Arbit Data Diode configuration

This guide describes how to deploy MetaDefender Kiosk, an Arbit data diode, and a MetaDefender Managed File Transfer server for the following use case.

  1. Portable media is scanned by MetaDefender Kiosk
  2. Clean files are passed through an Arbit data diode to a MFT Server
  3. User downloads files from the MFT server

System Deployment

The following should be done before configuring the individual systems.

  1. Install MetaDefender Kiosk with MetaDefender Core on the low-side network

  2. Install the Arbit data diode with the receiving side in the low-side network and the transmitting side on the high side network

    1. Assign a static IP address to the low side
    2. Assign a static IP address to the high side

  3. Install the MFT server on the high side network

    1. Assign a static IP address

MFT Server Configuration

  1. Create the known user accounts on the MFT server

    1. Note the account that should be used as the 'from' account for files coming from MetaDefender Kiosk

  2. Generate the Authorization api key

Arbit Data Diode Configuration

  1. Define the URL list on the high side of the data diode to include the MFT server
    1. URL List includes:
      1. http://<MFT IP Address>:8000/vault_rest/file
      2. http://<MFT IP Address>:8000/vault_rest/transfer
      3. http://<MFT IP Address>:8000/vault_rest/transfer_diode
      4. http://<MFT IP Address>:8000/vault_rest/transfer_file
      5. http://<MFT IP Address>:8000/vault_rest/transfer_file_diode
      6. http://<MFT IP Address>:8000/vault_rest/file/status/<file_id>
      7. http://<MFT IP Address>:8000/vault_rest/file/<file_id>
      8. http://<MFT IP Address>:8000/vault_rest/folder_content/<id>/<start>/<count>
      9. http://<MFT IP Address>:8000/vault_rest/root_folder
      10. http://<MFT IP Address>:8000/vault_rest/files/my/<start>/<count>
      11. http://<MFT IP Address>:8000/vault_rest/transfer_file_chunk_diode
      12. http://<MFT IP Address>:8000/vault_rest/authenticate
      13. http://<MFT IP Address>:8000/vault_rest/scan

MetaDefender Kiosk Configuration

  1. Configure the appropriate MetaDefender Kiosk workflow to enable Copy To MFT in the post-action

  2. Put in the URL of the data diode low-side receiver

    1. http://<diode low-side IP address>:8080/pitcherrestapi/transfer/<URL List>

  3. Enter the Authorization token generated by the MFT Server

  4. Enter the Sender MFT account that was created on the MFT server

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Configuring with Central Management
On This Page
Arbit Data Diode configurationSystem DeploymentMFT Server ConfigurationArbit Data Diode ConfigurationMetaDefender Kiosk Configuration