See how Metadefender Kiosk works
Download our Deployment Guide
Secure File Transfer into High-Security Networks
Metadefender Kiosk offers a safe process for transferring data to and from secure networks. If malware is allowed to enter a secure network, it can cause serious damage, especially in the case of critical infrastructure like nuclear plants.
Additionally, organizations such as financial institutions or healthcare companies that must protect consumer data often have concerns about data leaving their secure network, potentially causing damage to the company's reputation or resulting in hefty compliance fees.
One way that Metadefender Kiosk works to protect secure networks is through an integration with a data diode, a one-way data connection device that allows the internal network to remain air gapped (offline from the outside world), while still allowing necessary data to enter the secure network. Data first enters through Metadefender Kiosk, where a user with predetermined security clearance (such as an IT admin) is allowed to scan data inserted into the kiosk with Metadefender Core's multi-scanning technology. If no threats are found, the data is allowed to pass through the data diode and enter the secure network, where it can be stored temporarily on a Metadefender SFT server. Once the data has been stored, the user can then access the allowed files. All files brought into the organization are logged in the server if administrators wish to later access them.
Click diagram to expand
Metadefender Kiosk offers the following features for maximum protection of high-security and air-gapped networks:
- Scan portable media from guests and insiders with more than 30 leading anti-malware engines
- Securely transfer files into air-gapped networks
- Log all files brought into an organization
- Inspect archived and encrypted files
- Sanitize high-risk files
- Integrate with data diodes
- Choose from flexible hardware deployment options from leading vendors
Scan Portable Media for Threats
Metadefender Kiosk leverages signature and heuristic-based detection from more than 30 leading anti-malware engines to detect threats on portable media. By using multiple engines, malware detection rates can be significantly increased and exposure time to new outbreaks is dramatically reduced.
Securely Transfer Files Into Air-Gapped Networks
It is common for high-security networks to be physically isolated from external connections. Metadefender Kiosk enables administrators to bring new data into these air-gapped networks in a secure way and allows them to completely block files that are identified as threats. Administrators can also use data sanitization to block any threats that may have evaded detection. Clean files can be moved to a trusted location, from which access to the secure network is allowed.
- Block files identified as potential threats
- Sanitize files that contain potentially malicious objects
- Move files without threats to trusted media or network storage location
Click diagram to expand
Inspect Encrypted and Unencrypted Archives
Metadefender Kiosk leverages the capabilities of Metadefender Core’s workflows to scan files contained within archives, both encrypted and unencrypted.
Sanitize High-Risk Files
Certain file types such as Microsoft Office documents, PDFs, and image files often contain embedded objects such as scripts, macros, etc. that can trigger malicious code to execute when opened. Metadefender Core allows administrators to use 100+ data sanitization engines to proactively remove potentially malicious embedded objects from these files, preventing zero-day threats from executing.
Integrate With Data Diodes
High-security networks often use diodes to restrict data flows. Metadefender Kiosk can be used with all leading diode vendors and has verified, deeper integrations with selected vendors. For more information, please view our Data Diode Buying Guide.
Flexible Hardware Deployment Options From Leading Vendors
Metadefender Kiosk can be deployed on standard x86 hardware running Windows 7 or later. If delivery on a hardened kiosk is required, purpose-built hardware is available from leading hardware vendors. For deployments requiring a smaller footprint, Metadefender Kiosk is also supported on Windows Surface Pro (version 3 and later) tablets.
How It Works: Pair with Metadefender Client to block unknown USBs
Metadefender Kiosk can write a digitally signed manifest to media that has been processed that can be validated by Metadefender Client to make sure all media is checked for threats before it is used within secure networks.
Click diagram to expand