New network strategies pose printing challenges
In the past, users accessed network printers via onsite network login credentials and Virtual Private Network (VPN) software. However, new network security measures and more reliance on remote workers and contractors have led to the prevalent use of Zero Trust Network Access. With Zero Trust, even regular full-time employees can reside on different networks from data servers and printers.
PrinterLogic offers new functionality that addresses the IT challenges resulting from these changes. The company’s new Off-Network Printing feature, available now on its SaaS and Virtual Appliance platforms, lets you keep printers on your most secure networks while allowing all workers to print—no matter what network they’re on. This makes printing easier for contractors, BYOD guests, and affiliate partners without resorting to VPNs or web portals.
How Off-Network Printing works
Off-Network Printing allows end users to print documents to printers located inside corporate networks and firewalls without having direct access to the network where printers reside. PrinterLogic lets these users authenticate and make a connection from outside the corporate firewall to internal printer assets. IT admins can isolate a network where printers reside, but where employees, contractors, and guests cannot join for security reasons.
There are two components in the solution: The external gateway and the internal routing service, which can be configured in several different ways, depending on the customer’s needs.
The external gateway
Typically, PrinterLogic sends print jobs via direct IP over TCP port 9100 to a printer on the same network. When configured for Off-Network Printing, PrinterLogic transmits the print job (encrypted over HTTPS port 443) over the Internet using an external gateway, where it’s then routed to a printer behind the organization’s firewall.
The internal routing service
We complete the Off-Network Printing circuit by configuring an internal routing service. This service consists of at least one computer collocated on the network where the printer resides. It’s behind the organization’s firewall and is connected over HTTPS port 443 to the PrinterLogic-hosted gateway in the cloud. Multiple internal routing services offer failover protection and load-balancing for incoming print jobs. Print jobs originating at the end user’s workstation are routed immediately and are never at rest.
All print job rendering and spooling occur on the end user workstation using a native print driver. Thus, PrinterLogic works with any kind of networked printer—laser, inkjet, large format, label printer—from any printer manufacturer. There’s no need to accept compromised universal printer drivers or rely on PDF conversion. Users get the output quality and complete printing feature set available on that device.
Is Off-Network Printing secure?
You might ask: How can this be secure? The PrinterLogic instance is a SaaS application hosted in Amazon Web Services (AWS). IT managers still control the deployment of printer objects to workstations, users, security groups, or network segments. They also control whether or not users can print via direct IP or over HTTPS.
PrinterLogic’s Secure Release Printing is available for organizations that want even more protection for confidential data. With secure release, the user initiates a print job and then releases it only when they are physically standing by the printer. They identify themselves by swiping a badge, entering a PIN code, or even using a release app on their phone.
The IT manager configures secure printing in the PrinterLogic management portal. Cloud identity and access providers are supported (e.g., Azure AD, Okta, Google Admin, and more).
Competing solutions are often more complex and costly because they depend on an on-premises print server infrastructure or even a cloud-hosted print server. PrinterLogic offers an enterprise-class, completely serverless secure network printing solution that works in any location, for any user workstation, and with any sort of networked printer.
Typical use cases for Off-Network Printing
There are at least four use cases for Off-Network Printing:
- Organizations that are adopting Zero Trust and using a suite of SaaS applications or IaaS desktop environments. Employees can access apps and resources but not the underlying network. When it comes time to print, IT needs a solution that maintains network security while meeting its employees’ printing needs.
- Employees who are working remotely. Employees use a company-managed workstation or laptop at their home office, but their workflow still requires printing at the main office for distribution or editing.
- Organizations that employ onsite contractors. These workers come to the office but aren’t allowed on the corporate network where printers reside. Rather, they are allowed on a guest network with limited access. Even still, they need access to the company’s printers to complete their work.
- Business-affiliate printing. A nurse employed by a hospital’s affiliate clinic needs to print a prescription using the hospital’s medical records (EMR) software. The clinic is an independent business and is not connected to the hospital’s secure network.
As the ranks of remote workers grow along with the demand for remote printing, PrinterLogic’s Off-Network Printing lets you maintain tight, Zero-Trust security while ensuring convenient access to company MFPs. For more details on configurations and scenarios, check out our white paper, or better yet, hop over to our website where you can set up a demo.