 Update of software To update the software version, delete (uninstall) the currently installed program and

install the new version. Follow the procedures shown below to delete (uninstall) the program.

1. Quite the program if the software is activated.2. Select [Firmware Imaging Toolkit 2006] of [Add/Remove Programs] in Windows Control

Panel menu to delete the program.

9J06F2E703DA

9J06F2E708DA

9J06F2E709DA



36

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9.2.6 ScreenA. Main window The main window will be displayed after activating the software. Main window consists of 2 patterns: Basic mode, Advanced mode

[1] About To display the outline of the tool.[2] Copyright Info To display the license agreement and version information of the

tool. [3] Settings To display the dialog to enable the advanced functions.

Select the check box of [Enabled Advanced Features] to enable advanced functions at main window.

See P.37[4] What would you like to

do? To select the function to be used. Displayed screen is different between Basic mode and

Advanced mode.See P.38

[5] Select the location of the Firmware to write to the card:

To select the compact flash drive to which the data to write.

[6] Select the drive letter that corresponds to the card you wish to write to:

To select the location where the firmware is stored in PC.

9J06F2E704DA

When the advanced mode is selected

[1]

[2]

[3]

[5]

[6]

[4]



37

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

B. Settings dialog It will be displayed by clicking [Settings] at main window. Other settings will be enabled by selecting the check box of [Enabled Advanced Fea-

tures].

[1] Enable Advanced Features

Enable the setting of advanced functions at the dialog by select-ing the check box.Also advanced functions can be selected at the main window.

[2] Default Setting for Card Format

Select the default card format during software starting.FAT : The format to be used by all models that the soft-

ware supports.vxWorks : Not available yet.

[3] Default Drive Letter Select how to set default of compact flash drive during software starting.

LastUsed : The drive used at previous time is selected.None : [Please Select] is displayed on the screen every

starting and the drive should be selected every time.

[4] Default Image Block Size Not available yet. [5] Calculate sums when

writing Set whether to calculate check sums during data writing. If [YES] is selected, data consistency can be ensured by data

verification of check sums during data writing. However, it takes more time for data writing compared to the case without sums calculation (Basically this mode shall be selected.)

If [No] is selected, check sums calculation is skipped during data writing. Although it take less time for data writing com-pared to the case with sums calculation, it fails to ensure the reliability of the written data.

[6] Folder for Temporary Files Set the folder for saving temporary files during the tool is acti-vating. The temporary file is automatically deleted after the operation completes normally.

9J06F2E705DA

[1] [1]

[2]

[3]

[4]

[5]

[6]



38

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9.2.7 Details of each functionA. Basic functions(1) Write Firmware to a card To write FW data into the compact flash. The FW data of the models shown below can be

written. To write FW data into the compact flash. The FW data of the models shown below can be

written.

NOTE The above-mentioned [Indexed firmware type] and [Di3510/350/250/200 firmware

type] shall be comprised of multiple files and one of the files shall be named as above.

[Compressed firmware type] means the compressed formed image file that is cre-ated using the tools function of the [Create a Firmware Image from a card].

[Uncompressed firmware type] means the image file that is uncompressed the compressed firmware file.

To write the image file data (*.img.gz or *.img) into the compact flash, use the com-pact flash with the same capacity as the one used for the original image file. Although the compact flash with larger capacity than the original one can be used, it is not covered under warranty.

C350 firmware requires the compact flash over 64 MB. Firmware of C450/C450P/C351/C352/C352P/C300/C250/C250P requires the com-

pact flash over 128 MB.

(2) Compare Firmware with a card Compare the firmware data written into the compact flash and the one (file) saved in PC. After the comparison, display the check sum information (comparison result dialog) of

the firmware data of the compact flush and the file. The firmware data (file) format saved in PC shall consistent with the one written into the

compact flash.

File typeModels

Indexed firmware type

Compressed firmware type

Uncompressed firmware type

Di3510/350/250/200 firmware type

C450/C450P/C351 rhein1_cf.tar.gz

*.img.gz *.img

C352/C352P/C300 rhein2_cf.tar.gz

C350 tss2_cf.tar.gz C250/C250P rhein3_cf.tar.gz

Di2510/3010/3510/2510f/3010f/3510f ma001

200/250/350 ma001a



39

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

B. Advanced functions(1) Create a Firmware Image from a card Create the image file from the firmware data written into the compact flash.

Create the image file by dumping directly the data in the card. This function allows us to save the various type of firmware data in the compact flash as the image file and hold as copy data.

The created FW image file is automatically compressed and created as the Compressed firmware file (*.img.gz). The image file is written into the compact flash in the uncompressed form, however, the uncompressed data would occupy too much capacity, which makes file control difficult. Therefore this tool doesn't create uncompressed firmware file (*.img).

(2) Format a card Make format of the compact flash in FAT or vxWork form. To write the firmware data into the compact flash, the card should be formatted in FAT

form to clear (initialize) the description of the compact flash. NOTE In current version, only FAT format is available but not vxWork format. After the firmware data is written into the compact flash, it becomes the own file

style that is different from the FAT, and the compact flash that the firmware data is written cannot be browsed on the Windows OS.

(3) Display information about a card Display the information of the firmware data written into the compact flash.

The information to be displayed is according to the type of written FW data. For the series of Di3510/200/250/350 series, MSC version is displayed. For the series of C450/C450P/C351/C352/C352P/C300/C250/C250P, check sums of

each firmware data is displayed.



40

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9.2.8 How to write firmware data1. Put the firmware data in the optional directory. (C:\bizhub in the below figure)

NOTE The file name of firmware data consists of the Release

Date_Version_CHECKSUM-****.exe.

2. Double-click the firmware data, and specify the directory to be uncompressed, and then uncompress it.

NOTE When old firmware is still left in the specified directory to be uncompressed,

delete it before uncompressing.

9J06F2E710DA

9J06F2E711DA



41

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

3. Mount the compact flash on the PC, and check the drive name, which was recognized in the Windows. (F-drive in the following figure)

4. Start Firmware Imaging Toolkit 2006.

NOTE When using the external compact flash drive such as USB be sure to connect

them before starting this tool.

5. Select the check box of [Write Firmware to a card].

9J06F2E712DA

9J06F2E706DA



42

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

6. Click [Browse].

7. Select the file type [C450/ C351/C352/ C300/C350/C250 Indexed Firmware].

8. Move to the folder decompressed at step 2, confirm that only "###_cf.tar.gz" (### is for model name) is displayed, and select.

NOTE If the file extension is set to be not displayed in Windows, the file name .gz will

not be displayed.

9. Click [Open].

9J06F2E707DA

9J06F2E713DA

9J06F2E714DA



43

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

10. Select the drive that the compact flash is inserted, which is confirmed at step 3.

NOTE The drives other than the compact flash that is recognized as Removable Disk

can be selected for the writing destination. If these drives are selected mistakenly to make the writing, it may give fatal damage on Windows system or delete the saved data. Therefore pay close attention when selecting the drive.

11. [Write] button is changed form gray into active status.When clicking [Write] button, the following dialog is displayed.

12. In the dialog, re-confirm the firmware data and the written destination drive, and click [YES]. (If [NO] is clicked, the screen goes back of the main window.)

9J06F2E715DA

9J06F2E716DA



44

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

13. Click [Yes], and data writing starts.NOTE Writing a card is a resource intensive operation for your computer - do not attempt

to multitask (use the computer for anything else) during the writing procedure.14. When the writing is completed, the following screen appears.

In this screen, check sums will be compared between the firmware data and one writ-ten into the compact flash.

NOTE The contents displayed on the screen may different according to the model type.

The above is the screen displayed for firmware data writing of bizhub C450.

15. Confirm each check sums are identical and quit Firmware Imaging Toolkit 2006.16. Take out the compact flash from the PC.

NOTE When removing the compact flash, be sure to check if data is written as normal

and then remove it according to the precise removing method.

9J06F2E717DA



45

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9.3 Firmware rewriting by compact flash The F/W is updated using the compact flash.

9.3.1 Updating methodNOTE NEVER remove or insert the compact flash card with the machine power turned

ON.

1. Turn OFF the main power switch.2. Remove the screw [1] and the metal

blanking plate [2].

3. Insert the compact flash card [3] into the slot.

4. Turn ON the main power switch.5. Up to six types of F/W will be displayed on the control panel.6. Select the particular type of F/W to be updated.

[1][2]4037F2C016DA

[3]4037F2C017DA

4037F2J517DA



46

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

7. Press the Start key. (At this time, the Start key starts blinking red.)8. Check that the control panel shows the message indicating that the data has been

rewritten correctly (Downloading Completed). Check also the check sum value (Check Sum XXXX) shown on the control panel. (The Start key blinks green.)

9. Turn OFF the main power switch.10. Remove the compact flash card from the slot.11. Turn ON the main power switch.

NOTE When turning the main power ON for the first time after the firmware is updated,

data may sometimes be internally updated. In that case, the following message will be displayed. Never turn the main power OFF until either the serial number input screen or the trouble code screen is dis-played.

12. Call the Service Mode to the screen.13. Select [Firmware Version].14. Make sure if the version of firmware is updated.

4037F2E627DA



47

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9.3.2 Action when data transfer fails If NG appears on the control panel, indicating that rewriting has been unsuccessful (in

which case the Start key lights up red), take the following steps.1. Perform the data rewriting procedure again.2. If the procedure is abnormally terminated, change the compact flash for a new one and

try another rewriting sequence.3. If the procedure is still abnormally terminated, change the board that has caused NG

and carry out data rewriting procedure.

*1: The optional FAX Kit FK-502 is necessary for the above procedure.*2: The optional Fax Multi Line ML-501 is necessary for the above procedure.

9.4 Firmware Version Up/Down procedure When it is found through a check that the firmware of the machine is not the security-cer-

tified version, it is necessary to upgrade the firmware to the security-certified version. At this time, if the firmware is upgraded from a specific firmware version to the security-cer-tified version, it becomes necessary to protect compatibility of configuration of data con-tained in the documents saved in the box.

The procedure for protecting compatibility is either [HDD Version Up] or [HDD Version Down], whichever can be set through [Service Mode] [State Confirmation] [Mem-ory/HDD Adj.].

9.4.1 Firmware version requiring HDD Version Up/Down

MFP Controller MFP Control Board (PWB-MFPC)Scanner Image Processing Board (PWB-C)Printer Control Board (PWB-MC)LPH LED Drive Board (PWB-LED)

Fax Board Controller1 Fax Board (Main) *1Fax Board Controller2 Fax Board (Sub) *2

Firmware version before upgrading Compatibility protection procedure required Ref. page

Firmware card version A7 or earlier HDD Version UpSee P.48

Firmware car version D7 or later HDD Version Down



48

biz

hu

b C

35

1/C

45

0/

ine

o+

35

0/4

50

Se

cu

rity

Fu

nctio

n

9.4.2 HDD Version Up/Down procedure1. Call the Service Mode to the screen.See P.132. Touch [State Confirmation] [Memory/HDD Adj.]

3. Touch [HDD Version Up] or [HDD Version Down].([HDD Version Down] will be displayed by the touch of the [] key.

4. Press the start key to execute the HDD Version Up or Down procedure.5. When the procedure is completed, turn OFF the main power switch and wait for 10 sec.

or more before turning it ON again.

4037S1E517DA

4037S1E558DA


2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.

Printed in JapanPrinted in JapanDD4037SE1DD4037SE1Use of this manual should be strictly supervised to

avoid disclosure of confidential information.Use of this manual should be strictly supervised toavoid disclosure of confidential information.

Security Function1. Overview2. Compliance with the ISO15408 standard3. Data to be protected4. Precautions for operation control5. Checking the firmware version number5.1 Security authentication firmware version number5.2 Checking the firmware version number

6. Enhancing the security function6.1 Details of settings6.2 Security enhancing procedure6.2.1 Making and checking the service settings6.2.2 Requests to the administrator6.2.3 Functions disabled by the setting of Enhanced Security Mode6.2.4 Functions whose settings are changed by Enhanced Security Mode

7. Service Mode7.1 Access method to the Service Mode7.2 CE Authentication function7.2.1 Setting the CE Authentication function

7.3 Administrator Password function7.3.1 Setting the administrator password

7.4 CE Password function7.4.1 Setting the CE password

7.5 Data Clear function7.5.1 Data Clear method

7.6 HDD Format7.6.1 HDD format execution procedure

7.7 HDD installation setting7.7.1 HDD installation setting procedure

8. Overwrite All Data function8.1 Overwrite All Data procedure8.2 Items to be cleared by Overwrite All Data8.2.1 Items cleared by Overwrite All Data

9. Firmware upgrade9.1 Preparations for firmware rewriting by Cygwin9.1.1 Outline9.1.2 Service environment9.1.3 Installing the Cygwin9.1.4 Settings of the Windows Environmental Variable9.1.5 Writing into the compact flash

9.2 Preparations for firmware rewriting by Firmware Imaging Toolkit 20069.2.1 Correspond model9.2.2 Function outline9.2.3 System environment9.2.4 Installation of software9.2.5 Update of software9.2.6 Screen9.2.7 Details of each function9.2.8 How to write firmware data

9.3 Firmware rewriting by compact flash9.3.1 Updating method9.3.2 Action when data transfer fails

9.4 Firmware Version Up/Down procedure9.4.1 Firmware version requiring HDD Version Up/Down9.4.2 HDD Version Up/Down procedure

bizhubC351_C450SecurityFunctionServiceManual

Documents

revised version

service settings

revised section

number of times

editiondate service

service manual2007

security functionconfidential

fw version