System Requirements
Hardware Requirements
| Minimum | Recommended | |
|---|---|---|
| CPU | 4 cores | 16 cores |
| RAM | 8 GB | 32 GB |
| Free Disk Space | Based on storage requirements. Vault requires (temporarily) at least double the size of a file you wish to process. For example, if you plan to process a 1 TB file at least 2.1 TB should be available temporarily in order to successfully process and encrypt the file. Once the file is processed disk space will be restored. |
Software requirements
Operating Systems
- Windows 11
- Windows 10
- Windows Server 2012 R2 / 2016 / 2019 / 2022
Bitness: 64-bit only
Windows Installer 5.0 or higher
Minimum supported browsers
- Chrome
- Microsoft Edge 38 or later
- Safari 5.1 or later
- Firefox 52.9.0 or later
Additional installation of 3rd party framework/components
The following frameworks/components are being automatically installed by MetaDefender Vault and should not be removed:
| Name | Details |
|---|---|
| .NET Framework | Microsoft .NET Framework 4.8 |
| Microsoft Visual C++ 2015-2019 redistributable | Microsoft Visual C++ Redistributable 2015-2019 |
Database installation
By default, MetaDefender Vault bundles Microsoft SQL Server 2019 Express LocalDB but the recommended deployment is to use an SQL Server from the table below:
| Name | Editions | Supported |
|---|---|---|
| SQL Server 2014 | All | Yes |
| SQL Server 2016 | All | Yes |
| SQL Server 2017 | All | Yes |
| SQL Server 2019 | All | Yes |
| SQL Server 2022 | All | Yes |
An SQL Server local account must be created with at least the following server roles (public, sysadmin).
Windows Authentication (Integrated Security) is also supported for authentication. In this case, the service account should have "Logon as Service" rights.
Web server configuration
NGINX is used as our underlying HTTP(S) and reverse proxy server. The web server is embedded in the application and is not shared by other processes running on the machine. All NGINX processes will be stopped, and the program itself physically removed from the hard drive, following a successful uninstall of MetaDefender Vault.
On startup, the web server will begin listening on the previously configured HTTP(S) port or on the default HTTP port (8010 if free), in case of a clean install.
Following MetaDefender Vault version 1.3.7, REST API calls should be made to the Web UI port. The reason is that the REST API service connection is no longer secured (TLS/SSL connections are no longer supported). NGINX acts as a TLS/SSL termination proxy for the REST API service.
Port usage
MetaDefender Vault requires two free ports in order to run:
| Service name | Port | Firewall Rule |
|---|---|---|
| MetaDefender Vault Web UI | 8010 | Needed |
| MetaDefender Vault REST API | 8000 | Not needed; Internal usage only |
Whitelisting requirements
- In order to be able to access the user interface from outside, the port 8010 (default) should be opened
- Any process running out of the MetaDefender Vault install directory should be whitelisted. It is best to exclude the folder from any real-time protection
- File storage (permanent and temporary) or the installation folder should be excluded from real-time protection
- The service account should have "Logon as Service" rights.
- To be able to start, stop, and interact with services without requiring interactive logon privileges.
- To log on and run batch jobs (scheduled or executed automatically).
- To be able to connect the database by using Windows Authentication.