User Guide

Overview

MetaDefender Kiosk helps protect your network by enabling control over the flow of data into and out of your organization. It can be used as a media scanning station on your own hardware or on OPSWAT's custom-made kiosks. Typically, media such as USB devices, DVDs, card readers, SD cards, flash drives, or floppy disks, are scanned by MetaDefender Kiosk by inserting the media device into the appropriate drive. After the scan is complete, Kiosk generates a detailed report.

images/download/attachments/26173791/Overview.png

This user guide covers installing, configuring, upgrading, using, and troubleshooting MetaDefender Kiosk.

Key Features

  • Protection against zero-day attacks (MetaDefender Core integration)

  • Customized data security policies

  • Control over data flow

  • System restore

  • Active Directory authentication

  • Custom Authentication

  • Portable Media including floppy disks, SD cards, CDs, DVDs, encrypted USB and disc, and more

  • UI localization/internalization (comes with English, Arabic, Hebrew, Japanese, Korean and the ability to manually add any other language)

  • Securely wipe USB drives

  • Easier system hardening

User authentication

MetaDefender Kiosk has the following authentication features:

Peripheral media

MetaDefender Kiosk automatically detects multiple peripheral media insertions for the following media types:

  • USB devices*

  • CDs/DVDs/Blu-ray

  • Card readers

  • SD cards

  • Floppy disks

* Not all USB devices are currently supported. If you have a specific device you need supported, please contact OPSWAT support.

Encrypted USB devices

MetaDefender Kiosk can unlock encrypted USB devices with a given password. MetaDefender Kiosk supports the following encrypted USB devices:

Device

Software Version

Firmware Version

Detail

Biocryptodisk-ISPX

-

-

 

Buffalo RUF2-HSCT

PASSWORD - 2.67

-

 

Buffalo RUF3-HSL

OPEN_HS - 2.58

-

 

DataLocker EncryptDisc CDs/DVDs

11.1.0

-

 

DataLocker Sentry 3 FIPS

4.8.34

3.05

 

IronKey S200

2.0.4.0

2.0.8

 

IronKey S1000

5.0.1.0

3.0.5

 

IronKey D250

3.4.3.0

4.0.2

 

IronKey D300

K4.0.1.2

3.05

 

Kanguru Defender Elite 30

-

-

 

Kanguru Defender Elite 300

-

-

 

Kanguru Defender 2000

1.2.5.6

-

 

Kanguru Defender 3000

1.0.1.0

-

 

Kingston DataTraveler 2000

-

-

 

Kingston DataTraveler Vault Privacy

K2.0.1.5

1.06

 

Kingston DataTraveler Vault Privacy 3.0

K3.0.1.1

1.03

 

Kingston DataTraveler 4000 G2

-

-

 

Kingston DataTraveler 4000 G2 Managed

-

-

 

McAfee Complete Data Protection

4.3.0.224

-

McAfee File and Removable Media Protection client is installed on the system that MetaDefender Kiosk is installed

Microsoft BitLocker

-

-

Supports BitLocker To Go using passwords. MetaDefender Kiosk does not support BitLocker encryption using key files, smart cards, or VHD (Virtual Hard Drive) BitLocker encryptions.

SanDisk Cruzer Enterprise FIPS Edition

2.5
SDK 1.2.10.12

6.615

 

SanDisk Cruzer Contour U3 based USB

4.08
U3 Launchpad - 1,6,1,1

-

 

USB Flash Security

4.1.12.17

-

 

Media handling

MetaDefender Kiosk's media handling features include the following:

  • Can process drives with multiple partitions

  • Can process full or partial media

  • Can wipe/format USB drives

  • Supports integration with MetaDefender Vault for uploading files for processing or uploading/downloading processed files

  • USB device soft eject

  • CD/DVD eject

Processing files

MetaDefender Kiosk uses MetaDefender Core to process files. MetaDefender Core has the following processing features:

  • Scanning with multiple anti-malware engines

  • Data sanitization

  • Application vulnerability detection

  • Heuristics for zero-day threats

  • Archive extraction

  • File type verification

  • Workflow engines

Processing session results

After processing media, MetaDefender Kiosk allows you to view detailed logs and print results.

Customizable interface

The MetaDefender Kiosk interface includes English, Arabic, Hebrew, Japanese, Korean, German, and Vietnamese translations and supports the addition of other languages.

System hardening

MetaDefender Kiosk comes with a variety of system hardening features for maximum security.

  • Disables autorun

  • Users can only exit by pressing ALT+F4 and, if Kiosk is configured to require a password to exit, entering the exit password

  • Blocks the ability to copy files to the system

  • Blocks the ability to execute files on the system

  • Runs automatically on system startup

  • Configurable file policy by file type

  • Select allowed/blocked and skipped files by file type and size

  • Select file extensions to be taken under consideration when a file type mismatch is performed