Communication paths

The scheme below contains communication paths which are secured by default or securable using the System communication hardening guide.

Color coding:

Grey color - internal component, part of YSoft SafeQ solution
White color - external system

Communication paths:

Full line - the communication link can be secured
Dashed line - the communication link cannot be secured

		Purpose	Not secured	Secured
(1)	Configuring SSL/TLS for YSoft SafeQ Management Service	Administrator access to SafeQ management interface	HTTP	TLS (HTTPS)
(2)	Setting the secure connection between cluster nodes	Communication between nodes in a cluster	Proprietary [default]	TLS (proprietary)
(3)	Setting secured communication between Management Service and Spooler Controller	SafeQ Inter server communication	Proprietary [default]	TLS (proprietary)
(4)	Setting secured communication with Spooler Controller	Authentication data	Proprietary [default]	Proprietary (proprietary)
(5)	Setting server spooler authentication for job transfer	Print from client computer, far roaming	HTTP	TLS (HTTPS) [default]
(6)	Configuring secured connection between terminals and Terminal Server	Authentication data from terminal to YSoft SafeQ server	n/a	TLS (proprietary or SOAP) [default]
(7)	Setting custom certificate on YSoft SafeQ Mobile Integration Gateway web interface	Print from mobile phone	n/a	TLS (IPP over SSL) [default]
(8)	Configuring SSL/TLS for YSoft SafeQ Payment System	Access to Payment System web interface	HTTP	TLS (HTTPS) [default]
(9)	Configuring SSL/TLS for End User Interface	Access to End User Interface	HTTP	TLS (HTTPS) [default]
(10)	Getting certificate for setting up SharePoint 2013 add-in environment	Scanned document to SharePoint	HTTP	TLS (HTTPS) [default]
(11)		Release of the print job	RAW TCP, IPP	TLS (IPPSSL)
(12)	Configuring secured connection to the LDAP server	User information	LDAP	TLS (LDAPS)
(13)		Receiving document by the server	POP3/IMAP	TLS (POP3S/IMAPS)
(14)		Notifications, scanned document to email	SMTP	TLS (SMTPS)