If for example you have 20 printers installed on a windows 2003 server. Do you only have 1 spool "folder" or is it typical they'll be a spool folder for each printer on the server? What is the name of the spool service? As I understand it when user X sends a print job to a network printer, if theres a que it'll just go into a spool folder on the servers hard disc and wait until it is processed, and then the spool file shall disappear. Whats default location of this spool folder?

Hi cf090, There's a single spool folder in c:\windows\system32\spool. The service is actually called "Printer Spooler" as you would see it in the Services console, but the short name for it is "spooler". But yeah, your exactly correct, the print server will simply queue those print jobs and send those jobs to the printer one by one.

Thanks Nathan, Do you know how a print job is transmitted across the Network , i.e. when the user prints the job. Is it relatively well obfuscated/encrypted or is it relatively easy to disect if someone sniffed it. As a general observation, with printers, in most setups I have noticed many MFD's tend to be are on the same subnet in many cases as a large number of users workstations. Whereas a Database Server may well be on a LAN segment where no users are located. I just fear of sniffing attacks against sensitive print outs and how well they can read if a bad guy decided to "go rougue". And options to better protect the job in transmission. I think the spool file itself, they key control in windows security, i.e. a strong password associated with local admin password, strict NTFS directory Acl, albeit due to the location you say thats by default within an administrative share.

By default, if it's just plain text document, then printing over the network would be plain text, which could easily be picked up using sniffer software. As for securing that data between the PC/Terminal Server > Print Server > Printer, it really depends on your existing hardware, how your network is currently laid out, and how communication across the network is currently secured (for example IPSEC). It's a huge subject, and there are a lot of solutions to help protect your sensitive data. It won't often be as simple as a few clicks of a mouse button to secure that information across the network when it comes to printing, as a lot of printers are not really designed with that kind of security in mind. For those that need to print sensitive information, the most secure way would be to physically connect a printer to the local PC, thus eliminating this problem immediately. For communication between the PC/Terminal Server > Print Server, communication (if your not already) can be secured using IPSEC. Fairly easy to set up if your on a domain, and preferably if all of your PC's support it. For communication between the Print Server and the Printer, again connecting it directly to the print server would be a good option (if at all possible). There are printers out there that are specifically designed for this, such as the HP P3010 series, which provides a number of elements of security, not only securing communication over the network, but also providing an element of physical security too. For example, print outs can be secured by actually holding the print job, until the user goes to the printer and types in their pin number to retrieve it. See also: http://en.wikipedia.org/wiki/IPsec