Network Communication

This page provides information about ports and protocols that must be enabled on firewalls and other related security aspects to ensure safe usage of YSoft SafeQ 6.

Security configuration

Secured network communication must always be considered when using YSoft SafeQ 6. Most important links are encrypted by default right after the installation using pre-installed certificates. Pre-installed certificates naturally do not ensure highest level of security and they should be replaced by customer ones.

Some links are by default unencrypted. In order to make all the securable path encrypted and subsystems authenticated, continue with the configuration on the following page: Communication paths.

Firewall Configuration Best Practices

In accordance to the "least privilege" security principle, it is strongly advised to configure a firewall to (1) only allow communication from trusted components and/or networks and (2) only open ports required by actual YSoft SafeQ deployment and configuration. When communication with untrusted networks is needed (e.g. public Internet), additional security measures should be considered.

JMX Ports Threat

JMX is used mainly for system monitoring. While these functions are helpful, having ports opened publicly without any authentication mechanism is a high-security risk and customers should only open them with proper configuration or/and understanding the risks. Since MU38 JMX ports in SafeQ are by default accessible only from localhost.

Bandwidth and Latency

Bandwidth and latency must be considered for each implementation:

  • Latency is important to be kept under 100ms for metadata synchronization in Site Server cluster locations (Spooler Controller Group) and for user experience on all browser based terminal (i.e. between where the MFD is and its respective Terminal Server).

  • Bandwidth required is vastly dependent on print job data size and path: from workstation to FlexiSpooler (which can reside on the very same workstation or on a remote Site Server) and from FlexiSpooler to the device. Print job metadata traveling among components average around 40–60 kB per print job.

Network communication overview

Following table provides a complete list of the ports and protocols that must be enabled on firewalls in order to ensure YSoft SafeQ 6 system functionality.

This documents describes the communication that has to be allowed on the network level, it does not describe communication that takes place via loopback interface (localhost)


Management


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

User

Management

80

443

HTTP/HTTPS

TCP

User credentials, settings, GUID

Management

Management

6020

6020

Proprietary

TCP

Synchronization info, system properties values

Spooler Controller

Management

6010

6010

Proprietary

TCP

Configuration, User data, Workflow data

Payment machine (SPM)

Management

4096

n/a

Proprietary

TCP

Firmware update

Payment machine (SPM)

Management

64099

n/a

Proprietary

UDP

Server discovery

User

Management

80

443

HTTP/HTTPS

TCP

Credentials, availability status, LDAP settings, Device information

ProactiveCare

Management

19898

n/a

JMX, JMX RMI

TCP

System state

Management

Management

4099

n/a

 

 

ServerSync

Spooler Controller


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Spooler Controller

Spooler Controller

5555

5555

Proprietary

TCP

Configuration

Management

Spooler Controller

5020

n/a

HTTP

TCP

Job preview

Mobile Integration Gateway

Spooler Controller

5555

5555

Proprietary

TCP

User credentials, configuration

End User Interface

Spooler Controller

5555

5555

Proprietary

TCP

Configuration

Mobile Print Server

Spooler Controller

5555

5555

Proprietary

TCP

Configuration, user credentials

FlexiSpooler server/client spooling

Spooler Controller

5555

5555

Proprietary

TCP

User credentials, configuration

Flexispooler

Spooler Controller

5566

n/a

HTTP

TCP

Print job accounting information

Terminal Server

Spooler Controller

5556

n/a

Proprietary

TCP

Configuration, notification about terminal management and user sessions

Terminal Server

Spooler Controller

5020

n/a

HTTP

TCP

Job preview

Workflow Processing System

Spooler Controller

5555

5555

Proprietary

TCP

Configuration, User data, Workflow data

Payment System

Spooler Controller

5556

n/a

Proprietary

TCP

Configuration, license, user credentials, card assignment

ProactiveCare

Spooler Controller

9000

n/a

JMX RMI

TCP

System state

ProactiveCare

Spooler Controller

9898

n/a

JMX

TCP

System state

ProactiveCare

Spooler Controller group

9999

n/a

JMX

TCP

System state

ProactiveCare

Spooler Controller group

19044

n/a

JMX RMI

TCP

System state

Job Service

Spooler Controller

5555

n/a

YMQ

TCP

Configuration, job preview image

Identity Server

Spooler Controller

5555

5555

Proprietary

TCP

User credentials


Terminal Server


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Embedded terminal for Xerox

Terminal Server

5011

5012

SOAP/HTTPS

TCP

User credentials

Embedded terminal for Xerox

Terminal Server

5021

5022

HTTP/HTTPS

TCP

Application data, job preview

Embedded terminal for Xerox Versalink

Terminal Server

389

636

LDAP/LDAPS

TCP

User roles and permission groups

Embedded terminal for Xerox Altalink

Terminal Server

389

389

LDAP/LDAP over STARTTLS

TCP

User roles and permission groups

Embedded terminal for Fuji Xerox

Terminal Server

5011

5012

SOAP/HTTPS

TCP

User credentials

Embedded terminal for Fuji Xerox

Terminal Server

5021

5022

HTTP/HTTPS

TCP

Application data, job preview

Embedded terminal for Fuji Xerox XCP

Terminal Server

5013

5029

HTTP/HTTPS

TCP

User credentials

Embedded terminal for Fuji Xerox XCP

Terminal Server

5021

5022

HTTP/HTTPS

TCP

Application data, job preview

Embedded terminal for FUJIFILM BI

Terminal Server

5013

5029

HTTP/HTTPS

TCP

User credentials

Embedded terminal for FUJIFILM BI

Terminal Server

5021

5022

HTTP/HTTPS

TCP

Application data, job preview

Embedded terminal for Konica Minolta, Develop, Olivetti

Terminal Server

5021

5014, 5015, 5016, 5017, 5018, 5019, 5022

SOAP/HTTPS

TCP

All device communication data, e.g. user credentials

Embedded terminal for Sharp

Terminal Server

5011

5012

SOAP/HTTPS

TCP

Web services

Embedded terminal for Sharp

Terminal Server

5021

5022

HTTP/HTTPS

TCP

User credentials, job authorization, accounting information, events

Embedded terminal for Sharp-eSF

Terminal Server

5021

n/a

HTTP

TCP

User credentials

Embedded terminal for Toshiba (non MDS)

Terminal Server

5011

5012

HTTP/HTTPS

TCP

Application data, job preview

Embedded terminal for Toshiba (non MDS)

Terminal Server

389

636

LDAP/LDAPS

TCP

User credentials

Embedded terminal for Toshiba MDS

Terminal Server

5011

5012

HTTP/HTTPS

TCP

Web services

Embedded terminal for Toshiba MDS

Terminal Server

5021

5022

HTTP/HTTPS

TCP

User credentials, all application data

Embedded terminal for Samsung

Terminal Server

5013

n/a

HTTP

TCP

User credentials, all application data

Embedded terminal for Lexmark

Terminal Server

5021

n/a

HTTP

TCP

User credentials

Embedded terminal for Ricoh

Terminal Server

5011

5012

HTTP/HTTPS

TCP

Web services

Embedded terminal for Ricoh

Terminal Server

5021

5022

HTTP/HTTPS

TCP

User credentials

Embedded terminal for Epson

Terminal Server

5021

5022

HTTP/HTTPS

TCP

User credentials, job preview

Embedded terminal for Epson

Terminal Server

5023

5024

HTTP/HTTPS

TCP

Notifications, accounting

Embedded terminal for Brother

Terminal Server

5026

5027

HTTP/HTTPS

TCP

Authentication,Accounting,Jobs,Scanned document

Embedded terminal for HP

Terminal Server

5021

5022

HTTP/HTTPS

TCP

User credentials, Scanned document

Embedded terminal for HP

Terminal Server

5025

5025

HTTPS

TCP

Web services

Embedded terminal for OKI

Terminal Server

5011

5012

HTTP/HTTPS

TCP

Application data, job preview

Embedded terminal for OKI

Terminal Server

389

636

LDAP/LDAPS

TCP

User credentials

Embedded terminal for OKI sXP2

Terminal Server

5011

5012

HTTP/HTTPS

TCP

Application data, job preview

Embedded terminal for OKI sXP2

Terminal Server

389

636

LDAP/LDAPS/LDAP over STARTTLS

TCP

User credentials

Terminal Professional (TP4)

Terminal Server

5021

5022

HTTP/HTTPS

TCP

User credentials, job preview, all application data

Mobile terminal (Android)

Terminal Server

5021

5022

HTTP REST API (JSON)/HTTPS

TCP

User credentials, job metadata

Mobile terminal (iPhone)

Terminal Server

5021

5022

HTTP REST API (JSON)/HTTPS

TCP

User credentials, job metadata

Mobile terminal (Windows Phone)

Terminal Server

5021

5022

HTTP REST API (JSON)/HTTPS

TCP

User credentials, job metadata

Mobile terminal

Terminal Server

5021

5022

HTTPS

TCP

Logs (time of crash, OS, stacktrace)

Spooler Controller

Terminal Server

5557

n/a

Proprietary

TCP

Configuration, notification about terminal management and user sessions

Terminal Server

Terminal Server (ETCD)

2377

n/a

HTTP

TCP

User IDs (Konica Minolta, Sharp), credit informations, timestamps, device exclusivity locks, scan duplex from glass, Sharp Hello message, application IDs for Konica Minolta

Terminal Server (ETCD)

Terminal Server (ETCD)

2378

n/a

HTTP

TCP

User IDs (Konica Minolta, Sharp), credit informations, timestamps, device exclusivity locks, scan duplex from glass, Sharp Hello message, application IDs for Konica Minolta

Network card reader

Terminal Server

5011

n/a

HTTP

TCP

User credentials (card number)

Terminal Professional (TPv3.5) in Network card reader mode

Terminal Server

5011

n/a

HTTP

TCP

User credentials (card number)

MFD

Terminal Server

21, 1024-65535

n/a

FTP

TCP

Scanned document. Port 21 is configurable by a system parameter "ftp-port". Ports 1024-65535 are used only when MFD is in passive FTP mode.

MFD

Terminal Server

User defined

User defined

WebDAV/WebDAVS

TCP

Scanned document

EDEE

Terminal Server

5021

5022

HTTP/HTTPS

TCP

User credentials

Terminal Professional
(TPv3.5)

Terminal Server

4096

4096

Proprietary

TCP

User credentials (card number, pin, username+password), firmware update, session data

Terminal Professional
(TPv3.5)

Terminal Server

37

n/a

Proprietary

UDP

Time synchronization

Terminal Professional
(TPv3.5)

Terminal Server (SQTA)

5021

5022

HTTP

TCP

Job preview

Terminal Ultralight

Terminal Server

4096

4096

Proprietary

TCP

User credentials (card number, pin), firmware update, session data

Terminal Ultralight

Terminal Server

37

n/a

Proprietary

UDP

Time synchronization


Flexi Spooler


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Mobile Integration Gateway

FlexiSpooler server spooling/non spooling

5559

5559

HTTP/HTTPS

TCP

Job data

Mobile Print Server

FlexiSpooler server spooling/non spooling

5559

5559

HTTP/HTTPS

TCP

Job data

User/LPD
Windows Spooler

FlexiSpooler client spooling/non spooling

515

n/a

LPR

TCP

Job data

Desktop Interface

FlexiSpooler client spooling/non spooling

5558

5558

Proprietary

TCP

Job data, user credentials

FlexiSpooler server/client non spooling

FlexiSpooler server spooling/non spooling

5559

5559

HTTP/HTTPS

TCP

Job data

Other app (e.g. SAP) LPR printing

FlexiSpooler server spooling/non spooling

515

n/a

LPR

TCP

Job data

SafeQ Client

FlexiSpooler server spooling/non spooling

9100

n/a

TCP/IP raw/jet direct

TCP

Username and domain, job data

Workflow Processing System


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Terminal Server

Workflow Processing System

5600

5600

HTTP/HTTPS

TCP

Scanned data

Terminal Server

Workflow Processing System

n/a

n/a

SMB/WebDAV/WebDAVS

TCP

Scanned document

Payment


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

End User Interface

Payment System

8080

8443

HTTP/HTTPS

TCP

User information, voucher code, configuration

User

Payment System Web Interface

8080

8443

HTTPS

TCP

User credentials

Terminal Server

Payment System

8080

8443

HTTP REST API/HTTPS

TCP

Credit and Quotas data

Payment machine (SPM)

Payment System

4196/4198

4197/4199

Proprietary over SSL/TLS

 

User credentials (card number, pin, username+password), credit transaction data

Payment System

Payment Gateway

 

 

HTTP/HTTPS

TCP

Transaction information

Payment System

External Payment System

User defined

User defined

Protocol depends on external payment system

 

 

Management

Payment machine (SPM)

4095

n/a

Proprietary

TCP

Configuration change, firmware update

User (termtool user utility)

Payment machine (SPM)

 

 

Proprietary

TCP

Configuration change, remote control commands, firmware update

User (termtool user utility)

Payment machine (SPM)

64099

n/a

Proprietary

UDP

Configuration change, remote control commands, terminal discovery

User

Payment machine (SPM)

161

n/a

SNMPv2c

UDP

Connection, authentication and operation states

MFD


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Terminal Server

MFD

 

 

 

ICMP

Device alive response message

Terminal Server

MFD (Konica Minolta)

50001

50003

HTTP/HTTPS

TCP

Terminal installation process

Terminal Server

MFD (Konica Minolta)

User defined

User defined

SNMP

 

Device control (e.g. job deletion)

Terminal Server

MFD (Ricoh)

80/8080

443/51443

HTTP/HTTPS

TCP

Terminal installation process

Terminal Server

MFD (Ricoh)

64098

n/a

TCP/IP

TCP

Configuration

Terminal Server

MFD (FUJIFILM BI)

58070

n/a

TCP/IP

TCP

Configuration

Terminal Server

MFD (HP)

Device-dependent
57627

Device-dependent
7627 /443

HTTP/HTTPS

TCP

Terminal installation process

Terminal Server

MFD (Toshiba)

49629

49630

HTTP/HTTPS

TCP

Installation of Embedded Terminal for Toshiba

Terminal Server

MFD (Toshiba)

50083

 

HTTP

TCP

Scan event configuration of Embedded Terminal for Toshiba

Terminal Server

MFD (Sharp)

User defined

User defined

HTTP/HTTPS

TCP

Terminal installation process

Terminal Server

MFD (Sharp-eSF)

21, 1024-65535

n/a

FTP - passive

 

Terminal installation process. Port range 1024-65535 is all possible ports that the MFD can use to accept data and depends on the FTP server settings of the MFD.

Terminal Server

MFD (Samsung)

80

n/a

HTTP

TCP

Terminal installation process

Terminal Server

MFD (Lexmark)

21, 1024-65535

n/a

FTP - passive

 

Terminal installation process. Port range 1024-65535 is all possible ports that the MFD can use to accept data and depends on the FTP server settings of the MFD.

Terminal Server

MFD (Epson)

80

443

HTTP/HTTPS

TCP

Terminal installation process

Terminal Server

MFD (Xerox)

80

443

HTTP/HTTPS

TCP

Terminal installation process

Terminal Server

MFD (Xerox)

161

n/a

SNMP

 

Configuration

Terminal Server

MFD (Fuji Xerox)

User defined

User defined

HTTP/HTTPS

TCP

Terminal installation process

Terminal Server

MFD (Fuji Xerox XCP)

User defined

User defined

HTTP/HTTPS

TCP

Terminal installation process

Terminal Server

MFD (FUJIFILM BI)

User defined

User defined

HTTP/HTTPS

TCP

Terminal installation process

Spooler Controller

MFD (Konica Minolta)

80

443

IPP/IPPSSL

TCP

Device status information

Terminal Professional (TP4)

MFD

User defined

User defined

SNMP

 

Device status information

USB card reader

MFD/PC

n/a

n/a

Proprietary

 

User credentials (card number), Configuration change, remote control commands, firmware update

FlexiSpooler server/client spooling

MFD

515/9100/80

443/631

LPR/RAW/IPP/IPPS

TCP

Job data

Terminal Server

MFD

1024-65535

n/a

FTP - active

 

Scanned document. This is used only when the MFD uploads data using active FTP. Port range 1024-65535 is dependent on the FTP settings of the MFD.

Spooler

MFD

User defined

User defined

JetDirect, IPP, IPPS

TCP

Job data


Database server


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Management

Database server (MS SQL)

1433

1433

TCP/TCP over TLS

TCP

User info, job info, statistics, configuration, etc.

Database server (MS SQL)

Database server (MS SQL)

1433

1433

TCP/TCP over TLS

TCP

User info, job info, statistics, configuration, etc.

Management

Database server (PGSQL)

5432 (External) / 5433 (Embedded)

5432 (External) / 5433 (Embedded)

TCP/TCP over TLS

TCP

User info, job info, statistics, configuration, etc.

Database server (PGSQL)

Database server (PGSQL)

5432

5432

TCP/TCP over TLS

TCP

User info, job info, statistics, configuration, etc.

LDAP


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Management

LDAP Replicator service

9696

n/a

JMX

TCP

User data

Management

LDAP Replicator service

9002

n/a

JMX RMI

TCP

User data

LDAP Replicator service

LDAP Server

User defined

User defined

LDAP/LDAPS

TCP

User data, LDAP credentials

Management

LDAP Server

User defined

User defined

LDAP/LDAPS

TCP

User credentials


Microsoft


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Workflow Processing System

Microsoft Exchange

n/a

80

HTTP/HTTPS

TCP

Credentials, scanned data

Workflow Processing System

Microsoft OneDrive for Business (365)

n/a

n/a

HTTPS

TCP

Credentials, scanned data

Workflow Processing System

Microsoft SharePoint 2010

n/a

n/a

HTTP/HTTPS

TCP

Credentials, scanned data

Workflow Processing System

Microsoft SharePoint 2013

n/a

n/a

HTTP/HTTPS

TCP

Credentials, scanned data

Workflow Processing System

Microsoft SharePoint 2016

n/a

n/a

HTTP/HTTPS

TCP

Credentials, scanned data

Workflow Processing System

Microsoft SharePoint Online (365)

n/a

n/a

HTTPS

TCP

Credentials, scanned data

eDee


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

FlexiSpooler

EDEE

9100

n/a

TCP/IP (RAW)

TCP

Job data

IMS


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Management

IMS

7347

7348

HTTP/HTTPS

TCP

Configuration

Spooler Controller

IMS Proxy

7347

7348

HTTP/HTTPS

TCP

Configuration

Terminal Server

IMS Proxy

7347

7348

HTTP (REST)/HTTPS

TCP

HW device registration, TP4 and EDEE installation process

UA

IMS

7347

7348

HTTP/HTTPS

TCP

Status report (hardware configuration, serial number, FW/SW version, configuration, network state), logs

UA

IMS Proxy

7347

7348

HTTP/HTTPS

TCP

Status report (hardware configuration, serial number, FW/SW version, configuration, network state), logs

Terminal Ultralight


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Terminal Server

Terminal Ultralight

4095

n/a

Proprietary

TCP

Configuration change, firmware update

User (termtool user utility)

Terminal Ultralight

4095

n/a

Proprietary

TCP

Configuration change, remote control commands, firmware update

User (termtool user utility)

Terminal Ultralight

64099

n/a

Proprietary

UDP

Configuration change, remote control commands, terminal discovery

User

Terminal Ultralight

 

 

SNMPv2c over TCP/IP or UDP/IP

TCP

Connection, authentication and operation states

Terminal Pro 3.5


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Terminal Server

Terminal Professional (TPv3.5)

4095

n/a

Proprietary

TCP

Configuration change, firmware update, compressed job delivery, session data

User (termtool user utility)

Terminal Professional (TPv3.5)

 

 

Proprietary

TCP

Configuration change, remote control commands, firmware update

User (termtool user utility)

Terminal Professional (TPv3.5)

64099

n/a

Proprietary

UDP

Configuration change, remote control commands, terminal discovery

User

Terminal Professional (TPv3.5)

 

 

SNMPv2c over TCP/IP or UDP/IP

TCP

Connection, authentication and operation states

Others


Client side

Server side

Unsecured server side port

Secured server side port

Application protocols

Network protocols

Transferred data

Management

Identity Provider (SAML)

n/a

n/a

HTTP/HTTPS

TCP

Identity provider information, key for signature verification

Spooler Controller

Infinispan

80, 81

n/a

HTTP

TCP

Job metadata

Infinispan

Infinispan

7800

7800

JGroups

TCP/UDP

Job metadata

Infinispan

Infinispan

7801, 7802

n/a

JGroups

TCP/UDP

Management

Mail Server

25/587

25/465/587

SMTP/SMTPS

TCP

Reporting and notifications

Spooler Controller

Mail Server

25/587

25/465/587

SMTP/SMTPS

TCP

Reporting and notifications

Mobile Integration Gateway

External System

5353

n/a

mDNS (UDP)

UDP

Printer information

Mobile device

Mobile Integration Gateway

8050

8050

IPP/IPPSSL

TCP

User credentials

User

End User Interface

9090

9443

HTTP/HTTPS

TCP

User credentials

Mobile Print Server

Mail Server

25/587

25/465/587

SMTP/SMTPS

TCP

Email notifications

Mobile Print Server

Mail Server

110

995

POP3/POP3S

TCP

Emails with job data

Mobile Print Server

Mail Server

143

993

IMAP/IMAPS

TCP

Emails with job data

Mobile Print Server

Shared folder (used by EUI)

137/138 (UDP)
137/139 (TCP)

137/138 (UDP)
137/139 (TCP)

SMB

TCP/UDP

Job data

FlexiSpooler server/client spooling

Shared folder

137/138 UDP
137/139 TCP

137/138 UDP
137/139 TCP

SMB

 

Job data

Management

DropBox (Business/Enterprise)

n/a

443

HTTPS

TCP

User credentials / token

Workflow Processing System

DropBox (Business/Enterprise)

n/a

443

HTTPS

TCP

Scanned document

Workflow Processing System

File System

n/a

n/a

SMB

 

Scanned data

Workflow Processing System

Mail Server

n/a

n/a

SMTP/SMTPS

TCP

Scanned data

Workflow Processing System

HP Records Manager (HP Trim)

1137

1137

TCP/IP/HTTPS

TCP

Scanned document, job metadata

Payment System

Mail Server

n/a

n/a

SMTP

 

Reporting

Payment machine (SPM)

User

User defined

User defined

SNMPv2c

UDP

Connection and authentication states change

User

UA

n/a

22

SSH

TCP

FW/SW update, status report, credentials, Management server address

EDEE

Mail Server

25/587

25/465/587

SMTP/SMTPS

TCP

 

Terminal Professional
(TPv3.5)

User

User defined

User defined

SNMPv2c trap over UDP/IP

UDP

Connection and authentication states change

Terminal Ultralight

User

User defined

User defined

SNMPv2c trap over UDP/IP

UDP

Connection and authentication states change

Spooler

Spooler (Server Spooling)

5002

5002

HTTP/HTTPS

TCP

Job data

End User Interface

9009

n/a

AJP

 

Job Service

Job Service

5000

5000

HTTP/HTTPS

TCP

 

Job Service

JS Infinispan

6000

n/a

HTTP

TCP

Job metadata

JS Infinispan

JS Infinispan

7900

7900

JGroups

TCP/UDP

Job metadata

MySafeQ

Identity Server

5000

5000

HTTP/HTTPS

TCP

User credentials

MySafeQ

Spooler

3050

n/a

HTTP

TCP

Access token

System spooler (Windows)

Spooler

515/631

632

LPR, IPP, IPPS

TCP

Job data

System spooler (MAC)

Spooler

5515/5631

5632

LPR, IPP, IPPS

TCP

Job data

Spooler

File System

n/a

n/a

 

 

Configuration, job data

Spooler

Job Service

5000

5000

HTTP/HTTPS

TCP

Job metadata, commands (print, delete, preview), job preview image

Job Service

Identity Server

5000

5000

HTTP

TCP

Access token, scope

edge-config-application

edge-remote-site-server-config

 

HTTPS + AMQP

 

TCP

Configuration + CSR and certificates