Forcepoint Trusted Print Delivery
Providing Secure Printing, Adding Power to Cloud Solutions and Enabling Hardware Reduction
Click here to jump to more pricing!
Overview:
Printer consolidation not only saves hardware costs but also consumables and administration. Other benefits to printer consolidation include space savings, less networking, and improved asset management. Studies show that organizations can save up to 65% of their total printing costs through printer consolidation. Apply that thinking to organizations with multiple sensitive networks that have, to this point, required numerous printers at each sensitivity level.
Including Forcepoint Trusted Print Delivery provides a secure means to consolidate printers (generally to the more sensitive network) and allows these organizations to eliminate hundreds to thousands of printers and meet cost saving mandates.
Forcepoint Trusted Print Delivery
Forcepoint Trusted Print Delivery is a Commercial Off-The-Shelf (COTS), highly secure solution that allows users to print from existing applications at different security or sensitivity levels to a single printer located on the more sensitive (high side) network. Reducing printer hardware at individual security levels reduces capital investment, printer inventory, hardware maintenance/ supplies, and administration. Forcepoint Trusted Print Delivery leverages the widely deployed, accredited, and United States Unified Cross Domain Services Management Office (UCDSMO) Baseline listed, Forcepoint Trusted Gateway System as the secure transfer guard component. Forcepoint Trusted Gateway System ensures that malicious data is not transferred from low to high networks and that sensitive data is not inadvertently or intentionally transferred from high to low. In addition to the Forcepoint Trusted Gateway System transfer guard, Forcepoint Trusted Print Delivery utilizes two Print Adapters, Ingress and Egress.
The Ingress Adapter accepts print jobs from users and submits them to the guard for review. Once approved, the inspected print job is transferred to the Egress Adapter, which sends the print job to the physical printer. Submission of print jobs appears standard to the end user.
Forcepoint Trusted Print Delivery converts all print jobs to Portable Document Format (PDF) for inspection. The guard performs builtin manual and automatic validations (such as virus scanning, dirty word search, and deep content inspection) and sanitizes the document as appropriate, enabling safe document printability between different sensitivity levels. The guard inspects all content associated with each print job such as user name and job control information. As an added security feature Forcepoint Trusted Print Delivery enforces pre-defined limits on the size of print jobs, number of simultaneous print jobs, and number of copies before the submission to the guard. This review ensures that an attempted denialof-service (DoS) attack does not degrade legitimate use of Forcepoint Trusted Print Delivery. In addition, Forcepoint Trusted Print Delivery removes unrecognized or unsupported PCL commands present in the submitted Postscript file to eliminate potentially malicious printer commands (such as firmware updates).
Inspection and validation are transparent to the user as he or she prints from applications using familiar Windows print options. Print jobs that fail any of the configured security validations are rejected and printing of that job is halted. Other print jobs continue to be processed unaffected by the halted print job. Forcepoint Trusted Print Delivery print jobs are secured throughout the print process and end-toend auditing is recorded for administration and review. Robust auditing provides administrators with detailed logging and print delivery status for each print job.
Print job status notifications (i.e., low toner cartridge, paper tray empty, service errors) are also presented to the user through the Windows tray application delivered with Forcepoint Trusted Print Delivery or through a web page.
Ease of Administration
Forcepoint Trusted Print Delivery provides seamless interoperability with established print infrastructures. Minimal user desktop configuration is required and standard enterprise printers and drivers can be implemented. Banner and trailer pages are easily configurable to ensure that ownership and sensitivity levels are clearly identified (if required). Print status information is correlated across domains for a consolidated enterprisewide view.
Security
Communication between the Ingress Adapter and the guard is encrypted using Transport Layer Security (TLS) and authenticated using either username/ password or certificates. The communication between the guard and the Egress Adapter is encrypted using Secure File Transfer Program (SFTP) with username/password authentication. Individual user access to the multilevel printers can be restricted using existing Microsoft Active Directory permissions. In addition, the Ingress Adapter can restrict access by IP address/subnet through its Linux kernel firewall.
Certification and Accreditation (C&A)
Forcepoint Trusted Print Delivery utilizes the certified and accredited Forcepoint Trusted Gateway System as the transfer guard between Print Adapters to provide a secure multilevel boundary between different sensitivity levels. Forcepoint Trusted Gateway System is on the US UCDSMO Baseline list of approved cross domain solutions and is widely deployed in operational systems around the world. Forcepoint Trusted Gateway System is engineered to satisfy cross domain security requirements for the Top Secret/SCI and Below Interoperability (TSABI) and Secret and Below Interoperability (SABI) certification and accreditation processes.
Conclusion
Forcepoint Trusted Print Delivery enables secure printing in environments where multilevel printing is a requirement. When extraneous printers at multiple sensitivity levels are eliminated, organizations recognize significant savings from reduced hardware, space, power, support and supplies. The robust security provided by the certified and accredited Forcepoint Trusted Gateway System transfer guard ensures that users can safely print to high side printers from multiple security levels without the risk of transferring malicious data or transferring sensitive data from high to low networks. Forcepoint secure information sharing solutions are designed to enable secure access and transfer of sensitive information for government, intelligence community, civilian, and corporate entities in the US and around the globe, including 5 Eyes nations and NATO. Forcepoint secure information sharing solutions continue to strike the right balance between information protection and information sharing—a vital component to enterprise security.
Features and Benefits:
- Familiar print submission and print attributes
- Utilizes proven, certified and accredited Forcepoint Trusted Gateway System guard technology
- Reduces the number of printers required to support multilevel print environments
- Reduces space, power, support and consumables
- Increases security through protocol and print file conversions
- Improves asset management and productivity
- Extends investment in cloud printing strategies
- Reduces space, power, support and consumables
- Eliminates manually transferring content from low-side to high for printing. Enables direct and secure printing to the high side
- Increases security through protocol and print file conversions
- Uses familiar, user-friendly print submission and print attributes such as page orientation, stapling and duplexing
Advantage:
Provides enterprise administration:
- Seamless interoperability with established print infrastructures
- Configurable banner/trailer pages to ensure that ownership and sensitivity levels are clearly identified, as required
- Correlated status information across domains
- Minimal user desktop configuration, similar to any enterprise printer/driver implementation
Reduces the number of printers needed to support multilevel printing requirements
Leverages Forcepoint Trusted Gateway System guard technology for content inspection and security policy enforcement
- Exceptional built-in manual review and automatic validations
- Data inspections that include dirty word search, virus scanning, file type verification and deep content inspection
Deployments:
Forcepoint Trusted Print Delivery Architecture
Documentation:
Download the Forcepoint Trusted Print Delivery Datasheet (.PDF)
Pricing Notes:
- Pricing and product availability subject to change without notice.