System Components

Core Server (Core)

The Core Server presents the central Management Console web user interface which allows system configuration, management, reporting and all license management, as well as managing all connections to the database. The web interface requires user authentication to grant access which can be managed using local accounts or by LDAP Security Group membership.

By default, the Management Console does not use TLS. It is recommended to enable TLS to support secure transmission between the Browser and the Core server, as well as between other components of the system and the Core server. The connection between the Core Server and the database may be encrypted using TLS if the database supports it.

High availability of the Core Server service can be achieved using Microsoft Failover Cluster Services or a Load Balancer.

Secure connection keys can be generated during the installation of the Core Server which ensure that only authorized components can be connected to the system, preventing unauthorized connections to servers or other components of the system.

Delegation Server (DS)

The Delegation Server provides the following functionality:

  • Authentication

    • User Management

    • Accounting

    • Authentication

  • Printing

    • Secure Print

    • Direct Print

    • Rule Based Printing

  • Document workflow

    • Image workflows (Image convert, OCR, Barcode…)

    • Image corrections / Optimizations

    • Delivery (to-Folder, to-Mail, to-SharePoint, to-O365…)

  • Device management

    • Device Monitoring

    • Device Management

    • @Remote

You can install multiple Delegation Servers to make the environment more resilient and to support load balancing for document workflows.

The Delegation Server service does not have a user interface and is managed through the Core Server Management Console.

Communication between Delegation Servers and the Core Server can be encrypted with TLS.

DM Agent

A separately installed application on output devices, the DM Agent works on both cloud and on-premise devices to perform simple polling only – device status, counters, and some main properties can be retrieved from the devices. You can also use the DM Agent to update firmware as needed.

[Cloud/Hybrid] For Ricoh SOP device management in a cloud configuration, you must install the DM Agent application on all Ricoh SOP devices because the servers in the cloud cannot communicate with any devices that are on-site. After installation, the Agent will initiate all communication to the cloud.

Notification Service (NS)

The Notification Service provides long polling sessions to MFP devices, and is installed on the Delegation Server(s). MFP devices open a connection session to the Delegation Server to receive a notification. Because the MFP devices do not have public IP addresses, the SLNX embedded installed on the MFP devices polls the Delegation Server to request new notifications. The Delegation Server holds the connection session open until a new request or task is available. Once available, the server responds and sends the new notification over the connection to the device. When the embedded receives the notification, it immediately sends another request, and the operation is repeated. This effectively emulates a server push feature in the On-Premise deployment scenario.

Redis Service [Cloud/Hybrid]

A Redis Service is required if the Delegation Server is :

  • Used as a scan server
  • Accessed through a proxy server to hold the shared DS data and support load balancing.

There are two options for delivering the Redis Service:

  1. Memcached is a general-purpose distributed memory-caching system delivered as a cloud service by RedisLab on US based architecture.

  2. Entra ID Cache for Redis and Amazon ElastiCache for Redis are general-purpose distributed memory-caching systems.

The Redis Service is used to speed up dynamic database-driven websites by caching data and objects in RAM to reduce the number of times an external data source (such as a database or API) must be read.

Mobile Intranet Extender (MIE)

The Mobile Intranet Extender allows mobile devices to connect to the Streamline NX system to support print submit, print release, and document workflow submission.

It can be installed within the company network for local connection of mobile devices or in a DMZ to allow mobile devices on the internet to connect to the Streamline NX environment.

It is recommended to enable TLS on the MIE, especially when sited in a DMZ.

In a [Cloud/Hybrid] environment, users can submit print jobs to a DS via the MIE server from Chrome devices using Chrome printing. It is also possible to send print jobs using IPPS to the MIE server and have the jobs delivered to the DS for secure print. This allows the use of the Microsoft IPP Class Driver on Windows, or the Ricoh Generic PS Printer PPD on Mac and Chromebook.

PC Client

The Streamline NX PC Client software runs on the customer’s Client PCs (Windows or Mac). It is used to provide E2E encryption, local rule-based print, and client accounting (local connected printers) and delegation print capabilities.

You can manage the PC Client configuration centrally through the Core Server Management Console. The configuration can be deployed using simple batch files or using standard software deployment mechanisms.

Communication between the PC Client, Delegation Servers, and MFPs is encrypted with TLS if SSL settings are enabled.

All DLL and exe files used by the PC Client for Windows are signed with the Ricoh certificate.

In a [Cloud/Hybrid] environment, PC Client is recommended to be used in the Cloud deployment scenario to reduce the network traffic to the internet, which will also benefit printing performance.

SLNX Server Secure Print Port (HTTP(S))

The SLNX Server Secure Print Port (HTTP(S)) is designed to be used where print is to be delivered through Delegation Servers rather than using the PC Client to keep print on the local network.

The SLNX Server Secure Print Port (HTTP(S)) provides a secure print connection over HTTPS to DS servers from client PCs, no matter where the clients are located in relation to the DS (on premise or in the cloud).

MFP Embedded Client

The Streamline NX MFP embedded client is installed on Ricoh multifunctional devices.

It manages access to the MFD, requiring users to authenticate before being able to use the scanning and printing capabilities of the system. It also applies access control policies on user actions if defined. Authentication can be carried out using username and password, pin code, RFID or smart card, or FIDO2 security key.

The Streamline NX MFP Embedded Client configuration is managed centrally via the Core Server Management Console.

Communication between the Streamline NX MFP Embedded Client, the Delegation Servers and the PC Client can be encrypted with TLS.

Authentication Proxy / Authentication Agent [Cloud/Hybrid]

The Authentication Proxy and Authentication Agent services provide the ability to allow a cloud based infrastructure to authenticate users against an on-premise directory (AD/LDAP).

The Authentication Proxy is deployed in the cloud. One or more Authentication Agents may be deployed on-premise communicating to the Authentication Proxy over HTTPS.

@Remote Connector NX [On-Premise]

@Remote (At Remote) is an Internet-based remote management system for MFPs and Printers.

The @Remote service provides the ability for Ricoh and external service providers to monitor the status of devices on the network in real time so that required services can be delivered rapidly, breakdowns prevented, and downtime shortened.

Main Tasks of @Remote:

  • Minimize manual tasks

    For example, meters/counters of network-connected MFPs and printers are read automatically. Previously, tasks associated with collecting and reporting meters/counters such as the customer checking the meter/counter, then filling out a postcard or making a call, are no longer necessary.

  • Monitor Fleet Activity

    Besides the total pages printed by each device, the service reports detailed device usage information, such as usage of each page size, double-sided printing rate, color/monochrome breakdown, and usage in each mode (copier, printer etc.).

    Periodic monitoring of each device on the network keeps track of the connection status and usage of each device. The information can be employed to improve the customer’s device management based on the environment in which they operate.

  • Automating Service Call notification to minimize downtime

    A device's self-diagnostic data is automatically forwarded to the Data Center in the event of a breakdown or other problem.

    The service provider receiving the information can take immediate and appropriate action, making rapid CE or Service Technician arrangements to simplify the process of requesting a repair, and minimizing device downtime.