4.5. Selecting a Server to Process Files

Using MetaDefender Core Server

In order to use the multi-scanning functionality of MetaDefender Core, MetaDefender Kiosk requires a MetaDefender Core server.
The MetaDefender Core server can be installed on the same system as MetaDefender Kiosk or on another machine.
The MetaDefender Core server used is configured in the Primary MetaDefender Server option on the Configuration settings page.

The Workflow Rule drop-down menu determines which MetaDefender Core workflow rule is used to process files from MetaDefender Kiosk.

There are two processing methods to utilize a MetaDefender server.
The default behavior is an available MetaDefender server will be selected at the beginning of a session.
Any errors encountered with the server will cause Kiosk to retry processing the file with the server.

When used with MetaDefender Core version 4.8.0+, a media manifest can be added to media processed by MetaDefender Kiosk.
This setting enables the creation of a signed Media Manifest that contains the scan results for all files that were scanned as part of the session.
This manifest can be validated by other MetaDefender products.

The second processing method allows Kiosk to choose any available server (Primary + Backups) during a session.
If any connection failure occurs during the session, Kiosk will re-attempt processing the file on the next available server.
With this method selected, the Media Manifest feature cannot be carried out.
When viewing files processed under this method in Core's history, they will be displayed individually rather than being grouped into a session entry.
All other features are allowed regardless of the processing method selected.

Kiosk can also validate files according to the Media Manifest file that exists on the media to be processed.
If a file is found on the media but not found within the manifest, it will be sent to MetaDefender for processing.

Kiosk can retrieve previously existing results for files by performing a hash lookup instead of uploading a file to MetaDefender for processing.
This cannot be used in conjunction with Media Manifest since the manifest always contains the latest results.

A maximum file size can be specified for files to be scanned by MetaDefender, all files larger than this will still be processed by Kiosk without being processed by MetaDefender.
The files that are larger are treated as allowed.


Using Vault Server

To reduce user time spent at the Kiosk, processing files can be offloaded to a Vault server connected to a MetaDefender Core.
Files will be uploaded directly from Kiosk to Vault, once uploading is done, the session will complete and the user may remove their media and proceed.
Meanwhile, Vault will send the uploaded files to MetaDefender to process and, based on the configuration, notify the user when the files are ready for retrieval.


  • Workflow Rule: Core workflow rule that Vault will use to process the uploaded files

  • Vault Server : See 6. Configuring with Vault for instructions and more details

  • Select a Vault account option for file uploads: Choose a Vault account option in this section

  • File Chunk Upload Size: Size of chunks a file will be broken into for uploading to Vault

Vault account options for file uploads

  • Always upload to a Vault guest account A temporary guest login ID is created and displayed to the Kiosk user both on the scan results screen as well as in the digital and printed logs

  • Attempt to use user credentials if they are available Kiosk uploads files to the user account that matches the one used during authentication

  • Enter Vault user to upload files to Kiosk uploads files to the user account supplied (this can be useful when custom authentication users do not match users synced with Vault)

  • If upload authentication fails, files will be uploaded to a Vault guest account