Solved

Secure Internet Printing (IPP)

Posted on 2007-12-03
2
2,434 Views
Last Modified: 2013-12-15
Looking for a secure (HIPAA compliant) internet printing solution.  So far IPP seems to be the right solution, however I'm not finding a lot of information out there.

The scenario is this... folks at our client offices access our system via an HTTPS web client.  For printing we need to maintain a VPN tunnel to pass port 515 or 9100 traffic.  Looking to get out from having to maintain site-to-site or SSL-VPN tunnels.

The system we run only prints to printers using a UNC naming convention - \\server\print_share - so what i need to do is create a an IPP printer on the system, and share it in a UNC convention.  Downside is right now Windows won't let me share an IPP printer.  So I'm stuck with that dilemma at the moment and may have to find a print server that'll allow this to happen.

Assuming once I can get over that hurdle, then I need to be concerned with securing the print stream over the internet so that it's encrypted and secure to keep the HIPAA compliance folks happy.

To make life easier - I'm going to impose 1 or 2 printer models to our clients to keep support issues to a minimum.

I'm assuming the traffic will go out over port 631 - and they'll need to punch a hole in their firewall and NAT to the printer's IP address.  Finally - if I have multiple printers that I need to print to via IPP behind a single public IP address - am I looking at multiple holes through a firewall to reach each individual printer?

I know many networked printers now support IPP - but the question is how secure is it?

Thanks.

Open in new window

0
Comment
Question by:lesterawilson3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Author Comment

by:lesterawilson3
ID: 20396769
Would ThinPrint be a viable solution to my problem?  I can still have the users connect via TS / RDP over the internet to run the web client and for printing.  
0
 
LVL 40

Accepted Solution

by:
noci earned 500 total points
ID: 20477418
Cups is an IPP printing service.

So why not install a generic linux/freebsd with CUPS installed and access your printers from there. Then you might resolve printing problems also with using a generic printing model (PostScript) with translation only on the endpoint.

You can force it use HTTPS & certificates if needed.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Use packet tracer to verify anyconnect VPN 11 96
pvcreate issue 5 30
AnyConnect VPN endpoint authentication/validation 4 46
Shared files and folders migration 2 27
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question