GENERAL INFORMATION
      Back to home
      1. Legacy products
      2. LEGACY: SAFETICA ONE 10
      3. GENERAL INFORMATION

      Print Control in Safetica

      Safetica 9.8 no longer contains the Supervisor module. In all our new products, however, you still have printer overview and print alerts.

      Information in this article applies to Safetica ONE 10 or older.

      The Application control and Web control features are now available in Safetica Protection and Safetica Enterprise and can be managed in WebSafetica. The Print control feature can be replaced by DLP policies.

      Which print control features are available in Safetica Protection and Safetica Enterprise?

      Controlling physical, network, and virtual printers

      You can allow, log, or block print and virtual print either in general as a whole channel, or specifically as individual printers.

      Controlling print and virtual print in general

      If you want to control print or virtual print in general for a specific user, a group of users, or the whole company, create a general policy with rules for print or virtual print in Safetica Management Console > Protection > DLP policies.

      Controlling individual printers

      If you want to create policies for individual physical or network printers or groups of printers, use Safetica Zones in Safetica Management Console. Go to Protection > Zones and add the desired printers into them. Each zone is a list that you can later use to create DLP policies.

      How to add a network printer into a zone?

      1. Go to Protection > Zones and click Add zone.
      2. Name the zone and decide whether you consider the devices added to it to be safe. Then click OK.
      3. In the list on the left, select the newly created zone and click Add item.
      4. Add a network printer by clicking Printer.
      5. Fill in the information about your printer and confirm with Finish.
      6. Click the confirmation button in the upper right corner of the screen.

      How to add a physical printer into a zone? 

      1. The list of physical printers that can be added into zones can be found in Protection > Zones after clicking Unassigned items.
      2. In the list of zones on the left, choose the desired zone and drag and drop the desired printers from the Unassigned items table to the table next to it.
      3. Click the confirmation button in the upper right corner of the screen.

      How to use zones to control printers?

      The created zone can be used when setting up DLP policies to control printers:

      1. Go to Protection > DLP policies and click New policy.
      2. In Policy rules, find the Print slider and choose Safe zones allowed.
      3. Decide whether you want to allow all safe zones or whether you want to set each zone individually.

       16022351361130b67e1aff174dcd9d28f1de2b3497b6658903

      Which documents were blocked by Safetica?

      If you want to find out for which files printing was allowed or blocked, go to Protection > DLP logs. In the Records table, filter out Print or Virtual print in the Operation column. You will see the name of the file, who initiated the printing, whether printing was allowed, blocked or logged, whether the file contained sensitive data and many other details.

      Print overview

      In the Supervisor module, it was possible to use quotas to determine, how many pages can an individual user print within a given time period. Safetica Protection and Safetica Enterprise bring a more sophisticated approach and allow you to restrict, what kinds of files can be printed. Printing is thus controlled more precisely than by quotas.

      How to detect overuse of printers?

      All information about printing and printers can be found in Safetica Management Console > Discovery > Print or in WebSafetica > Workspace > Print. You can find out e.g. who initiated the printing, what files were printed, the number of printed pages, from which applications, on which device, or whether the printing was in color or black and white.

      If you want to be informed about who exceeded the given number of printed pages, use Alerts:

      1. In Safetica Management Console, go to Alerts, choose the Settings mode, and click New rule.
      2. Fill in the name and description of the alert. In the next step, go to Informative alerts and choose Printed documents count and/or Printed pages count (depending on what you are interested in).
      3. After you check the desired alerts, you can set a daily or weekly threshold. If that threshold is exceeded, an alert is sent to the administrator.
      4. In the next steps, choose the user, whom the alert applies to, and also addresses, where it will be sent.

      Note: If you have purchased Safetica Enterprise, you can send your alerts to your SIEM or syslog server.

       1602164066f87296ffff19a55d5255003b9bee8a73e37f594d

      How to restrict what can users print?

      In Safetica Protection and Safetica Enterprise, you can use data policies to block the printing of documents with sensitive data – for example documents that contain a certain expression, have a certain extension, or were exported from a certain application.

      You can use application policies to block printing from a certain application or category of applications (e.g. printing from CAD software).