Preview only show first 10 pages with watermark. For full document please download

Hotspot Security White Paper

Rating
Date

September 2018
Size

628.8KB
Views

8,271
Categories

Computers & electronics Networking Print servers

Transcript

HotSpot Enterprise Mobile Printing Solution Security Whitepaper August, 2012 © 2012, Ricoh Americas Corporation. All rights reserved. Ricoh® and the Ricoh logo are registered trademarks of Ricoh Company, Ltd. All other trademarks are the property of their respective owners. The content of this document, and the appearance, features and specifications of Ricoh products and services are subject to change from time to time without notice. The following terms are trademarks or registered trademarks of PrinterOn Corporation in Canada and other countries: PrinterOn, PrintWhere, PrintAnywhere, PrintSpots and PrinterOn Logotype and PrinterOn Signature. Products are shown with optional features. While care has been taken to ensure the accuracy of this information, Ricoh makes no representation or warranties about the accuracy, completeness or adequacy of the information contained herein, and shall not be liable for any errors or omissions in these materials. Actual results will vary depending upon use of the products and services, and the conditions and factors affecting performance. The only warranties for Ricoh products and services are as set forth in the express warranty statements accompanying them. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the Publisher. Documentation Revision 1: August, 2012 HotSpot Enterprise Table of Contents Introduction............................................................................................................................... 5 HotSpot Enterprise Overview .................................................................................................. 5 HotSpot Enterprise Architecture ............................................................................................. 6 Print Data Encryption .............................................................................................................. 6 Email Security ......................................................................................................................... 7 Recommended Message Routing Configuration..................................................................... 7 HotSpot Enterprise and the Global Printer Directory ............................................................. 8 Role of the Global Printer Directory ......................................................................................... 8 Security Considerations........................................................................................................... 9 What user identifying information is sent to the Global Printer Directory? ............................. 10 Authentication Options .......................................................................................................... 11 Authentication Using LDAP or Active Directory ..................................................................... 11 Authentication Using Access Control Lists ............................................................................ 11 Security Whitepaper 3 HotSpot Enterprise (This page intentionally left blank) Security Whitepaper 4 HotSpot Enterprise Introduction The purpose of this whitepaper is to address some of the most frequently posed security and system reliability questions for the HotSpot Enterprise Solution. It will include an overview of the system components and the user experience when printing using the service. HotSpot Enterprise Overview HotSpot Enterprise is designed to provide a high level of security by ensuring that documents are processed and managed within the network. All documents submitted to the server, and the print data generated by the server, are managed to ensure full control over how and where they are delivered on the network. By leveraging the strengths of PrinterOn’s Global Printer Directory (GPD), the HotSpot Enterprise Service retains the expected document security, yet also benefits by providing many capabilities traditionally offered in cloud-only solutions. When used as part of an on-premise HotSpot Enterprise Service, the Directory allows users to access private enterprise print services from nearly any network or device, with minimal configuration, while maintaining security and ensuring documents are only processed by the onpremise HotSpot Enterprise (PrinterOn) Server. Similarly the Directory allows the HotSpot Enterprise Service to deliver print jobs to printers distributed globally. There are four possible methods for submitting print jobs: Email – Users submit their print jobs by simply forwarding an email to a printer’s email address. This can be done from any computer or handheld device that supports email. The user will receive an email response with one or more release codes for the printed body of the email, and the email attachments. Emails sent from users can be received by a mailbox on the central email server or relayed to a dedicated email server to be processed for printing. The HotSpot Enterprise (PrinterOn) Server acts like a standard mail client communicating with the mail server, minimizing its impact on existing email servers. This also allows the HotSpot Enterprise (PrinterOn) Server to leverage trusted and proven third-party email security services such as TLS, virus and spam filters. Web Submission – Documents may also be submitted by visiting the HotSpot Enterprise web-printing portal. After authenticating, the user simply selects their desired printer and then browses for the document they would like to print. The web-printing portal is provided as part of Central Print Services (CPS) web services, which is installed as part of the HotSpot Enterprise (PrinterOn) Server. CPS may be configured to use SSL, providing additional security to users. Documents uploaded to the printing portal are then forwarded to the PrintAnywhere server, deployed within the enterprise network, to be printed. Mobile Applications – Users may also locate printers and submit print jobs using mobile applications. There are applications available from Ricoh for iOS, Android and BlackBerry. Documents submitted to the HotSpot Enterprise (PrinterOn) Server leverage CPS. By configuring CPS to use SSL, the mobile applications benefit from the same security as the standard web printing. Security Whitepaper 5 HotSpot Enterprise PrintWhere Desktop Print Driver – Users may also have the PrintWhere driver installed on Windowsbased PCs or laptops. The PrintWhere driver allows users to print using the standard [File] > [Print] workflow, yet allows users to access remote print locations deployed within the enterprise. In addition to simplifying configuration and providing remote access to printers, the PrintWhere driver provides additional security capabilities by first compressing and then encrypting print data on the user’s computer before being delivered to the print destination. HotSpot Enterprise Architecture To better understand the technology being leveraged for the HotSpot Enterprise Service, it is important to know that when users email or submit print requests through the web-printing portal, there is a service operating in the background to allow the printing function. This is completely seamless to the user. The diagram below provides a high level overview of the components that make up the HotSpot Enterprise Service. Both mobile application submission and web upload to the service use SSL encryption to deliver data securely to the print service. If email delivery is configured it will default to the security level enforced by the customer’s email domain. The PrintWhere driver leverages SSL for communication and also performs print data encryption locally on the user’s PC. Print Data Encryption To further ensure security of the data in the customer’s cloud, the service can be configured to leverage certificate technology to generate public/private key encryption of data while at rest in the cloud service. For example, when a user uploads a Word document through the web service (printing portal), the job is delivered to the PrintAnywhere application through secure SSL transmission. Once documents are received by the PrintAnywhere Server, they are converted to a printable form. The print data is then compressed and encrypted. The HotSpot Enterprise (PrinterOn) Server uses 128-bit AES encryption to encrypt print data. A unique AES encryption key is generated for every printed job processed by the HotSpot Enterprise (PrinterOn) Server. Every PDS instance also generates a unique Security Whitepaper 6 HotSpot Enterprise RSA key-pair with a 1024-bit public key and a 2048 private key. The AES key is encrypted using the RSA key-pair and is delivered alongside the print data to the PDS. In addition to encrypting the print data, communication between the HotSpot Enterprise (PrinterOn) Server and the PDS uses a secure SSL connection. This effectively creates two levels of encryption for every print job. Email Security The HotSpot Enterprise (PrinterOn) Server only performs the most basic validation of the email address and domain. It is typically the responsibility of the upstream email server and configured SPAM software to ensure the validity of the incoming email addresses prior to being delivered to the HotSpot Enterprise (PrinterOn) Server. The HotSpot Enterprise (PrinterOn) Server integration for email printing is one where the server simply acts as a mail client, much like Outlook or any other mail client. Like these clients, they assume the mail server is providing a level of security prior to delivering the messages. This approach allows the HotSpot Enterprise (PrinterOn) Server to be flexible, while leveraging existing SPAM or virus investments. Recommended Message Routing Configuration The PrintAnywhere Server monitors a single mailbox to receive and process email print requests. The following diagram illustrates a more complex, but recommended, deployment and configuration for supporting email printing within the organization. The goal of this deployment approach is to isolate email printing and the PrintAnywhere Server from the corporate mail server. Ricoh Professional Services can provide a number of deployment scenarios to assist in finding the right deployment for the organization. Security Whitepaper 7 HotSpot Enterprise HotSpot Enterprise and the Global Printer Directory By leveraging the strengths of the Global Printer Directory (GPD), HotSpot Enterprise retains the expected document security, yet also benefits by providing many capabilities traditionally offered in cloud-only solutions. When used as part of an on-premise HotSpot Enterprise solution, the GPD allows users to access private enterprise print services from nearly any network or device with minimal configuration, while maintaining security and ensuring documents are only processed by the on-premise HotSpot Enterprise (PrinterOn) Server. Similarly, the Directory allows the service to deliver print jobs to printers distributed globally. Role of the Global Printer Directory When the HotSpot Enterprise (PrinterOn) Server receives a print job, the server first contacts the Directory and provides the Printer Name sent along with the job. In many cases, the software provides the information to the server when a printer is selected using tools such as the web-printing portal. When printing via email, the user sends jobs to a mail server using the Printer Name to identify the destination. This process is considered the “Discovery” process. Much like searching for a printer, the server delivers the Printer Name to the Directory and the Directory provides a collection of configuration information for the printer. The information delivered to the server from the Directory is primarily information provided when the printer is added to the Directory. Security Whitepaper 8 HotSpot Enterprise By retrieving this basic configuration from the Directory, all the components of the service including central print server and remote print release servers may quickly and easily access the information without having to ensure that a print release station in one country has network access to a print rendering server in another country. This includes information such as: • Printer make and model − The appropriate driver (if required) to create printable data • Administrator-configured finishing options, including: − − − − Color settings Duplex options Available paper sizes Whether to generate a cover page with the job • Job pricing information (if configured) including: − Price per page and taxes − Currency to use • Additional service URLs required to integrate with a third-party authentication or authorization server • Alternate network locations used to deliver generated print data − This may include alternate network locations, if pushing print data directly to a release client or if a Print Delivery Hub proxy server is deployed. In the description above, we explored what information is returned from the Directory to facilitate printing. When the HotSpot Enterprise (PrinterOn) Server requests this information, some additional information is delivered to ensure that the appropriate details are returned for the installation, namely… • Serial number used to license the software • Version of the software communicating with the Directory • Operating system version the software is running on. This is required to ensure the proper configuration • • • • information is delivered to the server for the specific operating system. Printer Name for the print job Optional finishing settings selected by the user, including duplex and paper size options. These options may affect printer configuration information sent from the Directory. How a job was submitted to the server. This would indicate whether a job was received via email, mobile app or web upload. Some user-identifying information. When configuring the server, there is an option to disable communication of this information, if desired. Security Considerations When a job has finished printing, some information is sent to the Directory regarding the print job. In most cases the information delivered is about the final state of the job, such as whether it succeeded or not. Other information about a print job, and its specific details, may be minimized as a configurable option within the software, By allowing some job information to be delivered to the Directory, the Directory may be used to assist in isolating network or software configuration issues in remote locations, without having to manually access a component that may be difficult to access. Security Whitepaper 9 HotSpot Enterprise Note: Network Requirements DNS and network routing must be set up to allow the HotSpot Enterprise (PrinterOn) Server to communicate with the following addresses: • http://www.printeron.net • https://secure1.printeron.net • https://secure2.printeron.net Outgoing Internet communication on TCP ports 80, 443 must be permitted, along with the responses that are returned. Ports 443, 631 and 9100 may be required for internal network communications, as well, and should be considered in proxy environments. Neither the contents of the printed documents, nor any subset of the contents of the printed documents are ever delivered to the Directory. Documents and their contents are securely maintained within the network. The base information supplied for a job is very similar to the information indicated in the previous section. In addition to this information, the server may be optionally set to deliver the following information: • • • • • • Email address or username of the user who submitted the job (if supplied) Name of the software used to submit the print job, if it’s a third-party mobile application Name of the printed document Format of the printed document (e.g., Word or PDF) Number of pages printed for the document Application used to process the document Note: To configure whether the information (above) is delivered to the Directory, a simple configuration option is available. What user identifying information is sent to the Global Printer Directory? As in the previous section, it is important to note that the software may be easily configured to not send any user identifying information to the Global Printer Directory. It is possible to provide user authentication and control for the HotSpot Enterprise Service using Access Control Lists (ACLs). When using ACLs, HotSpot Enterprise provides authentication in the Directory and, as a result, some user information must be delivered to facilitate this authentication. If the installation is not using ACLs, it is possible to disable all user information from being delivered to the Directory. User information that may be sent to the Directory includes: • User’s email address (if supplied) • User’s password (if using ACLs for authentication) • The name of the mobile application used to submit the print job to the server • The version of the mobile application used to submit the print job to the server Note: To configure whether the information (above) is delivered to the Directory, a simple configuration option is available. Security Whitepaper 10 HotSpot Enterprise Authentication Options The HotSpot Enterprise Service provides a number of authentication options, for example, integration with existing LDAP or Active Directory authentication services. Although it is outside the scope of this document, the HotSpot Enterprise (PrinterOn) Server is a flexible and modular system that can be adapted to specific requirements through the use of authentication APIs available for the service. Authentication Using LDAP or Active Directory HotSpot Enterprise can use existing LDAP or Active Directory configurations to authenticate users when printing. Authentication services are managed centrally by the Central Print Services (CPS). CPS is configured to communicate with an existing LDAP or AD server and authenticate users accessing the print services, providing a central location for integrating all print methods. This approach allows print jobs to be associated with a user’s existing network login name. This allows HotSpot Enterprise to be easily integrated with other print management and auditing services that may be deployed in the organization. • Web Submission – Before accessing the web-printing services, users are prompted to enter the LDAP/AD credentials. CPS validates the credentials using the configured settings, before allowing the user to continue. • Email – There are two options to authenticate or authorize email print users. Both allow email print jobs to be tracked by third-party print management solutions. The service may be configured to respond to print jobs with an email containing a link to an authentication web page. Before allowing a job to proceed, the user must access the page and authenticate, i.e., enter log-in credentials. The authentication web page is provided by CPS and uses the existing LDAP/AD configuration to authenticate users. Another option allows the HotSpot Enterprise (PrinterOn) Server to “look up” a user’s network identifier based on the user’s email address. The server will use the existing LDAP/AD configuration to locate a user based on their email address. The user’s network login will be returned by the server and included with print jobs. • Mobile Applications – The HotSpot Enterprise mobile applications are able to leverage the same LDAP/AD services as other users. The user will be authenticated prior to submitting their print jobs. The user account name will be used as the network login included with print jobs. • PrintWhere Desktop Print Driver – Users printing using the PrintWhere driver will automatically be presented with an authentication page for their print jobs. Prior to completing the print request the user will authenticate themselves against the LDAP/AD server using CPS as the intermediary. Authentication Using Access Control Lists As an alternative to LDAP/AD authentication, it is possible to add unique Access Control Lists (ACLs) to each HotSpot Enterprise-enabled printer. Email domains (for email printing only) or individual users can be added using a registered email address. Users may discover and use printing services, as described above, without the need for an external authentication service. Security Whitepaper 11 www.ricoh-usa.com Ricoh Americas Corporation, Five Dedrick Place, West Caldwell, NJ 07006, 1-800-63RICOH Ricoh and the Ricoh Logo are registered trademarks of Ricoh Company, Ltd. All other trademarks are the property of their respective owners. The content of this document, and the appearance, features and specifications of Ricoh products and services are subject to change from time to time without notice. Products are shown with optional features. While care has been taken to ensure the accuracy of this information, Ricoh makes no representation or warranties about the accuracy, completeness or adequacy of the information contained herein, and shall not be liable for any errors or omissions in these materials. Actual results will vary depending upon use of the products and services, and the conditions and factors affecting performance. The only warranties for Ricoh products and services are as set forth in the express warranty statements accompanying them. ®

Hotspot Security White Paper

Rating

Date

Size

Views

Categories

Share

Transcript

Forgot your password?.