The TOE provides the following functions related to Multi Function Printers (MFPs):
\r\nAll of the MFPs included in this evaluation provide the same security functionality. Their differences are in the speed and type (color or monochrome) of printing. For the InfoPrint MFPs, a common brand name is used for MFPs both with and without a hard drive. Therefore, the MT-Model is also included in the specification to limit the MFPs in this evaluation to only those including a hard drive. Multiple MT-Models are listed since they distinguish options such as staplers and paper tray sizes.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the Lexmark X466 (LR.BR.P311CCa), X656 (LR.MN.P311CCa), X658 (LR.MN.P311CCa), X738 (LR.FL.P311CCa), X860 (LR.SP.P311CCa), X862 (LR.SP.P311CCa) and X864 (LR.SP.P311CCa) Multi-Function Printers and InfoPrint 1940 MT-Model 4570-gh1, gh2, gt1, gt2 (LR.BR.P311CCa), 1870 MT-Model 4567-gh1, gh2, gt1, gt2 (LR.MN.P311CCa), 1880 MT-Model 4568-gs1, gs2, gf1, gf2, gb1, gb2, g11, g12, g21, g22, g31, g32 (LR.MN.P311CCa), Color 1866 MT-Model 4915-gd1, gd2, gt1, gt2 (LR.FL.P311CCa), 1948 MT-Model 4857-g01, g02, g11, g12 (LR.SP.P311CCa), 1968 MT-Model 4858-gt1, gt2, g21, g22 (LR.SP.P311CCa) and 1988 MT-Model 4859-gt1, gt2, g31, g32 (LR.SP.P311CCa) Multi-Function Printers meets the security requirements contained in the Security Target.
\r\nThe criteria against which the Lexmark X466 (LR.BR.P311CCa), X656 (LR.MN.P311CCa), X658 (LR.MN.P311CCa), X738 (LR.FL.P311CCa), X860 (LR.SP.P311CCa), X862 (LR.SP.P311CCa) and X864 (LR.SP.P311CCa) Multi-Function Printers and InfoPrint 1940 MT-Model 4570-gh1, gh2, gt1, gt2 (LR.BR.P311CCa), 1870 MT-Model 4567-gh1, gh2, gt1, gt2 (LR.MN.P311CCa), 1880 MT-Model 4568-gs1, gs2, gf1, gf2, gb1, gb2, g11, g12, g21, g22, g31, g32 (LR.MN.P311CCa), Color 1866 MT-Model 4915-gd1, gd2, gt1, gt2 (LR.FL.P311CCa), 1948 MT-Model 4857-g01, g02, g11, g12 (LR.SP.P311CCa), 1968 MT-Model 4858-gt1, gt2, g21, g22 (LR.SP.P311CCa) and 1988 MT-Model 4859-gt1, gt2, g31, g32 (LR.SP.P311CCa) Multi-Function Printers were judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1. The COACT, Inc. CAFE Lab determined that the evaluation assurance level (EAL) for the Lexmark X466 (LR.BR.P311CCa), X656 (LR.MN.P311CCa), X658 (LR.MN.P311CCa), X738 (LR.FL.P311CCa), X860 (LR.SP.P311CCa), X862 (LR.SP.P311CCa) and X864 (LR.SP.P311CCa) Multi-Function Printers and InfoPrint 1940 MT-Model 4570-gh1, gh2, gt1, gt2 (LR.BR.P311CCa), 1870 MT-Model 4567-gh1, gh2, gt1, gt2 (LR.MN.P311CCa), 1880 MT-Model 4568-gs1, gs2, gf1, gf2, gb1, gb2, g11, g12, g21, g22, g31, g32 (LR.MN.P311CCa), Color 1866 MT-Model 4915-gd1, gd2, gt1, gt2 (LR.FL.P311CCa), 1948 MT-Model 4857-g01, g02, g11, g12 (LR.SP.P311CCa), 1968 MT-Model 4858-gt1, gt2, g21, g22 (LR.SP.P311CCa) and 1988 MT-Model 4859-gt1, gt2, g31, g32 (LR.SP.P311CCa) Multi-Function Printers is EAL 3+. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target.
\r\nThe evaluation was completed in February 2011. Results of the evaluation and associated validation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report.
","environmental_strengths":"The TOE’s Security Functions are:
\r\nAudit Generation - The TOE generates audit event records for security-relevant events and transmits them to a remote IT system using the syslog protocol.
\r\nIdentification and Authentication - The TOE supports I&A with a per-user selection of internal accounts (processed by the TOE) or integration with an external LDAP server (in the operational environment). PKI authentication may also be specified, in which case all authentication must use PKI. A Backup Password mechanism may also be enabled.
\r\nAccess Controls - Access controls configured for functions (e.g. fax usage) and menu access are enforced by the TOE.
\r\nManagement - Through the touch panel, authorized administrators may configure access controls and perform other TOE management functions.
\r\nOperator Panel Lockout - Authorized users may lock and unlock the touch panel. When the touch panel is locked, print jobs are still accepted but they are queued on the disk drive until the touch panel is unlocked.
\r\nFax Separation - The TOE ensures that only fax traffic is sent or received via the attached phone line. Incoming traffic is processed as fax data only; no management access or other data access is permitted. In the evaluated configuration, the only source for outgoing faxes is the scanner.
\r\nHard Disk Encryption - All use data submitted to the TOE and stored on the hard disk is encrypted to protect its confidentiality in the event the hard drive was to be removed from the TOE.
\r\nDisk Wiping - In the evaluated configuration, the TOE automatically overwrites disk blocks used to store user data as soon as the data is no longer required. The mechanism used to perform the overwrite conforms with NIST SP800-88, and the DSS \"Clearing and Sanitization Matrix\" (C&SM) available at http://www.sdisac.com/clearing_and_sanitization_matrix.doc.
\r\nSecure Communication - The TOE protects the confidentiality and integrity of all information exchanged over the attached network by using IPSec with ESP for all network communication.
\r\nSelf Test - During initial start-up, the TOE performs self tests on its hardware components and the integrity of the building blocks and security templates
","features":[]}