Celiveo 365 extension to Universal Print is available today
Published Oct 20 2022 05:30 AM 3,026 Views
Brass Contributor

Universal Print is a great solution, and it makes printing more accessible and compatible with the rise of virtual desktops such as Windows 365 and Azure Virtual Desktops.

Universal Print is an extensible platform. So Celiveo set out to complement it by extending security to the documents, not just the transport. Next, we added easy management of large printer fleets. Introduced pull print with card reader support. And finally, tracking and reporting all printers and multi-functional printers (MFP) activity. In a nutshell, we thought it was necessary to provide the same print management features most companies are already using but with a very critical difference:

Security is a high priority for our customers, which is not different when moving print to the cloud.

We have been working for more than two years on Celiveo 365, starting with a by-the-book Zero-Trust-Access architecture, then adding print management capabilities based on the feedback of some of our largest customers. Some of these clients manage over 5000 printers today and would like to move to the cloud.

Here are the main requests and how Celiveo 365 solves them:

Request

Why?

How this is covered by Celiveo 365

Deep integration with Universal Print and Azure Active Directory

Reduce TCO, ease deployment and security

Celiveo 365 acts as a plugin for Universal Print, adding advanced capabilities. Printers and the Celiveo portal leverage all their access rights directly from Azure AD and use security groups. The Celiveo web portal allows the creation of Universal Print pull-print queues in a few clicks with all features.

A proper cloud solution, no PC, server, or gateway.

There is no point in moving to the cloud if that requires an on-premises PC, server, Virtual Machine, or gateway service, including installation, maintenance, protection, backup, and management.

Celiveo is a company that has been developing printer-embedded firmware since 1994, and this is our expertise. We have designed and developed embedded agents that run on most common printer brands and speak directly to Universal Print and Azure; no intermediate PC is needed. It is then possible to benefit from enterprise-class print management with only the employee's Windows 10/11 PC, the printers, Universal Print, and Celiveo 365.

High security for documents and printers with security that is not based on login-password or secret keys.

Moving to the cloud means documents flow over the Internet and in Microsoft cloud data centers that can be anywhere. Passwords and keys are vulnerable and heavily targeted by hackers.

First, we have banned passwords and security keys from Celiveo 365 to propose the only cloud-compatible security, Zero-Trust Access, based on chains of ECC P365 certificates. Those certificates allow TLS mutual authentication between any node: printer, cloud, and PC and are verified even before any data is exchanged. Each node analyzes communication to detect oddities that indicate potential hacks.

In addition, we apply the strongest authorized AES encryption to print jobs received by Universal Print, using PKI technology and keys specific to each Azure AD user.

High Availability

If there is no Internet access, end-users need to be able to authenticate on MFP to make copies and send faxes.

High availability is standard in Celiveo 365 as the user information, including the card number hash, is automatically in a secure cache inside the printers. If Internet access fails, users can still authenticate with granular access control applied, and their actions are tracked and reported when Internet access is restored.

Provide service from multiple Azure regional data centers.

There are two reasons for this request: compliance with data protection regulations and performance.

As of August 2022, Celiveo 365 is available in US, EU, and Singapore Azure data centers, with more locations coming soon.

User authentication on printers but not just for printing.

MFP can also make copies, scan, and fax. Security and cost control requires access control that's also used for pull-print.

Celiveo 365 adds multiple authentication technologies on printers to Universal Print: PIN code (4 to 10 digits), AlphaPIN (those codes used for airline bookings, 4 to 10 characters), and contactless cards (supporting all possible standards). Smartphones will follow soon. Authentication rules link the access to MFP functionality to Azure AD security groups to ensure the highest granularity possible.

Self-service card enrollment into Azure AD.

End-users should be able to enroll their card easily with Azure AD but with the highest security

With Celiveo 365, end-users that show an unknown card on the printer or MFP card reader are prompted for their Microsoft 365 credentials on the printer screen. Upon valid identification, they only need to show that card to authenticate for any printer feature, and on any printer across the organization, not just the one where they enrolled.

Pull Print

Users may not want to print pages immediately but may want to collect them when they have time.

Celiveo 365 allows the creation of pull-print queues in Universal Print with just a few mouse clicks. They are directly available in Windows 10 and Windows 11 without having to install any client software. Documents can then be released upon authentication on the printer.

Provide print rules linked to Azure AD security groups

Control of cost requires limits to who can do what on printers and MFPs.

Thanks to its deep integration with Azure AD, Celiveo 365 knows who uses the printer or MFP, their security groups, and their department. With a few mouse clicks, the administrator can restrict access to color, copy, email, scan, and fax as needed and with full granularity.

Track and report on printer activity

Being able to bill back the cost of print, copy, scanning, and faxing to departments is key to reasonable cost control.

Celiveo 365 tracks all the activities on the printers, from the number of pages to the use of color or black and white, toner saving mode, number of copies, duplex or simplex, user information, and document names. This data can be exported in addition to the reports available on the Celiveo 365 portal.

A user-friendly portal

The learning curve should be low.

Celiveo 365 can automatically discover, add and manage thousands of printers per organization. Yet, it is easy to use and features a data-mining interface, dynamic views, controlled delegation of administration with a partial fleet view, floor maps to find printers with on-site photos, etc. Moreover, the portal handles the automatic addition of printers into Universal Print for pull-print.

Mobile print

Print from anywhere using any device.

Celiveo allows printing from Windows 10, 11, Chrome Enterprise Chromebooks (with Zero Trust Access security), iOS and Android tablets, and smartphones for users on the road.

Home office printing

Many team members work from home a few days a week and must use their home printers.

Celiveo 365 extends office printing by including its smart home office printing solution secured with Microsoft SSO. In addition, it supports any AirPrint/IPP printer (99.6% of printers) through Wifi.

The Celiveo 365 intelligent agent running inside the printer includes the intelligence to speak directly with Universal Print and Azure and receive print jobs with the highest security.

As of August 2022, it is available for all the HP FutureSmart printers, generation FS3 to FS5.

Support for other brands is already underway, with Lexmark, Ricoh, Xerox, FujiFilm printers, and MFPs not far from release.

We have had a request to support printers that can't load intelligent agents, also called passive printers. We agree it is vital to protect the customers' investments, and it can add innovative features. This functionality released in September 2022 under Celiveo 365 Universal Printer Endpoint. It provides a very effective way to support virtually any printer in an organization, with user authentication at the printer, high availability, redundancy, monitoring, and scalability, all with ultimate Zero-Trust-Access security.

Learn more at https://celiveo.com/celiveo-for-universal-print-by-microsoft/and don't hesitate to contact me if you have any questions or requests for advanced features!

Co-Authors
Version history
Last update:
‎Jan 27 2023 03:35 PM
Updated by: