2.5 Configuring through Central Management

Multiple MetaDefender Clients can be configured from a Central Management.
Some changes will take effect at the next restart of Client.

To point MetaDefender Client to Central Management either the Client is installed with the Central Management parameters or the settings are set on the Client settings page.
Refer to the Central Management documentation for further details on how to setup managing MetaDefender Clients.

When a Client is centrally managed, the settings will no longer be allowed to be changed on the Client itself, only through Central Management.

images/download/attachments/34558028/client_cm.png

Settings

Description

MetaDefender Local URL

URL of the MetaDefender used to process files

MetaDefender Local API Key

API Key used for processing files with MetaDefender v3 (if one is set)

User Agent

The user agent Client provides to MetaDefender for rule/workflow security restrictions

Rule

Specifies the security rule Client should use for MetaDefender v4

Workflow

Specifies the workflow profile Client should use for MetaDefender v3

MetaDefender Cloud API Key

API Key used for processing files with MetaDefender Cloud

 

 

Allow User to Exit

Allow the user to exit through the UI

Allow User Selection

Allow the user to select scan type through the UI

Scan type

The type of scan that is performed if "Allow User Selection" is not checked

Max File Size to Scan

The maximum size of the file to process with MetaDefender (in Bytes)

Disable Checking Hash

Never perform hash lookups, always upload files to MetaDefender for processing

Engines to Exclude from Results

Engine(s) to not be included in the final MetaDefender result output
This will modify the final allowed/blocked result of a processed file

Log File Location

Path to store the location for an auto-generated log

 

 

Enable Media Drive Protection

All USB/CD/DVD media inserted into the endpoint will be blocked and require processing by MetaDefender before use

Hide Locked Drive Warning

Disable displaying the warning message of a blocked drive upon insertion

Hide Drive Unlock Option

Disallow a user from unlocking a blocked drive

Hide Drive Browse Option

Disallow a user from copying files from a blocked drive to the system

Hide Drive Copy Option

Disallow a user from copying files from the system to a blocked drive

Drive Unblocking on Error

Drive unblocking can proceed in the event of MetaDefender server errors

Copy Files from Drive on Error

Copying files from the drive can proceed in the event of MetaDefender server errors

Copy Clean File Location

The folder to copy clean files to, from the removable media in Browse File mode

Maintain Directory Structure for Copy

Maintain the directory structure of files on the media in the copy to destination

 

 

Use File Sanitization

Check for a sanitized copy of the file generated by MetaDefender

Copy Only Sanitized File, Do Not Copy Original

Dictates if the original file will be removed, or keep it alongside the sanitized copy

 

 

UI Display Language

Language the UI will be displayed in

 

 

Upload Allowed/Blocked Files to MetaDefender Vault

Allowed/Blocked files will be uploaded to MetaDefender Vault

URL

URL of the MetaDefender Vault server to upload files to

Authentication Token

Vault admin authentication token used for uploading files

Always Upload to a Vault Guest Account

Uploads will be sent to a newly created guest account

 

 

Media Manifest

Client will utilize a Media Manifest existing on the media inserted

Block All Files Not Found on Manifest

Any file not found in the Media Manifest will be immediately blocked and Client will not attempt to process the file with MetaDefender

Days to Trust Manifest

The maximum days to use a Media Manifest result

Client Admin Password Hash

Hashed administrative password. This will be used to uninstall the Client or disable USB blocking. The input to this field MUST be in the format <salt>:<iterations>:<password hash>. Use the "–hash_password" command line option for Metadefender.exe to generate a password hash. See section 4.1 Generating and using the Administrator Password for more information

Allow Disabling of USB Blocking

Allow the user to use the Admin Password to disable USB blocking until next restart