2.3.5 Media Manifest

images/download/attachments/27814464/usb_options.png

To utilize the Media Manifest feature the user should select the "Unlock drive" option. Once the client begins scanning the removable media, it performs the following steps:

  1. Looks for an OPSWAT Media Manifest file on the removable media

  2. Checks to make sure the Certificate that is signing the Media Manifest is trusted by the client

  3. Checks each file on the removable media against the Media Manifest to make sure it has not been modified

    1. If a file has not been modified and the Media Manifest states it is allowed, then the file is not uploaded for scanning, and is considered clean

    2. If a file has not been modified and the Media Manifest states it is blocked, then the file is uploaded for scanning

  4. Any files found that have been added to the removable media since the generation of the Media Manifest are scanned against the configured server

Note: The client must be provided with the certificates it should consider trusted. The client will look in the following folders to locate all trusted certificates.

  1. %ALLUSERSPROFILE%\OPSWAT\.ssh\

  2. %USERPROFILE%\.ssh\

  3. %APPDATA%\.ssh\

  4. %APPDATA%\OPSWAT\.ssh\

If the trusted certificate is not in any of the directories above, the client can also verify certificate trust if the root Certificate Authority certificate is installed. OPSWAT recommends automating the deployment and installation of trusted certificates to the client using an AD Push or similar technique. A Certificate Authority certificate can also be installed for an individual client by copying the .crt file over, right clicking on it, and selecting "Install Certificate."