Use this type of job to automatically retrieve files from a remote MetaDefender Managed File Transfer™ instance.
To securely transfer files from a low-security network, it is often more secure for the high-security network to initiate the transfer. Once initiated, the files will be pushed from the low-security network.
Unlike the system-level MFT to MFT mirroring functionality, using the MFT - Pull Files job will only pull files from the configured sources for the users who have defined such jobs.
Configuration
MFT Pull configuration viewed as an user
MFT Pull configuration viewed as an active directory user
Source MFT Username
The username to authenticate with on the remote MetaDefender Managed File Transfer instance.
Source MFT Password
The password to authenticate with on the remote MetaDefender Managed File Transfer instance.
In case of editing or duplicating a previously saved job, the password needs to be re-entered.
Select MFT API Key
If the MFT API Key input type is selected. You should select a stored API key to authenticate with the remote MetaDefender Managed File Transfer instance. This is required when multi-factor authentication (MFA) is enabled on the remote server. See: MFT Keys
Select MFT Source
Select the MetaDefender Managed File Transfer integration to use. Files will be pulled from the selected instance. See: MFT Integration.
Provide Source Paths
Specify the paths to recursively collect and pull files from the remote MetaDefender Managed File Transfer™ instance through HTTP(S). You can configure any number of paths; if no path is added, the root ("/") will be the default source path.
The folder structure under the configured source paths will be preserved under the destination.
Pull Files as a Member of the Selected Group
Select the "Active Directory group" you want to upload files to. Different groups may have different security settings. This field is available if your account is from Active Directory and you belong to multiple groups, or if the "Allow Users to Upload Files Without Specifying Group Membership" option is disabled.
For further information, see Custom MetaDefender Core Workflow Rule for Groups and Active Directory Supervisors Setup.
Destination at MFT
The destination path in the local MetaDefender Managed File Transfer instance where the files will be pulled. If the path does not exist, it will be created automatically.
Transfer Method
Decide what to do with the original files on the remote instance:
- Copy Files: Files successfully pulled will remain on the remote instance.
- Move Files: Files successfully pulled will be removed from the remote instance.
- Sync Files: Keeps a local destination folder identical to a remote source folder.
If multiple source paths point to the same file, the file will only be deleted on the remote instance if it was successfully pulled from all listed source paths.
For example, if move is enabled and there is a file located at /data/logs/log.txt and the source paths /data and /data/logs are configured with the destination /pull, the file will only be removed from the remote instance if the pull was successful for both /pull/logs/log.txt and /pull/log.txt.
Duplicate File Transfer Rule
Decide what to do if a file with the same path already exists in the local MetaDefender Managed File Transfer instance:
- Skip duplicates: The file on the remote share is not pulled into MFT.
- Transfer duplicates with unique names: The existing local file is kept. The new file from the remote share is pulled and saved locally with a unique name.
- Overwrite existing files: Pull the file from the remote host and replace the locally existing one.
The Overwrite existing files option does not perform any pre-check on the local or remote file, it simply overwrites the local file with the remote one, even if both files contain the same data. This means if a file does not change on the remote instance, the same file will be pulled repeatedly.
The Overwrite existing files option will not work for files that have been sanitized by MetaDefender Core and had their filenames changed.
For example, if a file file.pdf is sanitized and renamed to file_sanitized_by_OPSWAT_MetaDefender.pdf by a Core rule, the overwrite function in MFT will not recognize it as the same file, and a new file will be created instead of overwriting the old one.
To ensure files are overwritten as expected, you can configure the sanitization rules in MetaDefender Core. This will maintain the original filename after sanitization, allowing MFT's overwrite function to work correctly.
Sync Behavior for Deleted Files
Decide on the course of action if the selected transfer method is Sync Files.
- Delete from destination: If a file or folder is deleted from the source, it will also be deleted from the destination on the next job run. This ensures the destination remains an exact mirror of the source.
- Retain on destination: If a file or folder is deleted from the source, it will not be deleted from the destination. This option is useful when you want to use Sync to transfer new and updated files but need to prevent any data from being automatically removed from the destination.
Workflow Override
If enabled, select which MetaDefender Core Workflow Rule will analyze the files being pulled.
If Workflow Override is not enabled, the analysis will follow the same MetaDefender Core Workflow Rule as for a manually uploaded file.
Example
I want to pull files from my remote MetaDefender Managed File Transfer instance into my local instance. I only want to pull files that are under the path /work/share and /tools, I want this process to occur on Tuesdays at 10 AM and on Fridays at 4 PM. My username is teodor and my password is pass%123!.
My remote instance can be accessed at the FQDN mft.remote.io. I want my files to remain on my remote instance, just copy them to my user under the path /pulled/mft on the local instance. If a file exists locally then keep it, do not overwrite it. I want my MetaDefender Core integration to analyze such files by the workflow rule "Pulled From Remote MFT."
Pull MFT configuration with Configured Times
Rest of Pull MFT configuration
