Technical Introduction
SAFEQ Cloud is a distributed document platform.
- Send documents from any number of sources; PC workstations, mobile devices, Host and mainframe systems, thin clients, ERP systems, from backend systems via API’s and much more.
- Store documents securely or push the documents directly to an output device, such as a multi-function printer or single function printer.
- Use the mobile Apps, embedded MFD client software or swipe card readers to release documents on the selected printer.
The concept of services
SAFEQ Cloud is made up of modular services which can run anywhere, allowing for extremely flexible deployments, to meet virtually any customer infrastructure requirement.
A service performs a specific action. For example, the Authentication Service is responsible for communicating with the customers authentication system to authenticate users, whether it’s Active Directory/LDAP, Microsoft Entra ID or similar. The Document Output service is responsible for delivering print job data from SAFEQ Cloud to a printer or MFD.
In f SAFEQ Cloud, the following services exists:
| Service type | Description |
|---|---|
| API | For programmatically interacting with SAFEQ Cloud, for example from external applications, automation scripts or similar |
| Authentication | The Authentication Service is the service which communicates with AD/LDAP directories, Microsoft Entra ID and similar to authenticate users |
| Conversion | The conversion service is responsible for converting or preparing documents in one format to another, for example, converting a Word document to PDF |
| Document Output | Responsible for delivering print job data to printers or MFD’s |
| IPP | The IPP service receives print job data from SAFEQ Cloud Clients (Windows, Mac and Linux) |
| Mobile | The Mobile Print service is a service handling communication from Y Soft Apps, MDM solutions, Wide Area Mobile Print DNS communication and similar |
| Storage | The Storage Service is responsible for transferring and storing documents |
| Terminal Client | The service which deploys embedded software release terminal clients running inside MFD’s, and the service to which MFD’s communicate back for authentication, retrieving jobs etc |
| Messaging | Messaging configuration is used to enable SAFEQ Cloud to deliver messages, such as email, to users. The emails delivered by SAFEQ Cloud could be emails with files from “Scan to email” actions on an MFD or similar. |
Let’s take an example: A user sends a push print job from a workstation through SAFEQ Cloud for printing directly on a printer:
1. The user sends the jobs from the workstation client and the IPP Service receives the job
2. The Authentication Service authenticates the user against customer’s LDAP
3. The Storage Service transfers the document internally in SAFEQ Cloud and stores the document data
4. The Conversion Service prepares the document for processing, converting if needed
5. The Document Output Service transforms and delivers the print job to the destination printer
The services could effectively be located anywhere, the IPP Service on a server in London, the Authentication Service on a server in New York and the Document Output Service in Singapore.
Servers
Services can be configured to run on any server, either a server running in a remotely hosted environment, or locally within the customers environment, either on-premise, or in the customers own private cloud, such as Amazon Web Services or Microsoft Azure.
When installing SAFEQ Cloud, you have the choice for installing:
Primary server – the primary server runs Web UI’s for configuration and management, handles core communication and connection to backend databases and similar master roles
Secondary gateway server – the secondary servers are additional server gateways which can run services.
Some important points:
- A “server” can take any form, it can be either a hardware or software appliance, or it can be implemented on existing server infrastructure, virtual or physical.
- A “server” can run anywhere, in the public cloud, private cloud, completely disconnected on-premise, or on-premise connected to a primary in the cloud for central management
- A “server” no matter if it’s primary or secondary, can run a single service or all services, depends on the features needed for that particular node.
- A single service can be used by many different customers
- There can be any number of primary and secondary gateway servers, from just single individual servers, to tens of thousands of servers in a very large distributed configuration, without a single point of failure.
More information on information about gateways and possible configurations can be found in the section Gateway Guide with recommended configurations.
Account Types
There are 2 types of accounts that can be created:
Vendor – Vendor accounts are reseller or partner accounts, for example, a reseller or a subsidiary of a partner. Vendor accounts can have its own authentication, users and permissions. Vendors can have servers hosting services, but Vendors themselves cannot have printers or other document functionality. There is no licensing on the Vendor level.
Account – Customer accounts are for end-customers and can have full document functionality, with printers, ports, authentication, users, permissions etc. Accounts can have their own servers associated with them, running their own services. Accounts must have licensing, and have a trial license by default on account creation.
NFR or demo accounts for Vendors themselves are created as the Account type.
Domain names
DNS names are essential in how vendor and customer accounts are identified by the system, and how different accounts are identified.
For example, the primary server runs the Web UI, and depending on which domain is accessing this server, a different account is shown. For example:
The DNS “print.partner.com” points to the primary SAFEQ Cloud server, and when the Web UI is accessed in a browser using this “print.partner.com” the SAFEQ Cloud server knows that it’s a user for the partner viewing the Web UI
The DNS “print.customer.com” points to the same primary SAFEQ Cloud server, and when this is loaded, it’s the customers Web UI which loads