Introduction
PrinterLogic completely eliminates your print servers, delivers centralized print management, and empowers end users to install their own printers with a single click. In addition, the platform solves the most prominent pain points in print management by:
- Eliminating print job-related WAN traffic
- Removing script- and GPO-based printer deployments
- Streamlining printer driver management
- Reducing infrastructure to drive Zero Trust adoption
- Integrating with popular IdPs to authenticate end users
- Delivering powerful reporting and auditing features
- Simplifying printing in virtual environments (Citrix, VMware, IGEL, and more)
- Enabling users to print securely with mobile devices
Eliminating Print Servers
PrinterLogic’s centralized, cloud-native platform eliminates the need for print servers, simplifying print management, reducing infrastructure, and lowering costs. This white paper discusses the background of traditional print management, server drawbacks, PrinterLogic implementation, PrinterLogic features, and the benefits of using PrinterLogic to streamline print management and enhance the end user experience.
Background of Traditional Print Management
In a typical print environment, admins implement and provision print servers to service the printers on the network. IT organizations traditionally use three types of print management models: centralized, distributed, and direct IP.
In a centralized model, a print server sits in the data center and services every network printer in the enterprise. The name, printer driver, and configuration of each printer are used by the print server to distribute printers to end users. To deploy printers to end users, admins create Group Policy Objects (GPOs) to define who gets the printer and how it is configured.
Figure 1: Centralized and distributed print servers as well as unmanaged direct IP are the three basic models used to manage printing for multiple sites.
An end user initiates a print job from a workstation. This sends it to the print server, where it is spooled, rendered, and sent to the network printer. If the end user is in a branch office, print jobs will travel both to and from the datacenter, creating additional WAN traffic. In addition, when the server goes down, the entire organization can no longer print.
To alleviate WAN traffic, some IT departments implement a distributed model in which print servers are placed at each location. Distributed print environments still suffer from the single points of failure that are constituent of the print server architecture, but these now tend to be more isolated to individual branch disruptions. Likewise, distributed environments also require complex scripting and GPOs to manage and deploy printers to end user devices.
One way to overcome the disadvantages of print server architecture is through a direct IP model. This model eliminates the need for print servers because it creates a direct connection between the workstations and the printers. However, this model lacks many of the deployment and management features of a print server.
In the direct IP model, an IT staff member configures each workstation to print to the network printer by manually associating the two devices. To manage printers, IT maintains a spreadsheet that contains printer names, IP addresses, physical locations, and printer driver file locations. Although this model eliminates the single points of failure, WAN traffic, and GPOs, it introduces a myraid of management challenges. Inevitably this model will generate additional calls to the helpdesk every time an end user wants to install a new printer.
The Drawbacks of Print Servers
Historically, print servers were designed to provide self-service printing, GPO-based deployments, centralized print management, a printer driver repository, print security, and queue management. Each of these features was designed to address the problems IT departments faced when managing and deploying printers to end users.
Print servers were initially a good idea. However, modern IT environments have found that they require additional management, create risk through a single point of failure, complicate printer deployments, consume IT resources, increase helpdesk tickets, and drive up costs. These problems are outlined in detail below.
Costs
Each print server at every site requires hardware procurement and licensing, cooling, power, physical security, management, maintenance, upgrades, virus scans, and so on. The average cost per print server is between $2,000 to $5,000 USD per year. Secondary costs come in the form of print-related helpdesk tickets which account for up to 50% of an IT team’s workload.
Risk From a Single Point of Failure
If a print server crashes, no one can print. This results in lower productivity by end users, directly impacting costs in an organization. Clustered print servers do not crash as often, but the trade-off for the high availability of clustered print servers is higher costs for hardware, licensing, management, power, and maintenance. Distributed environments offer multiple points of failure, however, employing more servers compromises resources and requires admins to relinquish centralized management and control.
Scripting and GPO Management Overhead
Managing scripts and GPOs to deploy printers to users can consume significant IT staff time and resources. Often even the simplest of tasks, such as changing a printer’s name or replacing a printer with a new model and printer driver requires a script. Scripts can get complicated and are often difficult to create and troubleshoot. GPOs require elevated permissions to manage, slow user logon times, and cause deployment and printing problems due to their hierarchical nature.
Security Concerns
Windows Print Spooler vulnerabilities like PrintNightmare created security concerns for organizations. Attackers who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges and gain access to a company’s network. This gave attackers access to critical information stored in the print queue, created constant issues for admins, and required workarounds that may have left their networks vulnerable.
Along with server-related vulnerabilities, printers in general have become a priority target for hackers as their printer caches store valuable personal information. If left unprotected, print data is at risk of being intercepted by cyber criminals. Other significant threats to print data include internal document theft caused by leaving documents unsecure in the print tray and hybrid workers printing to unsecure off-network printers in their home offices.
Low Visibility Into Print Activity
In distributed print environments with multiple sites, printer support becomes a constant drain on IT resources. It is difficult to track costs, audit print jobs, and identify printer issues in real time that impact an organization’s bottom line. Without centralized control, IT is unable to gather vital data on the micro (e.g., individual print jobs, toner levels) and macro (e.g., departmental trends, consolidation guidance) levels to make informed decisions about consumables, company wide printing behavior, and cost-saving initiatives.
Excessive Helpdesk Tickets
Unless IT has the necessary protection in place, spooler crashes in print environments are inevitable. Depending on which management model is in place, server crashes can impact a single location or a whole organization, which means IT must put aside their current strategic initiatives and scramble to address printer-related tickets to resolve issues.
Configuring and managing policies introduces more challenges to IT teams. Policies can be difficult to manage and, when set up incorrectly, users don’t get access to the printers they need and end up calling the helpdesk. In addition, mobile employees moving between departments and office locations require access to nearby printers to maintain productivity. In many cases, users aren’t able to install printers and resort to soliciting dedicated IT support.
Management Headaches
Print servers require operating system upgrades, patches, security, virus scanning, and so on. All of which take time and money to carry out. Print server management requirements can be painful in many different ways:
- Difficult driver updates: If you have 40 sites, you have 40 print servers. Each time a manufacturer releases a new printer driver that solves some problem you are experiencing, you must update the driver on all 40 print servers. Rolling back problematic driver updates can be even more time-consuming.
- Complicated caveats: Another troublesome situation is when you need to support a 32-bit workstation with a 64-bit print server, but the manufacturer does not provide a model-specific, 64-bit driver. In this case, the only solution is to use a 32-bit universal driver with the exact same name as the 64-bit universal driver, and then force all 32-bit workstation users to change to the newly named driver. If left unresolved, the printer may not be recognized, print jobs may fail to complete, or the workstation may crash.
- Driver conflicts: Printer drivers do not always coexist gracefully. Just to keep drivers from conflicting, IT sometimes creates individual print servers for each printer manufacturer, such as a model-specific driver print server, a universal driver print server, another model-specific print server, a driver test print server, and so on. Otherwise, printer drivers can conflict and crash the print server.
Traditional print server architecture suffers from all these pain points, costs, and complications. Conventional direct IP printing introduces other problems, including a lack of oversight and constant helpdesk calls to install printers. An ideal scenario would be to combine the simplicity of direct IP printing with the management features of a centralized print server.
PrinterLogic provides the best of both worlds on a secure, cloud-native platform. PrinterLogic’s next-generation print management software migrates your entire print environment to centrally managed direct IP printing, empowering you to manage all users and devices from a single console and eliminating the need for print servers.
The Solution: Eliminate Your Print Servers With PrinterLogic
PrinterLogic is designed to support organizations of all sizes in a streamlined, efficient way. There are three quick steps to installing PrinterLogic’s application and eliminating your print servers.
1. Install the Application
IT staff use the PrinterLogic installation package to automatically install the IIS role, PrinterLogic web application, and database on a virtual or physical Windows Server 2008 R2 (or newer) at your organization’s data center or HQ.
2. Import Printers
IT staff use a web browser to access the PrinterLogic Admin Console and import printer objects and associated drivers from existing print servers via Active Directory. During the import process, all of the existing printer drivers, port settings, device settings, and preferences are copied from the print servers into the PrinterLogic application without changes. From then on, IT staff can use the PrinterLogic Admin Console to create and manage printer objects.
3. Install the Client
IT staff use a small MSI, PKG, or DEB file to deploy the PrinterLogic Client silently to all workstations. Once installed, the Client silently converts all existing printers that were connected to print servers into centrally managed direct IP printers that print to a physical printer. All print jobs are queued on users’ individual workstations and sent directly to a selected network printer. Customized printer settings that were configured on the printer, such as the default printer setting or duplex and paper tray configurations, remain intact through the conversion.
After this step is complete, you can eliminate your print server(s) and users continue printing without any problems as shown in Figure 2. From then on, you can use the PrinterLogic Admin Console to centrally manage printers without any print servers, group policies, or scripts.
Figure 2: PrinterLogic enables centralized, direct IP print management and keeps all print jobs on the local network by sending every print job directly to the printer.
The PrinterLogic software consists of three main components:
The PrinterLogic Admin Console
The PrinterLogic Self-Service Installation Portal
The PrinterLogic Client
The PrinterLogic Admin Console
his web-based console enables IT to manage all printers in their entire organization from a single user interface. On the left, the Admin screen presents a tree view of your organization that you can organize by country, state or region, building, and floor number and select any particular printer in your fleet (see Figure 3).
On the right, you can enter or edit any attributes for that specific printer.
For example, under the General tab, you can enter or edit the printer name, location, add a comment, view the direct URL to the driver install, check to indicate a color printer, or check to hide that printer from the PrinterLogic Portal so that no end users can see it. You can use the Port, Drivers/Profiles, Deploy, and Security tabs to configure and manage many other printer settings.
You can also perform many additional print management functions as explained in this document. This screen can also be used to add, edit, and delete printers.
Add printers: With PrinterLogic, creating a printer is as simple as it should be. Select the folder for the desired location to add a printer, then create the new printer.
Edit printers: Printer object attributes can be modified quickly and easily by selecting a printer in the tree and then changing the desired attribute(s). Any changes made are automatically applied to that printer on all workstations.
Delete printers: When deleting a printer, that printer is automatically removed from all end user workstations.
Figure 3: Admins can view all their networked printers and manage printer settings in the PrinterLogic Admin Console.
Self-Service Installation Portal
The PrinterLogic Self-Service Installation Portal empowers end users to quickly find and install printers without relying on the helpdesk for assistance.
For example, when an end user travels to a remote office where they need to print, they almost always end up calling the helpdesk for support. Users seldom know all the information required by the native Windows Add Printer dialog, such as the printer type (network or local), printer name, and print server name hosting the printer, let alone where the printer is located.
If the helpdesk is not available immediately, the user can be blocked from completing a vital task. For example, printing out a proposal, contract, or letter to be signed at a meeting can be critical to the organization. Not being able to print cuts into productivity and causes critical business processes to come to a standstill, leaving end users frustrated and resulting in immediate helpdesk calls.
PrinterLogic solves this problem by providing a web-based portal that enables end users to quickly find and install printers with just a few clicks. This significantly reduces printer-related helpdesk costs, and boosts productivity by empowering end users.
An end user can access the portal at any time by clicking the PrinterLogic icon in the system tray, typing the URL directly into their default browser (printers.domain.com), or clicking a link on the company intranet site.
PrinterLogic’s Self-Service Installation Portal displays optional floor plan maps that can be easily uploaded. Hovering the cursor over any printer on the floor plan shows that printer’s name, model, location, and an optional field for comments. Users are able to identify color and greyscale printers based on the printer icons. The end user simply clicks any printer icon to install it. If a floor plan map hasn’t been uploaded to the portal, printers are also displayed in a clickable list.
Figure 4: PrinterLogic’s Self-Service Installation Portal offers a comprehensive floor plan map to help end users identify and install the nearest printer.
PrinterLogic Client
The PrinterLogic Client is a software agent that is deployed to end user Windows, Macintosh, or Linux workstations using the provided MSI, PKG, or DEB installation packages. The Client runs in the background as a service to automatically perform print management tasks without any user intervention and allows for self installation, without the end user requiring elevated privileges. These tasks include installing a printer, updating a printer driver, etc.
Admin Console
You can manage your entire organization’s printers from a single Admin Console, regardless of whether you use domains or no domains. Any changes made to a printer object are automatically applied to that printer on all workstations.
For example, if you change a printer’s name in the Admin Console, the Client will change that printer’s name on all your user workstations. You can use the same screen to add, edit, and delete printers that will disseminate through the organization and update all workstations.
Self-Service Installation Portal
Here are some of the added benefits of the PrinterLogic Self-Service Installation Portal:
Auto-locate: When a user visits the portal, their current location is automatically selected based on their IP address, so they can simply click the desired printer to install it.
Floor plans: Optional floor plan maps make it even easier for a user to find and install the nearest printer, especially when they are constantly on the go.
Search: Users can enter a partial printer name and see the location of any matching printers. When users select a printer from the list, they are taken to the right folder with the printer selected. They can simply click a prompt to begin the installation.
Customization: You can change the portal header to show your company logo and any instructions or comments in the local language, based on the end user’s location.
Security: With Active Directory integration, you can hide or show the tree folders or printers according to the user’s group, OU, or even IP address range.
Single enterprise portal: Whether you have one corporate domain, many disparate domains without trusts, or no domains at all, all users can still securely access the web portal and see the printers that they have the rights to install.
Fewer helpdesk calls: Whether a user is in Los Angeles or London, and no matter where they roam throughout the enterprise, they can simply click the PrinterLogic icon in the system tray (or a link in the company intranet) and the portal opens to their current location. Then they can install the nearest printer without calling the helpdesk or waiting for a ticket to be filled.
Citrix and VMware support: End users can access the PrinterLogic Portal in Citrix and VMware Horizon View sessions so they can quickly find and install the nearest printer.
End-to-End Print Security
PrinterLogic helps your organization implement Zero Trust into your print environment via seamless integrations with popular IdPs such as Okta, Azure AD, and Ping to authenticate all users before they print. This not only safeguards your data, but keeps external threats out of your network by barring access to printers in your environment.
Additionally, you can defend against document theft or forgotten documents in the print tray by having users release their print jobs at the printer with PrinterLogic’s Secure Release Printing feature. Users can simply print to the printer of their choice, and authenticate at the printer via QR code, mobile application, badge reader, web browser, or control panel application to release the print job.
For hybrid and remote environments, PrinterLogic removes the need for VPNs and empowers users to send print jobs to any printer on your local network from anywhere. Using Off-Network Printing, end users can securely print from their hybrid workstation. All print jobs are encrypted via TLS 1.2 and sent over HTTPS to the External Gateway using port 443, and remain encrypted behind the company firewall. Users can either pick up the print job later when they arrive at the office or collaborate with a colleague to ensure the document is retrieved.
Along with keeping all print jobs on the local network and authenticating users before they print, PrinterLogic’s cloud-native platform removes the need for manual security patch installations by automatically rolling out security updates to your environment to pre-empt possible exploits and close existing loopholes.
PrinterLogic continually monitors and modifies its security posture to ensure your data is protected as an ISO 27001:2013 certified solution. ISO certification encompasses the protection of all kinds of confidential and sensitive data and helps organizations satisfy their unique business, legal, and regulatory requirements.
Mass Printer Edit/Create/Management
Enterprise customers with larger environments can benefit from the mass edit feature provided in the PrinterLogic Admin Console. Authorized IT admins can see all printers and attributes at the same time and use find-and-replace to make numerous changes to printer objects, deployment assignments, drivers, and so on. The same feature enables authorized admins to quickly create, modify, or delete hundreds or even thousands of printers at a time.
Advanced Printer Deployments
PrinterLogic eliminates the need for time-consuming Group Policy Objects (GPOs) or scripts to deploy printers to end users. Instead of giving rights to IT staff to manage group policies—with the risk that they could make drastic non-printer-related changes—use the Admin Console to safely empower IT staff to manage printer deployments.
Here are some of the added benefits of using PrinterLogic’s built-in printer deployment feature, instead of GPOs and scripts:
Active Directory integration: With PrinterLogic’s web-based GUI, you can easily deploy printers to Active Directory users, computers, groups, containers, OUs, or even IP address ranges. PrinterLogic shows you all printers with all deployment assignments, so you can make mass changes as easily as individual deployment changes.
No GPO rights required: You can enable any IT staff—including helpdesk personnel—to add and remove printer deployment assignments, without having any rights to GPOs, scripts, or print servers.
Desktop and thin client support: You can deploy printers to Windows, Mac, and Linux desktops, and thin clients such as Citrix, VMware, and IGEL.
Write filter for thin client support: PrinterLogic can disable any write filters (either enhanced or file-based), install the required printer(s), and then re-enable the write filter.
Proximity printing/location-based printing: PrinterLogic enables you to add printers to a workstation according to the workstation’s IP address, name, or even Active Directory computer, group, or OU membership. This provides a simple way to provision the nearest printers to any user accessing that workstation.
Faster logins: With group policies or scripts, whenever a printer is installed during logon, the logon process is delayed, often for several minutes. With PrinterLogic, any required printer installation begins after the user’s login is complete and the desktop is available. That way, the user can begin working immediately, while the printer is installed in the background.
Advanced default printer options: You can set a default printer either the first time that printer is installed, every time the user logs on, or by the user’s current location. To achieve this without PrinterLogic would require time-consuming custom scripting by someone with advanced programming experience. With PrinterLogic, all it takes is the click of a checkbox.
Orphan printer removal: You can remove printers from workstations as easily as you deploy them within the PrinterLogic Portal. Simply remove the deployment assignment and the printer will be automatically removed from all workstations where it was installed. No more slowdowns caused by orphaned printers trying to connect to printer shares that don’t exist.
Printer Driver Management
You can use the Admin Console to change the selected driver for any printer. If the driver you want is not in the drop-down list, you can upload it to the database to make it available. The PrinterLogic Client will then update all installed printers to use the new driver.
To replace a driver so that all printers use the new driver, you simply go to the driver repository and replace the old driver with the new driver. In traditional print environments, you would have to install the driver on each print server, and then change the driver for each printer on every print server. PrinterLogic allows you to update the driver in a single location.
Printer Driver Profile Management
You can use the printer driver profile to configure driver settings such as DPI, duplexing, paper size, paper source, paper trays, and so on. Since PrinterLogic displays the actual driver’s interface, you can configure all the settings provided by the driver.
You can also configure the profile to apply each time a user logs on or even after each print job is printed. For example, suppose a company has a paper-saving policy so that all print jobs must be printed double-sided (duplexed). If a user manually disables duplex printing for a one-sided job like labels, the duplex profile is automatically reapplied to the next print job.
Port Management and Redirection
If any printer has a hardware problem, causing a need to redirect all its print jobs to a similar printer, you can use PrinterLogic to make a single port redirection change. From then on, all print jobs will be routed to the second printer. When the first printer comes back into service, you can easily remove the redirection.
SNMP Monitoring and Alerts
SNMP monitoring shows the status of your organization’s entire printer fleet. Any notifications like low ink or paper, empty trays, ping status, etc. are shown on this screen to make monitoring your printer fleet easier. Set up email notifications to automatically alert IT workers of a problem, allowing them to proactively manage all printers.
Role-Based Access Control
Since PrinterLogic integrates with Active Directory, you can specify which users can logon to the Admin Console with an existing Active Directory username and password. Once an IT or helpdesk person is logged on, you can control end user privileges by assigning predetermined roles or creating custom permissions. These roles determine an employee’s access to print management functions. You can use roles to empower each site administrator to manage their site’s printers, or to give central control over all your printers to a single staff member.
Print Job Auditing and Reporting
Although print jobs are sent directly to a physical printer, the PrinterLogic Client on each workstation sends certain metadata to the Admin Console. This enables you to see print job statistics in an exportable format.
Admins can use these reports to determine print job usage and print job costs, and answer valuable questions about the cost of printing on a single printer or the cost of toner and paper for the entire organization. It will also help you change any policies or help optimize your driver profiles for more efficient use.
The Admin Portal has many predefined reports to determine departmental usage, printer usage, and potential waste. Reports can be as granular as the number of print jobs that are color vs. grayscale, duplex vs. simplex, and large vs. small print jobs. Administrators can also set up scheduled reports to educate the organization on printing usage and costs.
Queue Management
PrinterLogic provides your IT staff with a single web-based portal for managing all your printer queues. The Client notifies the PrinterLogic application of all print jobs in each workstation’s local print queues, so that IT staff can cancel or troubleshoot any problem or unnecessary print jobs.
Printer Driver Caching
Some multinational enterprises have large presences in countries with a very limited or expensive WAN link, where they don’t want users downloading drivers from PrinterLogic to install a printer. To address this concern, you can create an IP Address Range object and specify a beginning and ending IP address, and a Windows share (e.g. \\server\share) at the remote region or location.
From then on, when a user logs onto a PC in the IP address range and needs to install a printer, the system will download drivers from the specified Windows share instead of the PrinterLogic server. Meanwhile, PrinterLogic will automatically keep the cache up-to-date with new drivers.
High Availability
Ensure that end users can keep printing—even in the event of an internet failure—with greater redundancy and availability through reducing legacy hardware. Users can maintain productivity via the Self-Service Installation Portal by viewing and installing their own printers instead of calling on the IT helpdesk. Admins can address print-related issues with just a few clicks, deploy printers automatically to users based on IP address range, and maintain printer uptime through print monitoring and auditing—all from a centralized console.
Reduce infrastructure:
Eliminate all print servers and experience increased printer uptime by simplifying your infrastructure.
Minimize attack surfaces:
Adopt Zero Trust by authenticating all users before they print and utilizing secure printing features.
Streamline print management:
Manage all printers and users in the entire enterprise, track costs, and simplify printer deployments through a single web-based Admin Console.
Unify across environments:
Discover seamless integrations with popular VDIs, EMRs, EHRs, and ERPs to achieve a scalable and flexible print environment in your industry.
Empower end users:
Reduce helpdesk tickets in your organization by enabling end users to install printers themselves via the Self-Service Installation Portal.
Increase visibiity:
Track and audit all print jobs in your organization, and identify departmental usage, printer usage, and potential waste to keep costs down.
Conclusion
All the cost, effort, and complexity of traditional print servers are no longer necessary. PrinterLogic replaces all the functionality that print servers can’t provide in a single, integrated platform. Through the combination of centralized management and direct IP printing, IT can streamline printer deployments, control costs with increased oversight, adopt Zero Trust-compliant print security, and deliver an unrivaled printing experience to users across the enterprise.