I hope I can ask for advice here. I didn't see anything against this in the rules, but also don't want to harsh the vibe. If it's not ok, please delete my most.
TL;DR - I need to share a network printer with the greater network, while also making it available to non-networked Windows XP and Vista computers. I am seeking advice on how to do this without connecting the out-of-compliance computers to the network (or to each other).
I can't believe I have to consider this problem, but here I am. We have a bunch of equipment ranging from about $20k to over $250k each, with computers running Windows Vista and Windows XP. We can't replace the computers, because both the software and device drivers are proprietary and we can't get the updated versions without purchasing new devices. The department must be able to print from these computers.
So far, I've implemented a "floating USB" methodology, where the printer is connected through one USB cable that the tech moves from computer to computer, as s/he needs to print. They only ever use one, MAYBE two, at a time, so the floating USB isn't as inconvenient as it sounds. The subscription on the printer that's in there now, ends soon and corporate is unwilling/unable to renew at this time. The only other printer the department has, is across the hall.
I proposed to move that printer to the other office, connect it to the network to allow them continued ability to print from their laptops, while continuing the floating USB for the WinXP and WinVista machines. They declined, as they use that printer quite often, and don't want to have to run across the hall during high-stress tasks.
I thought about running USB the distance, but it's capped at about 5 meters / 16 feet.
My latest proposals include an active USB extension cable or USB-over-Ethernet and running USB cabling in the rafters, which will allow for the floating USB method as well as keep the printer networked. My goal is to keep these XP and Vista computers disconnected from the network. I know connecting them to a networked printer isn't great, but it's better than connecting them directly to the greater network.
Another idea I had was to create a physically segregated network for these computers only, disconnected from the greater network, with the printer connected to this network's firewall via USB and shared as a Networked printer inside this internal network. The printer will also be connected to the greater network via Ethernet, and used there. The issue I have with this, is that it keeps the XP/Vista computers connected to each other and to the printer, which still holds the risk of infection spreading among them.
I'm anticipating the (worst case) push to connect them to the internal network and "just put them behind the firewall," which, as you all know, is a very bad idea. Therefore, I'm trying to amass as many viable ideas as I can, in the hope that one of them will prevent the worst case.
Does anyone have any other ideas for sharing this printer with networked and non-networked computers?