Pharos Cloud Platform 3.6 Release Notes

This release represents the latest version of Pharos Cloud. This update includes several important new features including:

• Direct Print Enhancements

  • New Direct Print Dashboard

  • Support for multiple IP Ranges for a location

  • Control access to a print queue based by group

  • Initial location for Print Scout Deployment

  • Secure Communication for Windows Print Drivers

• Ethernet 241 support for Secure Release

• Pharos Cloud Web Console Enhancements

  • Data Privacy Enhancements       

    • Added the option to anonymize print user information

    • Added the option to collect print job information from Pharos managed printers

  • Security Enhancement: User Account Lockout

  • Improved Licensing Page

• MFP New Features and Improvements

  • Support for cloud-connected devices (Konica Minolta and Ricoh)

  • Cloud Release (Pull Print) support on Ricoh devices

  • Secure Scan Updates

    • User-based authentication for Scan to Office 365 (Scan to OneDrive and Scan to SharePoint)

    • Scan to SharePoint Integration (supports User-Based Authentication only)

    • Default scan options for Konica Minolta devices

    • Multi-language support

  • Bug fixes and miscellaneous improvements

    • Added support for HP Legic Card Reader

    • Added support for Xerox Primelink devices

    • Addressed Xerox latency issues

    • Replaced KM Certificate

    • Updated Secure Scan process for unsupported devices

    • Addressed a 2-sided scan issue for Secure Scan

    • Resolved a scan to mail issue where the Note field could be edited

• Print Scout Improvements

  • Direct Print Enhancements

    • Initial location for Print Scout Deployment

    • Secure Communication for Windows Print Drivers

  • Support for Ricoh Pull Print

  • Added unique EventID for start/stop of Print Scout Service

• Known Issue

  • Restart issue: Pharos Systems Sentry Print Service must be manually stopped and started

Direct Print Enhancements

This release includes improvements to Direct Print that drive efficiency and improve user experience.

• New Direct Print Dashboard

• Support for multiple IP Ranges for a location

• Restrict access to a print queue based on user groups

• Initial location for Direct Print

• Secure Communications for Windows Manufacturer Drivers

New Direct Print Dashboard

In this latest version of Pharos Cloud, we are introducing a new dashboard for Direct Print. This dashboard offers a concise overview of significant metrics related to your Direct Print setup and offers guidance on potential actions you can implement to enhance your print environment.

To launch the Direct Print Dashboard, simply click the  Dashboard tab under the  Direct screen in the Pharos web console.

The new Direct Print Dashboard includes six cards:

• Status – This card displays the number of Direct Printers, the number of registered users, as well as the number of Direct Print queues.

• Devices – The Devices card shows the percentage of devices with enabled queues. It also shows the percentage of devices with no queues or inactive queues.

• Volume -The Volume card shows the percentage of volume that was produced in the Direct Print workflow in the last 30 days.

• Usage – The Usage card shows a trend line of how the Direct Print workflow has been used over the last 30 days.

• Location – The Location card shows information about locations including:

  • Defined locations

  • Devices with locations

  • Devices without locations

• Direct Printing Overview – The Direct Printing Overview card shows 12 month running total by selection of Print Volume, Print Cost, and Color Print Volume

More Information: Direct Print Dashboard

Support for multiple IP Ranges for a location

In the March 2023 update, we introduced support for adding multiple gateways and Wi-Fi SSIDs. In this release, Direct Print has been enhanced to allow the addition of multiple IP ranges for a single location. This feature is especially valuable for organizations with multiple subnets.

The  Workstation Location section (under the Direct > Direct Printers tab) has been updated to accept multiple IP range values.

Restrict access to a Print Queue by group

In the June 2022 release, we’ve added the ability for administrators to assign one or more groups to a Direct Printer. When a Direct Printer has been assigned to a group, it is only available to the users within that assigned group. This means that only users belonging to the assigned group can search for and add the Direct Printer. If there are no group assignments, all printers are available to all users by default.

With this update, Pharos Cloud supports the ability to assign groups at the Print Queue level. This enhancement offers flexibility in providing access to specific print queues. For example, your IT administrator can configure Direct Print to grant exclusive access to the “Color print queue” for the Marketing group, while allowing all users to print to a “Black and White print queue”.

Notes:  

• Print Queue level permissions are not supported on Chrome extension. Only Device Level permissions apply to Chrome extension.

• Permission at the queue level overrides permission set at the device level

Changes to the Pharos web console

The  Direct Printers > Print Queues screen now includes a  Permission Groups column. The Queue Properties now include a Permission Groups section.

Note: To ensure backward compatibility,  upgrading to the latest version preserves all current printer-level permissions and allows printer-level permissions to continue to be created and managed.

More Information: Restrict access to a Print Queue by group

Secure Communications for Windows Manufacturer Drivers

To enhance security of Direct Print communications, it has been updated to use the Pharos Secure Print Service for Windows manufacturer drivers.

Pharos Web Console Update

When creating a print queue of type Manufacturer Drivers for Windows, there is a new setting called Delivery Service under the Configuration settings. This setting allows IT admins to specify the method for delivering Direct Print jobs to the printer.

• Pharos Secure Print Service – When set to this option, print jobs will be delivered to a printer using the Pharos Secure Print Service. This is the default value.

Note:

If your site already has queues set up with Windows drivers, these will not automatically transition to using the Secure Print Service during the upgrade process. However, you have the option to manually update your queues to use the Secure Print Service after the upgrade. This update will be applied to any auto-install queue, whether it is configured for daily reset of finishing options or not. The update will occur either when the Print Scout Service is restarted or during the daily overnight update.

Windows Print Spooler – IT admins will have the option to use the Windows Print Spooler if desired. With the Windows Print Spooler option, print jobs are delivered to a printer via a standard Windows TCP/IP port using RAW over 9100.

Note: Pharos recommends using the Pharos Secure Print Service to enhance security by encrypting communications.

Ethernet 241 support for secure release

Pharos Cloud 3.6 now offers support for the rf IDEAS® Ethernet 241 device, providing seamless integration with Secure Release, much like the SR25 hardware. Ethernet 241 is a compact device that connects to a printer and an external card reader, facilitating Secure Release. When a user submits a document, it remains in a queue until the user authenticates at a secured printer to release the document, improving document security and confidentiality.

Here’s the user workflow for releasing jobs via the Ethernet 241 hardware.

1. A user submits a print job to the Pharos Secure Printer.

2. The user walks to any secure printer and holds their proximity card over the reader (connected to the Ethernet 241 device) to authenticate.

3. When the user is successfully authenticated, all print jobs belonging to the authenticated user are released.

Pharos Cloud Web Console Update

The Pharos Cloud web console now includes options for deploying Ethernet 241 for Secure Release. The following screens of the Pharos web console have been updated with the Ethernet 241 option.

• The Secure > Secure Printers screen now includes a new Deploy External Card Reader action button. This button offers two options: Deploy SR25 Hardware Guide and Deploy Ethernet 241 Guide. These options provide step-by-step instructions for deploying your chosen external card reader (either SR25 or Ethernet 241).

Selecting the Deploy Ethernet 241 Guide option opens a dialog box that enables administrators to download the DDU (Device Deployment Utility).  which is required for securing printers with Ethernet 241.

Notes:

• The Deploy External Card Reader option is available only if you have a license for External Card Reader Release.

  You will need your organization’s Site Encryption Key to download the DDU.

  Ethernet 241 supports IPv4 only. Only printers with IPv4 addresses can be secured with Ethernet 241.

• The Secure > Setup Guide > Configure Secure Release section of the web console now includes a new section called Secure Printers with External Card Reader. It includes Deploy SR25 Hardware Guide and Deploy Ethernet 241 Guide as options, which provide step-by-step instructions for deploying your chosen external card reader.

Note: The Secure Printers with External Card Reader option is available only if you have a license for External Card Reader Release.

• On the Secure > Settings > Secure Release Settings > Release Methods screen, the SR25 Hardware option has been replaced with External Card Reader.

Device Discovery Utility (DDU) Update

The Device Discovery Utility (DDU) has been updated to include Ethernet 241 configuration. The DDU lets administrators quickly find Ethernet 241 devices on the network and secure printers for Ethernet 241. Securing devices for Ethernet 241 is performed through the DDU instead of the typical method of securing printers via the Secure Printers dialog in the web console.

If you have a valid External Card Reader Release license, you will see the Ethernet 241 Configuration dialog box when you run the DDU. The Switch to Printer Configuration option on the upper right corner of the user interface allows you to switch between Ethernet 241 configuration and printer configuration for the cloud. 

Select the Secure Printers option to initiate a network scan for Ethernet 241 devices and to secure printers with Ethernet 241 devices. 

You can complete the installation and configuration of the Ethernet 241 device in four simple steps.

1. Connect the Ethernet 241 device to the printer and attach a proximity card reader.

2. Download the Device Discovery Utility (DDU) from the Pharos web console.

3. Install and run the DDU.

4. Secure the printer with Ethernet 241 using the DDU.

More Information: Ethernet 241 Deployment Guide

Pharos cloud web console enhancements

Data Privacy Enhancements

Added the option to anonymize print user information

This update provides organizations the flexibility to anonymize print user information when necessary to reduce the risk of exposing sensitive personal data. This feature is suitable for sites where associating print transactions with specific users is not required.

Each Data Privacy Region is associated with a default Collected Print Job Information setting found in the Profile > Data Privacy tab of the web console. This setting determines whether to collect, one way hash, or not collect print user information. The Data Privacy region feature now includes the following updates.

• The Do Not Collect option has been added to the Name field. With this option, Pharos Cloud will not collect a user’s name and other associated user information.

Notes:

• When the Name field is set to Do Not Collect all other user fields (except for Document Name) are automatically set to Do Not Collect as shown in the image below. In reports, the user data will be displayed as “Unknown”.

• This setting applies at both the regional and individual user levels.

• The Collect and Hide option has been replaced with Collect and One Way Hash to reflect its actual functionality.

More Information: Data Privacy and Document Storage

Added the option to collect only print job information from Pharos Cloud managed printers

Pharos Cloud 3.6 introduces a new option that allows you to collect print job data either from devices managed by Pharos Cloud only or from all printing sources.

To support this feature, there's now a new option called "Report" in the Print Scout Configuration settings within the web console ( Discover > Print Scout > Configure). This setting gives you control over whether to collect data from all printing sources or only from printers managed by Pharos Cloud. Options include:

• All Printing - Collect print job information from all printers including printers not controlled by Pharos Cloud.

• Managed Direct and Secure Printing only - Collect print job information only from Pharos Cloud managed printers with Secure Print Direct and Secure Printing. This ensures that Pharos Cloud doesn't collect print job data from printers outside of the Pharos Cloud system, such as users' personal home printers. This is the default option for new customers.

Backward Compatibility: After the update, the Report field will be set to “All Printing” for existing customers. For new customers, the default setting will be "Managed direct and Secure printing only”.

Security Enhancement: User Account Lockout

This update introduces the new User Account Lockout feature, which is designed to protect user accounts in the Pharos web console from unauthorized access.

With this feature, a user’s account is automatically locked out after a specified number of unsuccessful sign-in attempts. Pharos Cloud will track sign-in attempts made by users. By default, once five (5) consecutive failed sign-in attempts are detected, the system will temporarily lock the associated email address with a lockout duration of 10 minutes. The user receives an email notification when their account is locked.

The following image shows the email notification that a user receives when their account is locked.

Note: The default settings for the number of sign-in attempts and the account lockout duration are pre-configured, but these values can be modified by the Operations team as required.          Key benefits and key features

• Enhanced Security: The user account lock feature provides an additional layer of security by preventing unauthorized access to user accounts after a certain number of failed sign-in attempts. 

• User-Friendly Experience: The email notification regarding the locked account status helps users understand why they are unable to access their accounts. It also guides them through the process of unlocking their accounts, ensuring a smooth user experience. 

• Account Recovery: By integrating the account lock feature with the existing "Forgot Password" process, users can recover their accounts easily and securely, without needing to contact support or undergo lengthy manual verification processes. 

• Reduction in Unauthorized Access: The implementation of this feature significantly reduces the risk of brute-force attacks and unauthorized access to user accounts, thus safeguarding user data. 

Improved Licensing Page

This update introduces significant improvements to the licensing interface ( Profile > License tab) on the Pharos web console. This provides IT administrators with a smoother and more user-friendly user experience when managing Pharos Cloud licenses. The new user interface provides a clearer and simpler overview of your licenses to view information including expiration dates, products, add-ons, and number of licensed users and devices, and so on.

Here's a list of the changes to the licensing page:

• Consolidated Expiration Date: The License page now presents a consolidated view of the expiration date of the account, which represents the expiration date for all purchased licenses.

  Pharos Cloud displays an alert for the following scenarios:  

  • When the account's expiration date is within 30 days: If the account's expiration date is 30 days or less from the current date, a warning indicator and accompanying text will appear, indicating that the account's license will expire within the next 30 days.

  • When the account's expiration date has passed: If the account's expiration date matches the current date or is in the past, a warning message will be displayed, stating, "Your Subscription has expired."

  • When consumed licenses exceed the licensed number: For both user and device licenses, if the number of licenses used by the account reaches or exceeds the licensed quantity, a visual warning indicator specific to the affected product or add-on will be displayed.

• Separation of Purchased Products – The licensing page now distinctly separates and lists each purchased product, ensuring IT admins can quickly identify the products they have purchased.

• Display the number of purchased users and active users per product and add-ons. This allows IT admins to effectively allocate and manage user access.

• Display the number of purchased devices and per product and add-on - For each listed product or add-on sold by device license, the Licensing page displays the number of purchased devices, and active devices allowing customers to easily understand their product-specific user allocation.

More information: Pharos Cloud Licensing Information

Serial Number Display for Local Devices

With this latest release, Pharos Cloud now displays serial numbers for local devices (for example devices connected via USB). While Pharos Cloud always collected serial numbers for local devices, IT admins have not had access to this information through any available device detail views, reports, or analytics. This feature significantly improves device identification and enhances asset tracking capabilities.

Key Benefits

• Efficient Tracking Device Identification: In some organizations, serial numbers are typically the primary identifier for devices. With this feature, IT admins can quickly and easily identify and manage specific locally-attached devices within their print environment.

• Comprehensive Print Analytics: Serial numbers are now included in the Print Analytics data, allowing organizations to delve into detailed insights regarding print and device performance. This enables the precise identification of devices through their serial numbers.

• API Access to Serial Numbers: IT admins now have access to serial number data via APIs (in the Analysis tab), providing organizations with the flexibility to integrate this information into their asset management systems if they have one.

Note: Data on local devices is available only on the Print Transactions Data and Monthly Print Data under the  Analysis > API tab.  It’s not available on Device Meter Data.

The following tabs in the Pharos web console display the serial number for local devices

• Discover > Device Cost

• Discover > Device Inventory

• Fleet > Personalized Views

mfp new features and enhancements

• Support for cloud-connected Konica Minolta and Ricoh devices

• Support for Cloud Release (Pull Print) on Ricoh devices

• Secure Scan New Features

  • User-based authentication for Scan to Office 365 (Scan to OneDrive and Scan to SharePoint)

  • Scan to SharePoint Integration  (supports User-based authentication only)

  • Device default scan option configuration for Konica Minolta devices

• Bug fixes and miscellaneous improvements

  • Added support for HP Legic Card Reader

  • Added support for Xerox Primelink devices

  • Addressed Xerox latency issues

  • Replaced KM Certificate

  • Updated Secure Scan process for unsupported devices

  • Addressed a 2-sided scan issue for Secure Scan

  • Resolved a scan to mail issue where the Note field could be edited

Support for cloud-connected Konica Minolta and Ricoh devices

In March 2020, Pharos Cloud introduced support for cloud-connected print devices (using the Cloud Connector) enabling organizations to eliminate their print infrastructure, including print drivers and queues. This feature was initially limited to HP devices only.

With this update, manufacturer support for cloud-connected devices is now extended to Konica Minolta and Ricoh devices. This means that KM and Ricoh will move to a true cloud experience, eliminating the need for a locally installed Site Service and also not requiring running in a local network with direct line-of-sight access to print devices. KM and Ricoh devices can now seamlessly operate with the Pharos Cloud Site Service.

Updated Discovery and Deployment Utility (DDU)

To secure cloud-connected KM or Ricoh devices, IT administrators will need to use the DDU (Discovery and Deployment Utility). The Device Discovery and Deployment Utility is a stand-alone utility that scans the network for printers that can be secured. It is also used to secure, resecure, and unsecure cloud-connected printers. This update includes the necessary changes to enable the DDU to effectively support cloud-connected KM or Ricoh devices.

Limitations of cloud-connected KM devices

• In this release, the following features are NOT supported for cloud-connected KM devices

  • Secure Scan

  • Touchless Print

• For KM cloud-connected devices, devices must support the Authentication and Setup function version 5.1 or higher. You can determine the supported version of Authentication & Setup by referring to the Device Description available at the following URL: http://[Device-IP-Address]/OpenAPI/DeviceDescription/

Note:  The minimum supported version is specified as Major: 5 and Minor: 1.

• Once a device is unlocked, if a user goes back to the Secure Release app and attempts to use the "More Device Functions" or "Sign out" buttons, these buttons will not function as expected. Instead, the user will see a message indicating that the device is unlocked, accompanied by instructions on the appropriate actions to take.

To return to the device home, click the Menu button on the printer user interface.

To sign out of Secure Release, click the Logout or Access button on the printer user interface.

Note: This limitation applies to cloud-connected KM devices only. It does not apply to on-premises KM printers.

More Information: Configuring Cloud-Connected Devices

Support for Cloud Release (Pull Print) on Ricoh devices

With this update, Ricoh devices now offer support for Cloud Release (also referred to as "Pull Print"), When Cloud Release is enabled, print jobs are retrieved directly by the printer from cloud storage.

For this feature to work, the following are required.

• Cloud Connector is configured (i.e., Cloud Site Service)

• Cloud Storage is enabled.

• Cloud Release is enabled

Note: Previously, Cloud Release was supported on HP printers only.

Known Issue: The Print Options feature on the Ricoh Printer does not function as expected for jobs submitted via IPP queues. For example, if a user prints a document in "Mono" and tries to switch to "Color" at the printer, the change will not be applied. Instead, the document will be printed using the finishing options that were set when the document was initially submitted.

More Information: Cloud Release

Secure Scan Updates

• User-Based Authentication for Scan to Office 365

• Scan to SharePoint Integration

• Default scan options for Konica Minolta devices

• Multi-language support

User-based authentication for Scan to Office 365

The “Scan to Office 365” feature allows users to upload scanned documents directly to a user’s Microsoft OneDrive folder. In the previous version of Secure Scan, integrating scanning to Office 365 required tenant-based configuration with application permissions.

This release introduces the new User-based authentication feature for secure scanning, which uses delegated permission (i.e., user’s permission) instead of application-based permissions, thereby enhancing security. With the User-based authentication, individual users will authorize the Secure Scan app access their Office 365 OneDrive or SharePoint folders. When a user clicks Scan Document, they will receive an email notification with an authorization link to complete the process.

Key Benefits:

• Simplified Configuration: This change simplifies configuration for Scan to Office 365, eliminating the need for IT administrators to register an application (representing Secure Scan) in Microsoft Azure. IT admins are no longer required to manually create an application in Azure; instead, this process is now handled by Pharos on your behalf. In this update, the only requirement is to make sure that the Enable User-Based Authentication setting is selected in the Pharos web console.

• Improved Security: The transition to user-level permissions enhances overall security by ensuring that each user explicitly grants access to their personal Office 365 folders, reducing the potential for unauthorized access.

Update to Pharos Web Console

A new setting called Enable User-Based Authentication has been added to the Secure Scan settings. When enabled, this lets users scan documents to their OneDrive or SharePoint folder.

Backward compatibility for existing customers

New Pharos Cloud customers will see the User-based authentication option only. However, existing customers can maintain their tenant-based configuration if they choose. Organizations choosing to transition to user-based authentication will need to apply the latest version of the Site Service. Once the transition is made, the tenant-based information will be reset, and reverting back to it will no longer be possible.

More Information: Configuring Secure Scan

Scan to SharePoint Integration

In this release, Secure Scan introduces SharePoint as a supported destination. This new feature enables users to conveniently upload scanned documents directly to a user’s SharePoint folder.

To enable Scan to SharePoint, navigate to the Secure  > Settings > Secure Scan Settings tab of the web console and select the Enable User-Based Authentication setting.

Note: SharePoint integration requires user-based authentication only and is not available for tenant-based authentication.  

Default scan options for Konica Minolta devices

For KM devices, a predefined set of default scan options will be available. This simplifies the scanning process for users, allowing them to quickly scan documents without navigating through multiple clicks. Previously, the scan options available on KM devices were determined by the device's capabilities, resulting in different scan options available at the printer.

The default scan options are as follows:

• File Format: JPEG

• Color Mode: Color

• Paper Size: A4 Short Edge Feed

• Two-sided/One-sided: Simplex

• Quality: DPI 200x200

• Orientation: Landscape

Multi-language support for Secure Scan

Secure Scan has been enhanced to support multiple languages. When using secure printers with Secure Scan, the device's screens will be displayed in the language configured for that particular device. The supported languages for Secure Scan include:

• French

• Italian

• Japanese

• German

• Spanish

• Swedish

• Chinese

• Portuguese (Portugal)

• Portuguese (Brazil)

• Dutch

• Norwegian

Note: If an unsupported language is detected, the user-facing components will display in English.

Bug Fixes and Miscellaneous Improvements

• Added support for HP Legic Card Reader

• Added support for Xerox Primelink devices

• Addressed Xerox latency issues

• Replaced KM Certificate

• Updated Secure Scan process for unsupported devices (Konica Minolta devices only)

• Addressed a 2-sided scan issue for Secure Scan (Konica Minolta devices only)

• Resolved a scan to mail issue where the Note field could be edited

Added support for HP Legic Card Reader

This release adds support for the HP Legic Card Reader. The Proximity Card Options section of the Secure > Settings > Secure Release Settings of Pharos Cloud web console has been updated to add the Legic Card Reader as an option. When selected, it automatically populates the VID and PID values with 1008 and 69 respectively. Legic Card Types 6F03 and 7901 are supported.

Known Issue: When connecting a Legic card reader to the printer, it's crucial to select the HP Legic Card Reader option from the web console first. Failure to do so can result in the card reader not working properly. It's also important to note that Legic card readers currently only support the values 6F03 and 7901. If any other value is added, the card reader will not function properly. Therefore, it's essential to ensure that the Supported proximity card type is set to have only the values 6F03 and/or 7901.

Added Support for Xerox Primelink Devices

This release adds support for Xerox Primelink devices, allowing them to be secured with Pharos Cloud.

Limitations

The following Secure Release features are not yet supported on Xerox Primelink devices:

• Authentication to home

• Secure Scan

Resolved latency issues on Xerox devices

In this release, the issue of slow authentication on Xerox devices caused by network latency between the Xerox devices and the Site Service servers was addressed. Authentication on Xerox devices is now notably faster.

Replace the certificate on Konica Minolta devices

The SHA-1 certificate included with the KM SDK is now being replaced with a more secure SHA-256 certificate. This replacement is made to enhance the security of Pharos Cloud and protect against potential vulnerabilities.

Updated Secure Scan process for unsupported devices (Konica Minolta devices only)

The Secure Scan process has been modified for devices that are not supported, such as single-function devices. If a device is not supported, it no longer proceeds with the scan process. Users are now presented with a message indicating that "Scan Functionality is not supported by this device”.

Addressed a 2-sided scan issue for Secure Scan (Konica Minolta devices only)

Resolved an issue that appeared when a user selected the "2 sides, Top to Bottom" option, only one side of the first page was scanned, while both sides of subsequent pages were scanned as expected. With this update, when a user chooses "2 sides, top to bottom," both sides of all pages are scanned as intended.

Resolved a scan to email issue where the Note field could be edited

The issue where the Note field could be edited has been resolved. After this update, the Note field will no longer be editable.

print scout improvements and bug fixes

• Ricoh Pull Print: Support recording the format of the spool file

• Direct Print: Initial location for Print Scout deployment

• Direct Print: Secure Communications for Windows Manufacturer Drivers

• Policy Print: Enforce policies on the first print

• Added unique Event ID for Print Scout Service “start” and “stop” events

Ricoh Pull Print: Support recording the format of the spool file

Ricoh devices require the spool file format to process print jobs in the Pharos Cloud. To support Pull Print for Ricoh, the Print Scout has been updated to include passing the spool file format (i.e. PDF, XPS, PCL, PostScript (or PS), URF) of the submitted document to the Pharos Cloud. This file format information is used by Ricoh devices to release print jobs.  

Direct Print: Initial location for Print Scout deployment

Location-based printing enables users to print to devices based on the network location of their workstation. The Print Scout, installed on user workstations, identifies the user's current location and presents a list of available printers at that location.

In this release, the Print Scout has been updated to enable administrators to assign an initial location before deploying it to user workstations. Configuring an initial location provides users with immediate access to their printer list, even when workstation location network properties are not configured in the Pharos web console. This enhances the initial user experience and simplifies the Print Scout deployment process.  In the previous version of Direct Print, if a workstation location was not configured in the web console, users had to manually select a location or manually install printers themselves using the Secure Release desktop app.

Notes:

• The primary function of the initial location is to provide a location for a workstation that would otherwise lack one. It is referred to as "initial" because it solely serves this function during the initial installation. Once the system identifies a matching workstation location or a user manually designates a location, the initial location is no longer required. The matched or selected location supersedes the initial location value.

• Initial location applies to new installations of Print Scout only and does not apply to upgrade scenarios.

• Administrators can generate multiple deployment packages, each configured with a distinct initial location.

Auto-install queue (Workstation Location not configured/no matching location)

With this update, if a workstation location is not configured or the workstation location does not match any location, and an initial location is set up, users will immediately see the list of available auto-install queues in their location without having to manually add a location or a printer.

Manual queue (no workstation location/no matching location)

In the case of manual queues, when a user attempts to manually add a direct printer, they will now be instantly directed to the Initial Location configured, where they can view the available printers within that specific location. Previously, users were required to go through a list of all printers and choose from various locations. This streamlined approach is particularly advantageous for organizations with many locations and a large number of configured printers.

Manual selection of location

When users click on the Workstation Location, they will be shown the Initial Location.

Print Scout Configuration tool Updated

The Print Scout Configuration tool has been updated to include the  Workstation Location section, providing IT admins with the option to configure the initial location for the Print Scout

The Initial Location is set to None by default. When set to "None," Direct Print works as in the previous versions where users will be required to manually choose a location or manually install a printer using the Secure Release desktop app if no auto-install printers are available or if there is no matching location.

To choose an initial location, click the "Select" button located under the Workstation Location section. This action will display a list containing all the locations configured in the Direct > Direct Printers section of the web console.

Print Scout deployment workflow

1. Using the Print Scout Configuration utility, the administrator configures an initial location.

2. The administrator creates a deployment package.

3. The administrator deploys the Print Scout package to workstations.

Direct Print: Secure Communications for Windows Manufacturer Drivers

The Print Scout has been updated to use the “Pharos Secure Print Service” when Windows manufacturer drivers are used to deliver print jobs for Direct Printers. This ensures that print job delivery is encrypted and secure, supporting print zero-trust environment.

There is an option in the Pharos web console to change the delivery service to use the Windows print Spooler’s TCP/IP port if desired.

Policy Print: Enforce policies on first print

Policy Print implementation in Print Scout has been updated in this release. A user’s policy information is now retrieved from the server upon user login. This allows policies to be applied immediately to a user’s very first print job. In the previous version, policies were only downloaded after the first print, resulting in policies not being applied to the initial print job.

Note: This feature applies to Windows Print Scout only.

Added unique Event ID for Print Scout Service "start" and "stop" events

The Print Scout has been updated to generate distinct Event IDs within the Windows Event Viewer for both "Start" and "Stop" events triggered by the Print Scout Service. This enhancement enables administrators to easily query the event log for a specific Event ID, providing a convenient way to find Print Scout "start" and "stop" events.

Known issue

Restart issue: Pharos Systems Sentry Print Service must be manually stopped and started

When attempting any restart of the Pharos Systems Sentry Print Service, an IT administrator should first stop the service in Windows Services and then separately start it again (cannot simply click "Restart").

Component release versions

This release includes the following software components and release versions.

*Note: Secure Release mobile apps and the Chrome extension are published after the Cloud Services are updated.