The TOE provides the following functions related to Multi-Function Printers (MFP):
\r\nA) Printing – producing a hardcopy document from its electronic form
\r\nB) Scanning – producing an electronic document from its hardcopy form
\r\nC) Copying – duplicating a hardcopy document
\r\nD) Faxing – scanning documents in hardcopy form and transmitting them in electronic form over telephone lines, and receiving documents in electronic form over telephone lines and printing them in hardcopy form
\r\nThe Lexmark 6500e Scanner is integrated with a T65x monochrome printer to provide a complete MFP. The scanner unit provides the touch panel, original document handler, fax interface, and network interface. The printer unit provides the print engine and its only external connection is to the scanner unit. The TOE includes the hardware and firmware in both the scanner and printer units. All of the other models included in the evaluation (X548, XS548, X792, XS796, X925, XS925, X950, X952, X954, and XS955) are complete MFPs in a single unit.
\r\nAll of the MFPs included in this evaluation provide the same security functionality. Their differences are in the speed of printing and support for color operations.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the Lexmark X548 (LHS2.VK.P244aCC), XS548 (LHS2.VK.P244aCC), X792 (LHS2.MR.P244aCC), XS796 (LHS2.MR.P244aCC), X925 (LHS2.HK.P244aCC), XS925 (LHS2.HK.P244aCC), X950 (LHS2.TQ.P244aCC), X952 (LHS2.TQ.P244aCC), X954 (LHS2.TQ.P244aCC), XS955 (LHS2.TQ.P244aCC) and 6500e Scanner (LHS2.JR.P244dCC) (with T650 (LHS2.JR.P244dCC), T652 (LHS2.JR.P244dCC), or T654 (LHS2.JR.P244dCC) Printer) Multi-Function Printers meet the security requirements contained in the Security Target.
\r\nThe criteria against which the Lexmark X548 (LHS2.VK.P244aCC), XS548 (LHS2.VK.P244aCC), X792 (LHS2.MR.P244aCC), XS796 (LHS2.MR.P244aCC), X925 (LHS2.HK.P244aCC), XS925 (LHS2.HK.P244aCC), X950 (LHS2.TQ.P244aCC), X952 (LHS2.TQ.P244aCC), X954 (LHS2.TQ.P244aCC), XS955 (LHS2.TQ.P244aCC) and 6500e Scanner (LHS2.JR.P244dCC) (with T650 (LHS2.JR.P244dCC), T652 (LHS2.JR.P244dCC), or T654 (LHS2.JR.P244dCC) Printer) Multi-Function Printers was judged is described in the Common Criteria for Information Technology Security Evaluation, Version 3.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1.
\r\nThe COACT, Inc. CAFE Lab determined that the evaluation assurance level (EAL) for the Lexmark X548 (LHS2.VK.P244aCC), XS548 (LHS2.VK.P244aCC), X792 (LHS2.MR.P244aCC), XS796 (LHS2.MR.P244aCC), X925 (LHS2.HK.P244aCC), XS925 (LHS2.HK.P244aCC), X950 (LHS2.TQ.P244aCC), X952 (LHS2.TQ.P244aCC), X954 (LHS2.TQ.P244aCC), XS955 (LHS2.TQ.P244aCC) and 6500e Scanner (LHS2.JR.P244dCC) (with T650 (LHS2.JR.P244dCC), T652 (LHS2.JR.P244dCC), or T654 (LHS2.JR.P244dCC) Printer) Multi-Function Printers is EAL 2+. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target.
\r\nA team of Validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by the COACT, Inc. CAFE Lab. The evaluation was completed in January 2012.
\r\nResults of the evaluation and associated validation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report.
","environmental_strengths":"The TOE’s Security Functions are:
\r\nA) Audit Generation - The TOE generates audit event records for security-relevant events and transmits them to a remote IT system using the syslog protocol.
\r\nB) Identification and Authentication - The TOE supports I&A with a per-user selection of internal accounts (processed by the TOE) or integration with an external LDAP server (in the operational environment). PKI authentication may also be specified, in which case all authentication must use PKI. A Backup Password mechanism may also be enabled.
\r\nC) Access Controls - Access controls configured for functions (e.g. fax usage) and menu access are enforced by the TOE.
\r\nD) Management - Through web browser sessions, authorized administrators may configure access controls and perform other TOE management functions.
\r\nE) Operator Panel Lockout - Authorized users may lock and unlock the touch panel. When the touch panel is locked, print jobs are still accepted but they are queued on the disk drive until the touch panel is unlocked.
\r\nF) Fax Separation - The TOE ensures that only fax traffic is sent or received via the attached phone line. Incoming traffic is processed as fax data only; no management access or other data access is permitted. In the evaluated configuration, the only source for outgoing faxes is the scanner.
\r\nG) Hard Disk Encryption - All user data submitted to the TOE and stored on the hard disk is encrypted to protect its confidentiality in the event the hard drive was is removed from the TOE.
\r\nH) Disk Wiping - In the evaluated configuration, the TOE automatically overwrites disk blocks used to store user data as soon as the data is no longer required. The mechanism used to perform the overwrite function complies with NIST SP800-88, and the DSS \"Clearing and Sanitization Matrix\" (C&SM) available at http://www.sdisac.com/clearing_and_sanitization_matrix.doc.
\r\nI) Secure Communication - The TOE protects the confidentiality and integrity of all information exchanged over the attached network by using IPSec with ESP for all network communication.
\r\nJ) Self Test - During initial start-up, the TOE performs self tests on its hardware components and the integrity of the building blocks and security templates.
","features":[]}