>I'm currently supporting a printer vendor with a client issue. Their client >will not accept TCP/IP printers because they're worried that someone will >"tap-in" to the line and pickup the data in the clear. They're insisting on >an ESCON/parallel attachment. The printer vendor I'm working with got rid >of the parallel interface 5 years ago and doesn't really want to support it. >Has anyone ever dealt with this paranoia yet? Do any printers on the market >support an SSL interface? > There are several solutions with some mentioned.
1. LRS has the product VPSSECURE which can be licensed down to a few number of printers; reducing cost. This would require buying a special chip from one of a number of vendors for a few thousand or less. So who says security is free. 2. A thought of mine is for someone in the remote site to connect to you with a Secure Telnet session. The remote session would be defined with a printer and terminal session; remember to turn off the Associated Printing bit. Now the session link is SSL and with the printer defined as say R200, you can print to it with the products like VPS as a remote printer; look at the MacKinney product for a cheaper solution. 3. Indeed you could run a Site-to-Site VPN appliances on each end to the remote site. But them would the customer consider his location a secure and accept when the print left the VPN Box and flowed clear over to the printer? But then if the customer was located in a SCIF (Secure Compartmented Information Facility), then no problem. 4. Do #3 with router IPSEC. 5. If indeed it is over IP, then I am amazed the customer is savvy enough to reject IPSEC into the router and then in the clear over the printer. 6. If #2 is not acceptable because the print has to travel from the PC over the parallel cable in the clear, then put the PC inside a "mini" SCIF. Can build one out of aluminum foil and chicken wire. Just make sure the entrance has a ZIG- ZAG in it. This is no joke for it was done at one location back in the 1970s to protect the ITEL disk drives from testing of RADARs which did sweep the units clean. jim ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
