Canon imageRUNNER ADVANCE C9075 PRO/C9065 PRO/C7065/C7055 e-Manual - Using an Encryption Method That Complies with FIPS 140-2

Security > Using an Encryption Method That Complies with FIPS 140-2

Using an Encryption Method That Complies with FIPS 140-2

If you select 'On' for this function, you can make the encryption method for the following settings comply with the United States government-approved FIPS 140-2:

[IPSec Settings] in [Preferences] (Settings/Registration) (See "IPSec Settings.")

If you set [Format Encryption Method to FIPS 140-2] to 'On', policies using "AES-GCM" for the authentication/encryption algorithm of IPSec communication are disabled. At the same time, the authentication algorithm for this policy is automatically changed to SHA1 and the encryption algorithm for this policy is automatically changed to 3DES-CBC.
Policies with a certificate using the RSA-MD5 or RSA-MD2 signature algorithm are also disabled.

Remark


	This function can only be used if the IPSec Board is enabled. (See "Optional Products (imageRUNNER ADVANCE C9075 PRO/C9065 PRO)" or "Optional Products (imageRUNNER ADVANCE C7065/C7055).")				For instructions on confirming the signature algorithm for the certificate you are using, see "Editing Key Pairs and Server Certificates."

Press (Settings/Registration) → [Management Settings] → [Device Management] → [Format Encryption Method to FIPS 140-2].

Select [On] or [Off] → press [OK].

Changes are only effective after you restart the machine (the main power switch is turned OFF, and then back ON). For instructions on restarting (turning the main power switch OFF and then ON) the machine, see "Before You Start Using This Machine."