Xerox® FreeFlow® Digital
Publisher
Information Assurance Disclosure
Onsite, Cloud and ePublishing
Configurations
©2017 Xerox Corporation. All rights reserved. Xerox® and Xerox and Design® are
trademarks of Xerox Corporation in the United States and/or other countries. Other
company trademarks are also acknowledged.
Document Version: 2.2 (January 2017).
Preface
Purpose
The purpose of this document is to disclose information for the Xerox® FreeFlow® Digital
Publisher product with respect to system security. System Security, for this paper, is
defined as follows:
1) How input jobs are received, accessed, and transmitted
2) How user information is stored and transmitted
3) How the product behaves in a networked environment
4) How the product may be accessed, both locally and remotely
Please note that the customer is responsible for the security of their network. The
FreeFlow Digital Publisher solution does not establish security for any network
environment. The purpose of this document is to inform Xerox customers of the design,
functions, and features of the Xerox FreeFlow Digital Publisher solution relative to
Information Assurance (IA). This document does NOT provide tutorial level information
about security, connectivity, PDLs, mobile apps, or Xerox FreeFlow Digital Publisher
solution features and functions. This information is readily available elsewhere. We
assume the reader has a working knowledge of these types of topics.
FreeFlow Digital Publisher normally is configured to use encrypted (recommended) data
paths; however, it can be configured to use unencrypted (not recommended) data paths.
Target Audience
The target audiences for this document are customer IT and network security personnel
and Xerox field personnel.
Disclaimer
The information in this document is accurate to the best knowledge of the authors, and is
provided without warranty of any kind. In no event shall Xerox Corporation be liable for
any damages whatsoever resulting from user's use or disregard of the information
provided in this document including direct, indirect, incidental, consequential, loss of
business profits or special damages, even if Xerox Corporation has been advised of the
possibility of such damages.
i
Table of Contents
Purpose ......................................................................................................... i
Target Audience ............................................................................................ i
Disclaimer ...................................................................................................... i
1 System Configuration ....................................................... 1-3
1.1 System Overview ........................................................................ 1-3
1.2 Configuration Diagrams .............................................................. 1-4
1.3 On Premise Network Diagram .................................................... 1-5
1.4 Cloud/ePublishing Network Diagram .......................................... 1-6
1.5 Public URLs ................................................................................ 1-7
2 Port / Protocol Description ............................................... 2-8
2.1 Xerox FreeFlow Digital Publisher Order / Submission ............... 2-8
2.1.1 User Authentication ................................................................. 2-9
2.1.2 SQL Server Connection ......................................................... 2-10
2.1.3 Job Submit ............................................................................. 2-10
2.1.4 Hot Folders ............................................................................ 2-10
2.1.5 GTxcel Publisher Staging Service ......................................... 2-11
2.1.6 Security Certificate ................................................................ 2-11
2.1.6 Xerox® FreeFlow® Digital Publisher Upload Tool ................. 2-12
2.1.7 Clearinghouse System .......................................................... 2-13
3 FTP Mode Description ................................................... 3-14
3.1 Implicit ...................................................................................... 3-14
3.2 Explicit ...................................................................................... 3-14
Xerox FreeFlow Digital Publisher IAD ii
User Action
System Action
1 System Configuration
1.1 System Overview
There are three major components in FreeFlow Digital Publisher that move
commands and data within the system. They are:
1. FreeFlow Digital Publisher Order Utility: Used by the print shop to submit
print and ePublishing jobs into FreeFlow Core. All jobs begin with this
utility. For customers using pre-paid credits, their credit balance is
available from an API call to a clearinghouse system.
2. FreeFlow Core: an automation system for preparing jobs for printing and /
or for ePublishing.
3. ePublishing Dashboard: completes the conversion of files received from
Core for web and mobile-device use. Print shop personnel have access to
ePublications to add videos, audio files, links, control layout, and preview
as needed. When ready, the publications are approved and made
available to end-users.
1-3