Communication paths & encryption
The OptimiCapture provides and receives data from the following components:
- Workstation
- MFP device
- OptimiCapture infrastructure
- Web browser
- OptimiDoc Cloud Node
- Local Active Directory Sync tool
🗲 |
IMPORTANT Components can be excluded in specific customer implementations. |
Workstation > OptimiCapture
Purpose |
Data |
Protocol |
Port |
Encryption |
Delivery of print job to virtual spooler |
- Print data (PCL/PS/XPS/PDF) - Login&Password |
IPPS |
443 |
TLS |
Workstation > OptimiDoc Cloud Node
Purpose |
Data |
Protocol |
Port |
Encryption |
Delivery of print job |
- Print data (PCL/PS/XPS/PDF) - Login&Password |
LPR |
515 |
NO |
MFP device > OptimiCapture
Purpose |
Data |
Protocol |
Port |
Encryption |
Authentication & authorization of user (HP only) |
- Login and password or PIN or Card - Full name - Access rights |
HTTPS |
443 |
TLS |
Embedded application communication |
- Specific data requests in scan and print application |
HTTPS |
443 |
TLS |
Delivery of scanned document |
- Scan document data - Scan document description file with user login and metadata |
HTTPS |
443 |
TLS |
Print documents download |
- Print data (PCL/PS/XPS/PDF) |
HTTPS |
443 |
TLS |
Accounting data (HP only) |
- Login - Document name - Accounting information |
HTTPS |
443 |
TLS |
MFP authentication |
- Company Identification Code - Access token - Serial number |
HTTPS |
443 |
TLS |
MFP device > OptimiDoc Cloud Node
Purpose |
Data |
Protocol |
Port |
Encryption |
Authentication & authorization of user |
- Login and password or PIN or Card - Full name - Access rights |
HTTPS |
443 |
TLS* |
Print job request |
- Login |
HTTPS |
443 |
TLS* |
🗲 |
IMPORTANT* OptimiDoc Cloud Node default algorithm used for encryption is SHA1 with self-signed certificate. |
OptimiCapture > Other services
Purpose |
Data |
Protocol |
Port |
Encryption |
Delivery and download from Cloud storages |
- Scan document - Access/Refresh token - Metadata |
HTTPS |
443 |
Cloud storages defined |
Azure AD sync |
- Login - Full name - Department - Card - PIN |
HTTPS |
443 |
Microsoft AzureAD defined |
Cloud storages authentication through oAuth2.0 |
- Access token - Refresh token |
HTTPS |
443 |
Cloud storages defined |
OptimiDoc Cloud Node > OptimiCapture
Purpose |
Data |
Protocol |
Port |
Encryption |
User authentication data |
- Login - Pin - Card - Access rights |
HTTPS |
443 |
TLS |
Accounting data (only Xerox) |
- JBA log |
HTTPS |
443 |
TLS |
OptimiDoc Cloud Node authentication |
- Company Identification Code - Access token - Serial number |
HTTPS |
443 |
TLS |
OptimiDoc Cloud Node > MFP
Purpose |
Data |
Protocol |
Port |
Encryption |
Accounting data (only Xerox) |
- JBA log |
HTTPS |
443 |
Device defined |
Print documents delivery |
- Print data (PCL/PS/XPS/PDF) - User login |
LPR |
515 |
No |
Local Active Directory Sync tool > Local Domain Server
Purpose |
Data |
Protocol |
Port |
Encryption |
Lightweight Directory Access Protocol synchronization |
- Login - Full name - Department - Card - Pin |
LDAP |
389,3268 |
No |
LDAPS |
636, 3269 |
LDAP defined |
Complete communication between the OptimiCapture internal components is secured through TLS. The default algorithm used for encryption is SHA256, with a signed certificate from Sectigo RSA Domain Validation Secure Server CA. Minimal TLS version is 1.0.