Certified/Validated Products List

RICOH Remote Communication Gate A2
V1.0.2

RICOH COMPANY, LTD.
Last Updated 2017-04-07
Product Name :
RICOH Remote Communication Gate A2
Version of TOE :
V1.0.2
Product Type :
Appliance for remote service
Certification No. :
C0535
Date :
2016-12-27
Version of Common Criteria:
3.1 Release4
Conformance Claim :
EAL2 Augmented with ALC_FLR.2
PP Identifier :
none

PRODUCT DESCRIPTION

Description of TOE

This TOE is a communication device that enables digital MFPs and printers (hereafter "devices") to be connected to the communication server (hereafter "CS") in the maintenance center. Information that the TOE obtains from the device and sends to the CS is also sent to the designated email address.
Functions this TOE can provide include notification of device troubles (service call function), automatic counter checking of prints of each devices (machine counter notice function), automatic counter checking of prints by each user (counter per user retrieval function), automatic ordering of supplies such as toner (supply call function), and device firmware updating. It also provides Web-based user interface functions for TOE operations.

 

TOE security functionality

The major security functions this TOE can provide are as follows:

- Communication data protection function between the TOE and the device for the service
This function is used for communication between the TOE and devices for the service if the service call function, the machine counter notice function, the counter per user retrieval function, and the supply call function are enabled. The communication data between the TOE and the Ricoh device will be secured, and the data tampering will be detected by using a TLS protocol.
- Communication data protection function between the TOE and the CS
The TOE specifies only the genuine CS as the communication destination via Internet. The communication data between the TOE and the CS will be secured, and the data tampering will be detected by using a TLS protocol.
- Communication data protection function between the TOE and computers
This function is applied to data communication between the TOE and computers if Web-based functions are enabled. The communication data will be secured and the data tampering will be detected by using a TLS protocol.
- Email protection function
This function is applied to make mail sent from the TOE. The contents of the mail will be secured and the data tampering will be detected by using S/MIME.
- User identification and authentication function
The TOE identifies and authenticates users who access Web-based user interface functions.
- RC Gate firmware verification function
This function enables the TOE to check that the firmware (applications, shared parts of firmware, platforms, and the operating system) is genuine.
- Security management function
This function provides TOE management methods for the Administrator only.
- Audit logging function
This function enables the TOE to record the information related to security relevant events and allows only the administrator to review the audit logging.

 

Security functional requirements

This TOE implements the following security functional requirements.

Security audit Non-repudiation of origin/receipt Cryptographic functionality Access control
Data authentication Export data protection Information flow control Import data protection
Internal transfer data protection Residual information protection Rollback Stored data integrity
Transfer data confidentiality Transfer data integrity Identification and authentication Security management
Privacy Control Security functionality protection Resource utilisation management TOE access control
Trusted path/channels