Secure Internet Printing (IPP)

Looking for a secure (HIPAA compliant) internet printing solution.  So far IPP seems to be the right solution, however I'm not finding a lot of information out there.

The scenario is this... folks at our client offices access our system via an HTTPS web client.  For printing we need to maintain a VPN tunnel to pass port 515 or 9100 traffic.  Looking to get out from having to maintain site-to-site or SSL-VPN tunnels.

The system we run only prints to printers using a UNC naming convention - \\server\print_share - so what i need to do is create a an IPP printer on the system, and share it in a UNC convention.  Downside is right now Windows won't let me share an IPP printer.  So I'm stuck with that dilemma at the moment and may have to find a print server that'll allow this to happen.

Assuming once I can get over that hurdle, then I need to be concerned with securing the print stream over the internet so that it's encrypted and secure to keep the HIPAA compliance folks happy.

To make life easier - I'm going to impose 1 or 2 printer models to our clients to keep support issues to a minimum.

I'm assuming the traffic will go out over port 631 - and they'll need to punch a hole in their firewall and NAT to the printer's IP address.  Finally - if I have multiple printers that I need to print to via IPP behind a single public IP address - am I looking at multiple holes through a firewall to reach each individual printer?

I know many networked printers now support IPP - but the question is how secure is it?

Thanks.

Open in new window

LVL 1
lesterawilson3Asked:
Who is Participating?
 
nociConnect With a Mentor Software EngineerCommented:
Cups is an IPP printing service.

So why not install a generic linux/freebsd with CUPS installed and access your printers from there. Then you might resolve printing problems also with using a generic printing model (PostScript) with translation only on the endpoint.

You can force it use HTTPS & certificates if needed.
0
 
lesterawilson3Author Commented:
Would ThinPrint be a viable solution to my problem?  I can still have the users connect via TS / RDP over the internet to run the web client and for printing.  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.