Genius Server functional overview
The Genius Server has a modular architecture that can be easily extended. Each module performs a specific task and can be activated or deactivated according to customer requirements.
The Genius Server is the core component of the Genius Bytes solution and combines all services necessary to use both Genius MFP and Genius BPM. Both solutions can be integrated together and run in the same environment. All that is needed are different licenses.
The Genius Server is also known by its old names, MyCDDS, CDDS. CDDS was the abbreviation for “Central Document and Device Service”.
IT Architecture
Architecture and target groups
The solution comes from the large customer environment and was originally developed for this purpose. Benefit from the fact that the Genius Server can take on different roles in the IT infrastructure depending on its configuration. It can be used as a single server, cluster node or zone server. This enables complex and flexible solution architectures. The Genius Bytes solution fits into small, medium and large (enterprise) IT environments.
Free choice of operating system
The Genius Server is designed as a Service Oriented Application (SOA) for easy scalability in JAVA. The JAVA platform allows you to choose your operating system. Whether Windows or Linux, simply choose your preferred OS.
Multi-database support
The Genius Server supports multiple databases. Currently these are either MS SQL Server, Oracle DB or PostgreSQL database. Since most of our end customers already have a database system with appropriate licenses and backup tools, we only need one instance to get started.
Own application cluster feature
The Genius Server can be used as an active application cluster without the need to run a cluster-capable OS under it. Application cluster means that the solution monitors whether a cluster node is still working. If a node fails, the other available servers take over.
Integration of other OMS
The solution is based on and uses common standards. So almost any system (host/mainframe/etc.) that uses the standard print protocols LPR or IPP can send print jobs to our solution. For some technology partners like e.g. the OMS system from SEAL Systems there are integrations via interfaces, to avoid double processing of print jobs.
Authentication
Genius Server user management
The Genius Server features an integrated user management tool. If a print job is submitted to the system by a user unknown to the internal user management, and no external user management is configured, an internal user will be created automatically. This user is marked inactive until the administrator sets a password for the user. This ensures that no print jobs will be lost because of unknown users.
Manual (Credential) login Web-Frontend
Login to the user Web-Frontend can be done manually by entering the username and password. These credentials are checked against the internal or external user management. A user which is doing no action on the MFP will be logged out automatically.
To login to an MFP, please refer to the Genius MFP description. Read more here>
LDAP (MS-AD) authentication provider
Existing user management systems such as Microsoft Active Directory or other LDAP-based directory services can be used for authentication.
show more >Auto registration (by login/ by print job) for external user
If an external LDAP is configured, the system registers a user internally without any action by an administrator. This process is triggered by either the first user login to the Genius Server (via a device or the web front-end) or by the first print job submitted to the system. This internal user is necessary to store personal settings (user profile), and for information that is not provided externally, such as card ID or cost center or PIN settings.
Alias IDs
If a user has multiple login IDs, (such as Windows user ID, a host-based user ID, an SAP user ID etc.) these IDs can be mapped to a single ID in the external LDAP server by using the Alias function of Genius Server. In this way, a user can see all of their jobs, even if they were created under separate IDs.
Card/Badge authentication provider
This authentication provider for cards/badges can establish a connection to external systems to retrieve specific data. This is particularly useful when the user management and card identification data are maintained on different systems, e.g. LDAP and door access control or time recording systems.
show more >Card register mode
Sometimes card data is not available in the customer’s directory service. In this case, mapping to user data can also be stored within Genius Server. In keeping administrative efforts as minimal as possible, user name/card number mapping can be automated in the user administration of the Genius Server or, if desired, written in the customer’s directory service.
If an unknown card is used on the card reader of a multifunctional system, the user will be asked to register the card. In this case, the user must manually enter his username and password in the system (like on the PC), and then the card on the reader is linked to this user in the user management of Genius Server.
Once the card has been read by the card reader, the user will receive a confirmation that the card has been successfully registered. From this point forward, he will be able to authenticate normally with his card on the system.
Group management
In addition to the built-in user management the Genius Server features a corresponding group manager. It is also possible to use groups existing in other directory services.
Role management
Access to the different features of the solution is controlled by individual user rights, which are bound to roles. Roles are fixed, and can be assigned to users or groups.
Printing
Direct Print Spooler (DPS)
The DPS is the centralized scalable service within Genius Server to process and output your print jobs.
show more>Print Manager (queue & jobs)
It is possible to stop and restart print queues in the Genius Server. Failed print jobs must be resubmitted.
Print strategy
For each print queue, the order in which print jobs are submitted to the device can be defined. The following strategies can be assigned:
- Last in, first out independent of user (LIFO)
- First in, first out independent of user (FIFO)
- Priority for same user (FIFO)
- Priority for same user (LIFO)
This can be used to optimize output speed.
Print job analysis
This analysis module is useful to check important print job properties (e.g. page counter, color, or black and white, etc.). This information is displayed on the Genius MFP device and is used to create statistics and reports.
The printing rules, print job modifications and some of the Genius BPM process functions are based on the analysis of this information.
Delegation printing
In contrast to the Alias IDs, which are managed by the administrator only, the delegation printing function offers the users via the web front-end, a way to share their print jobs with other users.
The user can specify the approval for individual colleagues or groups. Also, an expiration date can be assigned, at which the delegation will be terminated automatically.
It is also possible to use delegation printing by appropriately configuring printer queues using specific queue names. This way print jobs can assigned automatically to other users, without the need to install additional software on the client.
If the Genius PC Client is used, then a single targeted print job can be printed for individual users in their Pull Printing Queue.
Print rules
Using print rules, the printing process can be made more flexible and economical. Print jobs can be filtered to specific devices according to customizable conditions (number of pages, job size, paper size, color/monochrome printing, queue name, job owner, target device, etc.). As a result, print rules assigned to the filters can also block jobs, change the job owner, or modify the print queue.
show more >For example, when a user prints a document in color mode on a monochromatic device, a rule can be defined to convert the document from a colored print job to a black and white print job before sending it to the device.
A Genius BPM process can be started by an incoming print job whether predefined rules have been set in advanced. Using the Genius BPM other additional options are possible: print jobs can be sent via e-mail, archived, converted, etc.
show less <Pull Printing
For the Pull Printing feature, the user initiates a print job, it is stored by the print server for a defined period, and can be retrieved within this period after successful user authentication on any device connected to the system. This enables secure and confidential printing. It is also possible to establish a system extending over multiple locations.
When the user is authenticated on the MFP, the list of print jobs being held is displayed so that the user can select and print them. Selected or all jobs can be ‘printed’ or ‘printed and deleted’ or immediately ‘deleted’.
Multiple Pull Printing queues
Devices can be organized in groups, according to, for example, their equipment or dedicated users. These device groups can maintain their own pull printing queues to fulfill different re-quirements for pull printing.
Automatic clean of Pull Printing jobs
Using the Genius Server, a user can centrally configure how long pull-printing jobs shall be held. If the defined time expires, the print jobs are automatically deleted.
More pull-printing features of the Genius MFP Client can be found here >
Accounting
Requirements for accounting
As any accounting feature of the solution makes use of SNMP, it is mandatory that all connected devices support at least RFC 3805 (“Printer MIB v2”).
User based accounting
When the user logs on, the server keeps track of all details related to his authentication session with (user identity, type of machine, machine IP address, start and end time of the session, status, as well as machine counters).
Counter reading is performed both when the session opens and closes. A session is closed when either the user logs out intentionally or the machine logs out automatically after the session expires. Therefore, the exact number of pages consumed by the user during his session is accounted for in the Genius Server, providing accurate expense reports. Page counts from print job evaluation are not used, as they may not be accurate enough and cannot take into account incidents such as paper jams, etc.
Anonymization of user accounting data
User-related counter information can be anonymized before it is written to the database, to meet data privacy requirements. However, with anonymized accounting information, it is not possible for the individual user to control his printing behavior via the web front-end. Data privacy requirements may also be met by setting appropriate access rights for individual accounting data; please check with your local jurisdiction.
Device based accounting
It is possible to define intervals where all machine counters are read and stored independent of any user sessions. This data can serve as a basis for accounting by the service provider.
Accounting Data Revision
To maintain the highest level of data integrity, each individual counter is subject to an “Account Data revision” (ADR) process, a quality control process. This applies only the Genius Server data.
This ADR process is based on information such as time stamp, session ID, cost center, serial number, and error messages etc. to make some logical plausibility checks.
If a counter record fails any of these checks, it will be marked in the database according to the customer’s needs.
Web pivot table for accounting data
To get a quick overview, it is possible to evaluate accounting data in a web-based pivot table. The pivot table displays and aggregates information of interest (prints, B/W or color printjobs, device, cost center etc.) This information can be linked to a specific user, a device or cost center.
The result can be exported to Excel.
Quota Management
Quota Management
Quota management allows the administrator to define different price lists for each printer (by specifying a different cost for monochromatic and color pages) and to create a maximum volume, or quota for the users. It is possible to set the maximum amount of expenses (the Quota) and to specify actions when this threshold is exceeded. For each user it is possible to limit a specific amount of expense for a certain period of time (monthly, quarterly, etc.).
show more >If a quota is exceeded, one or more of three possible actions can be executed:
- User can be locked
- User can be sent a warning email
- An email notice can be sent to a different user.
The following functions can be used and configured in quota management:
- Device price list for quota
- Quota definition
- Automatic quota management
- Absolute quota
- Relative quota
- Exceeding quota
- quota assignment
- Individual Quota
Scan
Scanning functions
For a description of the basic scan functions, refer to the Genius MFP description.
We would like to add that the standard scan functions also use the BPM engine of the Genius Server. These are defined there as built-in functions. So they can be configured but not modified.
Address book
Genius Server address book
For the functions Scan2Mail and Scan2Fax it is possible to use an address book that is centrally maintained in Genius Server, containing e.g. fax numbers and e-mail addresses.
The address book is centralized inside Genius Server; it can contain shared or private data. Here, the data can be entered and maintained, and made publicly available by marking them as shared data.
Users can define their private address book and choose to share individual entries with all the other users.
External address book connector – LDAP
It is possible to use an external LDAP server for searching and accessing distributed directory information services. Directory services may provide any organized set of records, such as corporate e-mails or fax numbers.
MS-Exchange personal address book
If MS-Exchange is centrally configured and contains personal address books, they can be retrieved by performing a search from our Client.
OCR Detection
Tesseract OCR Module
The Genius Server has an interface to the open source OCR Tesseract.
This interface must be installed separately.
It can be used to create TXT, searchable PDF files.
OCR ABBYY module
The OCR module integrates the latest ABBYY Engine for document recognition and document conversion. The scanned images can be converted into office documents (Word, Excel or other office formats), PDF documents (searchable PDF or PDF/A) or simple txt files.
The input format for the OCR service can be any of the following: BMP, PCX, DCX, JPEG, JPEG 2000, PNG, GIF, TIFF, DjVu, PDF.
The Character recognition supports more than 190 languages; users can preset the desired languages on the server.
ABBYY provides two license models (one referring to maximum number of pages per month and the other to the number of CPUs) according to customer’s requirements.
According to the Abbyy License types, additional functions such as the white page removal, compression, etc. on PDF formats, or zonal OCR, etc. are enabled.
Note that the OCR License is provided by a third-party-product. The OCR – Client- License should be installed on all the devices, where necessary and one or more Abby License should be installed on the Server. The Abbyy OCR Server runs only on Windows operating systems.
The Server License is installed according to your needs. You can decide to have a monthly page limitation or a CPU-Core without page limitations.
Organization Management
Location management
The Genius Server provides site management to ensure centralized management and unified notation. This can be particularly useful for reporting.
Cost center management
It is possible to define different types of cost centers that can host machines and users. You can manage cost center IDs, names, descriptions as well as members and devices. If a user is assigned more than one cost center, he can choose his cost center when performing a login.
Device Management
Device deployment (Embedded Client)
The installation of the Genius MFP Client is subject to each manufacturer’s own procedure and in principle must be done manually. However, many manufacturers offer specific tools to deploy the client solution.
Device Configuration
By default the client points to the default server name “MYCDDS- Server”, so it is possible to configure all devices instantly by adding a corresponding DNS alias record. Alternatively, the host name of the primary server can be edited by remote access to the MFP Client web interface.
Increased availability by adding back up Genius Servers
Availability of the solution on embedded devices can be increased by adding more Genius Servers. Up to five different Genius Server URLs can be configured in the client, either by IP address or host name conforming to DNS policy. If a server cannot be reached, the next server on this list will be contacted automatically
Device related configuration
From the Role Management Module, the administrator gives permissions to users or groups of users. Furthermore, there is a list of functions and configurations for the Genius MFP Client to be applied on devices or groups of devices.
For example, if users can authenticate as “Guests”, they will have the Guest-Login button displayed (after it has been enabled) on the device.
Fleet- and asset-management
The Genius Server solution includes an internal knowledge base that supports device auto-detection.
show more >This auto-detection can be done in three ways:
- Single device auto-detection by host name or IP-address by entering the device in the Genius Server.
- Bulk detection by a range of IP addresses. This can be triggered once or scheduled periodically
- Implicit by printing. The first time a user sends a print job to an unknown device, it will be created and detected.
Detection discovers the device itself and the related device type attributes. Alternatively, an administrator can add and configure the device and device type manually.
show less <Management of device and model data
It is possible to manage both devices and the associated model data.
Device group management
With device group management, devices can be combined into groups. This feature is useful for the bulk configuration of many devices and in assigning common properties to devices of the same type (e.g. cost center or pull printing queues).
Custom asset attributes for device and device types
If the preconfigured device attributes do not cover all the customer’s needs, unlimited individual custom attributes can be defined and maintained.
Device lifecycle tracking
During a device’s life cycle, many internal and external parameters may change. All these events can be tracked for auditing in the database, such as device moves, repairs, or when changes in the asset data were performed and by whom.
Device lifecycle support documentation (documents upload)
This module allows storing external documents in addition to the life cycle monitoring described above; which could be delivery notes, repair and maintenance reports, or driver packages or manuals associated with a device type.
Info-Button for device details
Useful information about the asset such as host name, IP address, serial number, etc. as well as customized fields are displayed on the MFP panel – the login is not necessary. The visible information is centralized on the server.
Update settings and skins from server
All settings and skins updates of the Genius MFP are launched from the server after a restart of the device or after every logout. Settings are updated once modifications are made.
Reporting
General Reporting
The reporting module of the Genius Server enables quick and easy access to both active and inactive reports. The Genius Server adds all reports for a user to his document list. It is also possible to access historical reports. The user can choose if they want to periodically receive new report notifications automatically by email. Users can subscribe to or unsubscribe from these emails themselves.
Rights management for reports
All reports are subject to access control. Permissions can be given to individuals and/or groups. The user can retrieve or subscribe to only those reports for which they have the appropriate permissions.
Report types
In addition to the included standard reports, custom reports can be created by the user, or customized reports can be ordered from us.
Report formats
Each report can be generated in one of the supported formats such as PDF, Excel, or CSV. It is also possible to generate multiple formats at the same time.
Periodic reports
Reports can be scheduled, which is especially useful for recurring reports and reports that involve large data sets. Time intervals can be defined in many so-called CRON expressions (similar to the UNIX/Linux “crontab” syntax). It is possible to generate reports in hourly, daily, weekly or monthly intervals (other variants are also possible).
Integrated report designer
The integrated report designer can create arbitrary reports based on a variety of basic information available in the database. For any report, a set of parameters such as field and filters, format, time intervals and access rights must be defined.
General functions
Security functions
There is a difference between the data transport streaming (the streaming of printing and communication data) and the (temporary) storage of data.
To print data, the protocol IPP (via HTTPS) encryption must be supported by the device.
Hard disk encryption by area – Server
Data managed by the Genius Server (also temporary data) is encrypted, if enabled on the following sections: Printing, Genius BPM (including all the Scan2 features), E-mail, Genius DMS and Reporting. The selected sections are displayed on the Admin dashboard.
Hard disk (HD) encryption by user or groups
The HD for users and groups of users is encrypted, if enabled on the following files: temporary stored print jobs, E-mail attachments sent using the Scan2Mail or Scan2Me functions. Other BPM, DMS and E-mail printing files are not covered.
Encryption from user computer to Genius Server
Printing data can be encrypted when a document is transferred from user’s computer to the Genius Server in two different ways.
The first one is an OS computer native feature: the IPPS protocol, which is the IPP protocol encrypted by HTTPS. The second one is executed on our Windows computer client: the print job is uploaded through the HTTPS protocol.
For both options the customer needs an existing certification infrastructure.
Encryption from Genius Server to the devices
If the devices and the server have local customer certificates, HTTPS + IPP(s) communication among them can be forced.
Password protected Web application
Both the Genius Web Client (for user interaction) and the Admin Web Client are protected by a login. Users log in with their configured authentication credentials on a web browser.
Change log
When the administrator modifies settings, the information on who and what was changed is stored in log files for review and auditing.
Online Manuals
Each installation includes an extensive online help. It is reached through browser at the link ‘-servername-/docs’.
Extensive information and explanations help you to understand settings and configuration options of the solution.
Functional pre-configurations
The default configurations of many of the MFP device and client functions are centrally managed. Once a user accesses the Genius Server, the settings are automatically updated. The administrator decides whether a user can modify the configurations or not. E.g. by default the Scan2Fax the default resolution is 100dpi because the max. Transfer is 96dpi (fine), it is no necessary that the user modifies the dpi.
KPI Dashboard for Admins
A KPI Dashboard is available for Genius Server administrators. Administrators create KPI widgets on the dashboard and save their preferred dashboard settings.
Different KPI widgets deliver a fast and customizable overview of Genius Server print usage and accounting data. KPI widgets can be configured to show charts for different time intervals.
Easy Asset Management
In the Easy Asset Management section, administrator manages the access to internal (other departments, e.g.) or external service provider.
In this section limited server accesses, assets for third companies are managed.
You have a quick overview on the management of fleet assets, offline devices and the manual registering of their counters information. Furthermore, you can decide which custom asset fields have displayed.
EU General Data Protection Regulation (GDPR)
To follow the European Data Protection Regulation, we implemented some additional features. A detailed Whitepaper is available in order to provide more information.
In the user management section, the administrator can execute jobs for data deletion and pseudonymization (that is, replacing an identifier with a pseudonym – in this case, a random, long string consisting of letters and numbers). All personal data will be deleted as far as functionally possible. Data whose deletion would lead to inconsistencies in the database (for example, accounting and quota information) will be pseudonymized.
E.g. Card + PIN (if managed by the solution), personal address book, etc. will be deleted.
Likewise, the right to access information of a person can be fulfilled. For this purpose, two reports can be created which list the stored data about the person and also output the user’s personal address book.