?
Solved

Secure Internet Printing (IPP)

Posted on 2007-12-03
2
Medium Priority
?
2,471 Views
Last Modified: 2013-12-15
Looking for a secure (HIPAA compliant) internet printing solution.  So far IPP seems to be the right solution, however I'm not finding a lot of information out there.

The scenario is this... folks at our client offices access our system via an HTTPS web client.  For printing we need to maintain a VPN tunnel to pass port 515 or 9100 traffic.  Looking to get out from having to maintain site-to-site or SSL-VPN tunnels.

The system we run only prints to printers using a UNC naming convention - \\server\print_share - so what i need to do is create a an IPP printer on the system, and share it in a UNC convention.  Downside is right now Windows won't let me share an IPP printer.  So I'm stuck with that dilemma at the moment and may have to find a print server that'll allow this to happen.

Assuming once I can get over that hurdle, then I need to be concerned with securing the print stream over the internet so that it's encrypted and secure to keep the HIPAA compliance folks happy.

To make life easier - I'm going to impose 1 or 2 printer models to our clients to keep support issues to a minimum.

I'm assuming the traffic will go out over port 631 - and they'll need to punch a hole in their firewall and NAT to the printer's IP address.  Finally - if I have multiple printers that I need to print to via IPP behind a single public IP address - am I looking at multiple holes through a firewall to reach each individual printer?

I know many networked printers now support IPP - but the question is how secure is it?

Thanks.

Open in new window

0
Comment
Question by:lesterawilson3
2 Comments
 
LVL 1

Author Comment

by:lesterawilson3
ID: 20396769
Would ThinPrint be a viable solution to my problem?  I can still have the users connect via TS / RDP over the internet to run the web client and for printing.  
0
 
LVL 41

Accepted Solution

by:
noci earned 2000 total points
ID: 20477418
Cups is an IPP printing service.

So why not install a generic linux/freebsd with CUPS installed and access your printers from there. Then you might resolve printing problems also with using a generic printing model (PostScript) with translation only on the endpoint.

You can force it use HTTPS & certificates if needed.
0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let’s list some of the technologies that enable smooth teleworking. 
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question