Selecting a Server to Process Files

I. Scan Limits

Configuring rules to restrict users from initiating a scan session with allowed conditions at pre-processing phase.

Benefit: Allow users to optimize and manually choose data size that will be scanned on Kiosk later.

Image: "Scan Limits" option on Kiosk configuration page

If the user selects files that exceed the configured rules, they will not be allowed to initiate a scan session:

• Max number of files: The maximum number of files that user can select.
• Max file size: The maximum size of each file, measured in megabytes (MB) or gigabytes (GB).
• Max total file size: The maximum total size of all selected files, measured in megabytes (MB) or gigabytes (GB).

Those rules will be applied to both Browse and Process All in Processing options. The appropriate message will appear on Kiosk UI and prevent the user from starting the session, for examples:

• Browse: Attention will be displayed in the Select files screen to show the exceeding rule.

Image: Select files on Kiosk UI

• Process All: A "Limit Exceeded" attention will be displayed if any values surpass their respective threshold.

Image: "Limit Exceeded" notification on Kiosk UI

II. Processing

1. Do not proceed files with a MetaDefender or MFT server

In the case of no scan requirements, the admin can choose neither MetaDefender nor MFT. With this option, only file handling can be executed.

The hash calculation of files can be disabled with option Do not calculate file hashes to speed up the duration of the session.

Image: "Do not proceed files with MetaDefender or MFT Server" option on Kiosk configuration page

2. Use MetaDefender Core server

MetaDefender Kiosk requires a MetaDefender Core server in order to use the multi-scanning technologies and functionalities. The MetaDefender Core server can be installed on the same system as MetaDefender Kiosk or on another machines. The MetaDefender Core server used is configured in the Primary MetaDefender Server option on the Configuration settings page.

Image: "Use MetaDefender Core server" option on Kiosk Configuration page

Workflow Rule

The Workflow Rule drop-down menu determines which MetaDefender Core workflow rule is used to process files from MetaDefender Kiosk.

There are two processing methods to utilize a MetaDefender server:

Files are only processed with the available MetaDefender server chosen at the start of a session

The default behavior is an available MetaDefender server will be selected at the beginning of a session. Any errors encountered with the server will cause Kiosk to retry processing the file with the server.

Include Media Manifest

When used with MetaDefender Core version 4.8.0+, a media manifest can be added to media processed by MetaDefender Kiosk. This setting enables the creation of a signed Media Manifest that contains the scan results for all files that were scanned as part of the session. This manifest can be validated by other MetaDefender products.

Files are processed with any available MetaDefender server during a session

The second processing method allows Kiosk to choose any available server (Primary + Backups) during a session. If any connection failure occurs during the session, Kiosk will re-attempt processing the file on the next available server. With this method selected, the Media Manifest feature cannot be carried out. When viewing files processed under this method in Core's history, they will be displayed individually rather than being grouped into a session entry. All other features are allowed regardless of the processing method selected.

Copy & Go

Files to process are copied from the media to the system for processing later. Users are informed to remove their media when the copy has finished. Once the session is finished, all processed files are removed from the system. The system must have enough free space to accommodate all the files to process.

Use file results from media manifest if available

Kiosk can also validate files according to the Media Manifest file that exists on the media to be processed. If a file is found on the media but not found within the manifest, it will be sent to MetaDefender for processing. The certificate with which the manifest is signed by needs to be trusted on the system, else Kiosk cannot trust the manifest and will send files for processing.

Use existing process results if available

Kiosk can retrieve previously existing results for files by performing a hash lookup instead of uploading a file to MetaDefender for processing. This cannot be used in conjunction with Media Manifest since the manifest always contains the latest results.

File extensions to block

When the file extension matches one of the configured extensions in the list, the Kiosk will treat it as blocked due to the reason "File extension is not allowed". In such cases, the file will not go through the MetaDefender processing.

At lease one extension is required to input to enable this feature. Extension in list is separated by semicolon (;).

Image: "Blocking file extensions" option on Kiosk Configuration

File larger than ## [MB/GB] will be not scanned by MetaDefender

A maximum file size can be specified for files to be processed by MetaDefender, all files larger than this will still be processed by Kiosk without being processed by MetaDefender. The files that are larger are treated as configured allowed or blocked due to the reason "Exceeded file size" .

Image: Choose file size that will be scanned and proceeded by MetaDefender Kiosk

III. Using MFT Server

To reduce user time spent at the Kiosk, processing files can be offloaded to a MFT server connected to a MetaDefender Core. Files will be uploaded directly from Kiosk to MFT , once uploading is done, the session will complete and the user may remove their media and proceed. Meanwhile, MFT will send the uploaded files to MetaDefender to process and, based on the configuration, notify the user when the files are ready for retrieval.

Image: "Use MetaDefender Managed File Transfer server" option on Kiosk configuration page

• Workflow Rule: Core workflow rule that MFT will use to proceed the uploaded files
• MFT Server: See 6. Configuring with MFT for instructions and more details
• Select a MFT account option for file uploads: Choose a MFT account option in this section
• File Chunk Upload Size: Size of chunks a file will be broken into for uploading to MFT
• Maximum File Upload Size: files exceeding the maximum size is not uploaded to MFT server
• Maximum Number Of Upload Files: upload files until the upload count reaches the maximum

MFT account options for file uploads

• Always upload to a MFT guest account A temporary guest login ID is created and displayed to the Kiosk user both on the scan results screen as well as in the digital and printed logs
• Attempt to use user credentials if they are available Kiosk uploads files to the user account that matches the one used during authentication
• Enter MFT user to upload files to Kiosk uploads files to the user account supplied (this can be useful when custom authentication users do not match users synced with MFT)