beautypg.com

Access management system – Canon Paper Shredder User Manual

Page 8

background image



8

White Paper: Canon imageRUNNER ADVANCE Security

Section 2 — Device Security

Access Management System

The Access Management System, which is standard on imageRUNNER ADVANCE systems, can be used
to tightly control access to device functionality. Restrictions can be assigned to users and groups, to restrict
entire functions or restrict specific features within a function. Access restrictions are managed in units
called “roles”. Roles contain information that determines which of the various functions of the device may
be used or not.

Roles can be set up based on individual user’s job title or responsibilities or by group, enabling the
administrator to create roles specific to certain departments or workgroups. Since the administrator is not
limited to restricting all or none of a particular function, the roles can be as specific as is required for a
number of business needs. Beyond the Base roles which contain default access restrictions, up to 100 new
Custom roles can be registered for up to 5,000 users. The administrator can also define whether to allow
unregistered users to log in as guests and then specify settings for guest user’s roles.

The following describes the various Base access levels (roles) that are available:


The following functions and features can be restricted:

* Requires SSO-H to be enabled.

Privileges by Access Level

Predefined Role

Access Privileges

Administrator

Given privileges to operate all device functions.

Network Manager/Admin

Network manager mainly manages the settings related to the network under Settings/Registration.

Device Manager/Admin

Device Manager can specify settings related to management settings for paper type and function settings for Send/Receive.

Power User

Given privileges to operate all device functions, except managing the device itself.

General User

Given privileges to operate all device functions, except managing the device itself and specifying/registering address book.

Limited User

Restricted from device management, all send functions and only allowed 2-sided printing and copying.

Guest

Restricted from device management, all send functions and only allowed 2-sided printing and copying.

Device Function

Values

Description

Print

Allowed, Not Allowed

Allows or prohibits using applications related to the Print function.

Copy

Allowed, Not Allowed

Allows or prohibits using applications related to the Copy function.

Send/Store on Network

Sets restrictions for externally sending scanned documents, user inbox documents,
and saving documents to file servers or network storage.

E-mail TX

Allowed, Not Allowed

Allows or prohibits sending via E-mail TX.

I-Fax TX

Allowed, Not Allowed

Allows or prohibits sending via I-Fax TX.

Fax TX

Allows or prohibits sending via Fax TX.

FTP TX

Allowed, Not Allowed

Allows or prohibits sending via FTP TX.

NetWare (IPX) TX

Allowed, Not Allowed

Allows or prohibits sending via NetWare (IPX) TX.

Windows (SMB) TX

Allowed, Not Allowed

Allows or prohibits sending via Windows (SMB) TX.

WebDAV TX

Allowed, Not Allowed

Allows or prohibits sending via WebDAV TX.

Inbox TX

Allowed, Not Allowed

Sets restrictions for saving scanned documents to user inboxes.

Specify Address
Domain/Send to Addresses
Received from Cell Phone

Allowed, Not Allowed

For imageRUNNER ADVANCE devices, these restrictions also apply to addresses received
from cell phones.

Use Address Book/Register
Storage Location for Network

No Restrictions, Not
Allowed, Read Only

For imageRUNNER ADVANCE devices, these restrictions also apply to registering,
editing, and deleting network storage.

Send to New Addresses/Send
to Addresses Received from
Cell Phone

Allowed, Not Allowed

For imageRUNNER ADVANCE devices, these restrictions also apply to addresses
received from cell phones.

Add Device Signature to
Sending Files

Added, Not Added

Allows or prohibits adding of a device signature when sending PDF files.

Sending Files Format

Allowed, Not Allowed

Allows or prohibits sending file formats that a device signature cannot be added to.

Save Functions
(Mailbox/Hold/Memory Media)

Allowed, Not Allowed

Allows or prohibits saving functions.

Web Access

Allowed, Not Allowed

Allows or prohibits using applications related to the Web Access function.

Utility

Allowed, Not Allowed

Allows or prohibits using applications related to Utilities.

Others

Allowed, Not Allowed

Allows or prohibits using other applications.

MEAP Applications

Allowed, Not Allowed

Allows or prohibits the use of MEAP applications.