Ricoh HotSpot Printer/MFP Whitepaper Version 4_r4



Similar documents
HotSpot Enterprise Mobile Printing Solution. Security Whitepaper

Enterprise Printing Solutions. Secure, on-premise mobile printing platform. enterprise education public printing locations print simply anywhere

How to Print Using the PrinterOn Hosted Service & FAQs

Interwise Connect. Working with Reverse Proxy Version 7.x

Repeater. BrowserStack Local. browserstack.com 1. BrowserStack Local makes a REST call using the user s access key to browserstack.

Technical White Paper BlackBerry Enterprise Server

enicq 5 System Administrator s Guide

Xerox Mobile Print Cloud

DeltaV System Health Monitoring Networking and Security

Remote Access and Control of the. Programmer/Controller. Version 1.0 9/07/05

PrinterOn Print Management Overview

SiteCelerate white paper

Reform PDC Document Workflow Solution Streamline capture and distribution. intuitive. lexible. mobile

MOBILE PRINTING: Secure Printing From Your Handheld Devices

FileCloud Security FAQ

Centricity 360 Case Exchange

Improving the Customer Support Experience with NetApp Remote Support Agent

PrinterOn Print Delivery Station Admin Guide

NERC CIP Requirements and Lexmark Device Security

User Guide - Table of Contents

Using over FleetBroadband

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

redcoal SMS for MS Outlook and Lotus Notes

Mobile. Pull. Solution. Print. and. Get true printing flexibility and document security with EveryonePrint

Xerox Mobile Print Solution

Xerox FreeFlow Core Cloud Customer Expectations Document. Version 1.0

easy ntelligent convenient GlobalScan NX Server 5/ Server 32/Server 750 Capture & Distribution Solution Energize Critical Workflows

GlobalScan NX. Server 32/Server 750. Intelligent scanning for smarter workflow

Simplify essential workflows with dynamic scanning capabilities. GlobalScan NX Server 32/Server 750 Capture & Distribution Solution

December P Xerox App Studio 3.0 Information Assurance Disclosure

Copyright Telerad Tech RADSpa. HIPAA Compliance

How To Use Irecruit Software

ARCHITECTURAL OVERVIEW Availability Service (EAS) with Activ box

Customer Tips. Xerox Network Scanning TWAIN Configuration for the WorkCentre 7328/7335/7345. for the user. Purpose. Background

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

PrinterOn Enterprise Administration Support Guide

Important. Please read this User s Manual carefully to familiarize yourself with safe and effective usage.

Optus SMS for MS Outlook and Lotus Notes

Chapter 15: Advanced Networks

WhatsUp Gold v16.3 Installation and Configuration Guide

SSL VPN Technical Primer

Verizon Remote Access User Guide

Understanding IP Faxing (Fax over IP)

ReadyNAS Replicate. Software Reference Manual. 350 East Plumeria Drive San Jose, CA USA. November v1.0

CentreWare Internet Services Setup and User Guide. Version 2.0

Copyright 2012 Trend Micro Incorporated. All rights reserved.

Server-Based PDF Creation: Basics

SyncThru TM Web Admin Service Administrator Manual

LAB FORWARD. WITH PROService REMOTE SERVICE APPLICATION. Frequently Asked Questions

Hitachi Content Platform (HCP)

Manual to Access SAP Training Systems Technical Description for Customer On-Site Training

Chapter 5. Data Communication And Internet Technology

CTERA Agent for Mac OS-X

QUARTZ FA-LIMS. Laboratory Information Management System for Failure Analysis THE ONLY LIMS SYSTEM DESIGNED SPECIFICALLY FOR FAILURE ANALYSIS

Citrix EdgeSight Administrator s Guide. Citrix EdgeSight for Endpoints 5.3 Citrix EdgeSight for XenApp 5.3

Network Configuration Settings

WhatsUpGold. v14.2. Getting Started with WhatsUp Gold MSP Edition

Re-associating.ica file extension on Vista/Windows 7 machines

PrinterOn Enterprise Installation Guide

eprint SOFTWARE User Guide

Server 32/Server 750. GlobalScan NX Server 5/ SOLUTION. Intelligent scanning for smarter workflow

Synology QuickConnect

Test Case 3 Active Directory Integration

Introweb Remote Backup Client for Mac OS X User Manual. Version 3.20

Table of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2

Xerox Mobile Print Cloud

HTTP connections can use transport-layer security (SSL or its successor, TLS) to provide data integrity

PrinterOn Mobile App for ios and Android

SharePoint Performance Optimization

Service Overview CloudCare Online Backup

KIP Cloud Apps User Guide

Whitepaper Document Solutions

AT&T Global Network Client Client Features Guide. Version 9.6

Installation and Setup: Setup Wizard Account Information

Bridgit Conferencing Software: Security, Firewalls, Bandwidth and Scalability

Spreed Keeps Online Meetings Secure. Online meeting controls and security mechanism.

Interwoven WorkSite Framework* User s Guide

S E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M. Bomgar. Product Penetration Test. September 2010

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

Configuring Security Features of Session Recording

Konica Minolta s Optimised Print Services (OPS)

Mobile Admin Security

Project Title: Judicial Branch Enterprise Document Management System RFP Number: FIN122210CK Appendix D Technical Features List

System Requirements - filesmart

VIA CONNECT PRO Deployment Guide

Copyright 2013, 3CX Ltd.

Docufide Client Installation Guide for Windows

How To Understand The Architecture Of An Ulteo Virtual Desktop Server Farm

October P Xerox App Studio. Information Assurance Disclosure. Version 2.0

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

F-Secure Messaging Security Gateway. Deployment Guide


White Paper. Securing and Integrating File Transfers Over the Internet

White Paper. BD Assurity Linc Software Security. Overview

Xerox PrintSafe Software

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

How to Configure edgebox as a Web Server

Preparing for GO!Enterprise MDM On-Demand Service

Transcription:

Ricoh HotSpot Printer/MFP Whitepaper Version 4_r4

Table of Contents Introduction... 3 What is a HotSpot Printer?... 3 Understanding the HotSpot System Architecture... 4 Reliability of HotSpot Service... 4 Security Considerations... 5 Security Considerations... 5 HIPAA Compliance For Health Care Providers... 7 Bandwidth Considerations... 7 Print Job Polling... 7 Print Job Download... 8 Supported File Formats... 8 2

Introduction The purpose of this whitepaper to address some of the most frequently posed security and system reliability questions. What is a HotSpot Printer? The Ricoh HotSpot printer allows people to print simply by sending an email or submitting print requests from a webpage. This simple and intuitive interface allows use without the need for print drivers or any extra software. This eliminates IT overhead and time used in setup and configuration for mobile or temporary users. There are two methods for submitting print jobs: Email Users submit their print jobs by simply forwarding an email to the printer s email address. This can be done from any computer or handheld device that supports email. The user will then receive an email response with a release code for the body of the email and a separate email and release code for each attachment. Simply enter this release code at the printer keypad to begin printing the document or email. Web Submission Documents may also be submitted through a web browser by visiting the printer s webpage. Users simply select the browse button to identify the document they would like to submit for printing and then provide an email address before submitting the print request. They will receive a release code on the webpage as well as a copy of the code via email. When the code is entered at the printer keypad the job will begin printing. 3

Understanding the HotSpot System Architecture To better understand the technology being leveraged for HotSpot printing it is important to know that when users email or submit print requests through the website there is a service operating in the background to allow the printing function. This is completely seamless to the end user. The real workflow of printing to a HotSpot will look something like this: 2. The receiving server generates a compressed printable data file and transmits it securely to the destination printer, once again using 128-bit SSL encryption for complete file integrity and protection. 1. Documents and Web pages to be printed are sent from a wired or wireless laptop, cell phone, or handheld device to the PrintSpots server using 128-bit SSL encryption. Each job is automatically assigned a private 4 10 digit release code. 3. The compressed print job is automatically formatted for the target printer and sent. The file resides safely in the printer hard disk drive until the user arrives at the printer and enters the release code at the attached keypad. The file is decompressed, printed, and then automatically erased from memory for total security. It's that simple! Reliability of HotSpot Service The HotSpot printing system architecture ensures the security and reliability of HotSpot printing. The diagram on the next page provides a better overview of the service infrastructure. The system's design is intended to address problems if either of the 2 physical network operations centers is removed from service. The Internet reliability is managed using 3 physically distinct inbound Internet connections, which are provided by 2 separate ISPs. The goal is to minimize downtime caused by the loss of any single physical connection or the loss of an ISP. 4

Each of the physical locations also incorporate battery backup systems, which are further backed up by generators for long term outages where the battery backups are not sufficient. Security Considerations When considering security it is important to understand the steps involved when a print job is submitted to a hotspot printer: Before data can be submitted to the HotSpot printer, the printer must have access out to the Internet. The printer uses two forms of communications with the PrinterOn service. 1. HTTP Before the printer can be used it must first validate its license agreement with the PrinterOn Servers. This is done through HTTP communications. 2. HTTPS All print data and communications regarding print job transmission is encrypted with 128-bit SSL. 5

Using both HTTP and HTTPS requires that data be allowed to pass through any firewall on the customer network by using TCP ports 80 and 443. As most environments allow for secure Internet communications on client PCs the HotSpot printer does not require any special firewall configuration. If a proxy server is used the printer will need to be configured with a proxy user account. There are two forms of encryption available to be used for data transmission to the PrinterOn service. 1. If submitting print jobs through a HotSpot webpage all data will be encrypted with SSL. 2. When emailing documents the PrinterOn mail servers will accept requests for TLS authentication.* Any print job submitted to the HotSpot printer will actually first go to the PrinterOn web server for print processing. Both physical locations are equipped with secure access to the server rooms. Only 4 employees and 1 executive have keys with access to these rooms. No remote access is possible to the servers requiring direct physical access to the servers to view any data they may process. *The TLS protocol is designed to allow communications privacy over the internet by allowing client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. Further information on this encryption is available through RFC 5246. The initial email or web submission will pass through the PrinterOn firewall and the service Load Balancer will direct the job request to one of the two, mirrored physical locations. The print job will then arrive at the appropriate web or email server farm depending on the print job submission method. Here the print job is stripped from the rest of the data communications used to submit the job and the email text and each attachment are assigned in queue to the print service. Once the print service has received the jobs from the email or web servers the data is deleted from these servers using standard windows deletion. The print server will then process the print job and generate the release code for the email and each attachment. For jobs submitted via the web service the release code will display on the webpage and will also be emailed to the address that was provided. For jobs submitted by Email a return email will be sent with the release code or codes. Now that the print data has been processed, and the release codes created, the data is transferred to a temporary data storage site for transmission to the HotSpot printer. Once again when the data move is confirmed all records of the print data on the print server are deleted from the windows file system. The data is encrypted at the new storage location and transmitted to the HotSpot printer. It will download directly to the hard drive installed on the printer and remain there, encrypted, for 72 hours. If the release code that was assigned to it by the HotSpot service is not entered into the device keypad within 72 hrs the print file is deleted from the printer hard disk. 6

HIPAA Compliance For Health Care Providers Ricoh HotSpot Printers can fulfill a critical role in any organization concerned about HIPAA compliance. Criteria outlined in the Security Considerations section demonstrates how providers can maintain confidentiality of patient personal information while data is printed. The basic mechanism which ensures only users with a release code can obtain hard copy from Ricoh HotSpot Printers by using a keypad to release print jobs complies with all aspects of compliance related to printing output including: Ensuring documents printed to a shared printer are promptly removed (output is not left unattended and open to compromise). Information being printed to equipment located in a public location must be strictly monitored. Bandwidth Considerations Ricoh HotSpot Printers were developed with the full understanding that this technology would be deployed in multiple environments, including those with low speed and high-speed Internet connections. In addition to state-of-the-art compression techniques, the Ricoh HotSpot Printers have been designed with a number of features relevant to lower bandwidth installations and have been successfully tested and deployed in high bandwidth connections (DSL or better) as well as limited bandwidth situations. Note that in the limited bandwidth case, we are still assuming that the service is essentially always connected. By way of example, we will assume a DSL caliber connection with a download speed of 1 Mbit/second and an upload speed of 384 Kbits/second. During operation of the Ricoh HotSpot Printer service, there are two types of conversations that consume bandwidth: print job polling and print job downloading. Print Job Polling Polling occurs on a regular basis, in which the embedded printer software asks a simple question: do you have a print job for me? The answer is almost always no, and the system goes back to sleep until the next poll. The polling query is usually less than 200 bytes. Most of that is HTTP overhead, plus a message of roughly 50 bytes that varies depending on the logical name of the printer. The response is a bit shorter, say 150 bytes. Some sample math: 1 poll request: 200 bytes = 2000 bits (some extra for framing, parity, etc) Maximum polling frequency: 1 poll/minute = 2000bits/minute DSL Bandwidth Capacity: 384,000 bits/second = 23,040,000 bits/minute Polling capacity use = 2000/23040000 = 0.0087% of bandwidth Overall, the polling mechanism that checks for print jobs consumes an insignificant portion of the available bandwidth. Furthermore, the administrator can change the polling interval or frequency. 7

Print Job Download If print job polling indicates that one or more print jobs are available, then the portion of the HotSpot service downloads the print job. Print jobs can vary in size immensely. And large print jobs can consume a large percentage of available bandwidth. Therefore, controlling the size of the print jobs is a key objective, and there are 4 key variables that are under our control. Print Job Compression All print data is compressed before presenting it for download. This minimizes the amount of print data that needs to be transferred. Print Job Page Limits The printer administrator can set upper boundaries on the number of pages that can be printed. As a general rule, this is more useful for controlling abuse, but can be of value for limiting data usage. Data Limits The administrator can specify the maximum allowable compressed print data size. This setting will reject any attempts to send print jobs that exceed the comfort level for the network. Printer Type Another key method for minimizing the print job size is to select a printer that uses efficient data types. All Ricoh HotSpot Printers support PCL and PostScript and are far more efficient than GDI, Quartz or other host-based printers. Recommendations to Limit Bandwidth Usage o o o o Choose a black and white Ricoh HotSpot Printer model Set the data size limit to 3 Mbytes. 3 Mbytes can contain a typical print job of up to 18 pages, which is more than 95% of all requests. The median 4 page print job will be about 660 Kbytes in size, consuming a significant portion of the available bandwidth for less than 7 seconds. As a general rule, assume, roughly, 30 seconds per page. Assuming 20 print jobs per day are sent with the upper limit of 3 Mbytes per job, the data will be transmitted in roughly 8 to 10 minutes. (3,000,000.00 bytes * 10 bits / 1,000,000 bit (a second) = 30 seconds Supported File Formats Ricoh HotSpot Printers support a wide range of file formats including the following popular file formats: Microsoft Word 2.0 > 2010 Microsoft Excel 2.0 > 2010 Microsoft PowerPoint 4.0 > 2010 Microsoft Visio 5 > 2007 OpenOffice.org Adobe PDF Web Pages (htm, html, mhtml) Text and TRFT files JPEG, TIFF, BMP, PNG, GIF 8

For more information regarding HotSpot Technology: www.ricoh-usa.com/hotspotprinters Ricoh Americas Corporation, Five Dedrick Place, West Caldwell, NJ 07006 9 2011 All rights reserved. Ricoh and the Ricoh Logo are registered trademarks of Ricoh Company; Ltd. Specifications are subject to change without notice.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information