Configuration Field Descriptions and Default Settings
The following table provides a brief description and default values for the Kiosk Configuration screen.
Basic Configuration
Configuration Setting |
Description |
Default Value |
Range |
Primary MetaDefender Server |
URL of the primary MetaDefender server |
(Blank) |
|
API Key |
The API Key of the primary MetaDefender server, if one is set |
(Blank) |
|
Server is a load balancer |
Indicates that the primary server is a load balancer for MetaDefender |
Unchecked |
|
Periodically test Core servers every # hours |
Periodic interval in which Kiosk will send an eicar to test the Core server detection. |
1 hour |
0 disables the periodic check |
|
|
|
|
Backup Server |
Additional MetaDefender servers for the Kiosk to use if the primary is inaccessible (URL & API Key) |
Empty |
|
|
|
|
|
Vault Server |
Vault servers to be used among different workflow profiles (URL & Admin api key) |
Empty |
|
|
|
|
|
Printer Setup |
Select the color of the printing output: Black & White or Color |
Black & White |
|
Side margins |
Left and right margin length Recommended settings: |
3 |
0 or greater |
Display the MetaDefender URL in the session printout |
The URL of the MetaDefender server (Core or Vault) used for a session will be displayed on the printout |
Disabled |
|
Include page numbers |
Include the page number on each printed page |
Enabled |
|
Custom introduction message |
Add a special header message to the first page of the printout |
Disabled |
|
Custom logo |
Add a logo image to the first page of the printout |
Disabled |
Recommended max image size of 400 x 400 |
|
|
|
|
Save session log file to local system |
Enables a session text/PDF log to be created at the end of a session in a location on the system |
Enabled Logging directory: <kiosk install dir>\Client\Log |
|
Save session log file to processed media |
Enables a session text/PDF log to be created at the end of a session on the media processed |
Disabled If enabled, the log will be saved to the root of the media |
|
Save as Text File / Save as PDF |
Specifies whether the session log file will be a text or PDF file |
Text file |
|
Display the MetaDefender URL in the session log |
The URL of the MetaDefender server (Core or Vault) used for a session will be displayed in the log file |
Disabled |
|
|
|
|
|
Wipe Method |
Specifies which wipe options to display to the user Format |
All wipe methods shown |
0,1,3,7 pass wipe |
|
|
|
|
Exit Password |
Require password when terminating the Kiosk UI (ALT + F4) |
Disabled |
|
|
|
|
|
Watchdog |
Custom action watchdog that will run when the Kiosk UI is unexpectedly terminated Do nothing |
Restart Windows |
|
|
|
|
|
Export Session History |
Enables auto export of session history (in CSV) |
Disabled |
|
Export File History |
Enables auto export of files history (in CSV) |
Disabled |
|
Frequency |
Interval between history exports |
1 hour |
Min: 1 hour |
Export Path |
Directory where the history will be exported to |
(Blank - <kiosk install dir>\Client\Log) |
|
|
|
|
|
User authentication |
Requires users to provide login credentials when starting a Kiosk session |
Enabled |
|
None |
No AD server used for logging in users |
Disabled |
|
Windows user login |
Enables users to log in against the same domain the system is on and the local system |
Enabled |
|
|
Only allow users to enter authentication information for the domain; local system users denied |
Disabled |
|
Remote Active Directory |
Enables the use of authenticating to remote AD servers |
Disabled |
|
|
The url of the AD server |
(Blank) |
|
|
Username to connect to the AD server |
(Blank) |
|
|
Password to connect to the AD server |
(Blank) |
|
|
Enables the use of SSL communication |
Disabled |
If a port is not specified in the server address, the default port used is: |
Default login |
Enables authenticated users not assigned to any workflow to use Kiosk |
Enabled |
|
Guest login |
Enables users with no authentication credentials to use Kiosk |
Enabled |
|
Custom Authentication |
Enables using your custom authentication module for verifying a user's log in |
Disabled |
|
|
Kiosk username prompt will be used instead of requiring the custom auth module to display a UI to obtain user information |
Disabled |
|
|
Kiosk password prompt will be used |
Disabled |
|
|
|
|
|
Enable (image media) |
Enables an image of the inserted media to be taken with the FTK Imager configured |
Disabled |
|
FTK Imager Path |
The full path to the FTK Imager executable that handles imaging the media (ftkimager.exe) |
(Blank) |
|
Image Type |
The image type FTK will output |
RAW/DD |
|
Fragment Size |
The size of chunks the image will be separated into |
1 GB |
0 disables fragmenting the image |
Compression Level |
The compression applied to the image |
0 |
Min: 0 (no compression) |
Encrypt with password |
Enables the image to be encrypted with a password. |
Disabled |
|
Encryption certificate path |
The full path to a X.509 certificate to encrypt the image with. Supported certificate formats:
|
(Blank) |
|
Vault Server |
Vault entry to upload the image to |
(Blank) |
|
Directory |
Directory to upload the image to |
(Blank) |
|
Advanced Configuration
Configuration Setting |
Description |
Default Value |
Range |
Max number of parallel scans |
Maximum amount of concurrent process requests Kiosk will make to a MetaDefender server |
20 |
0 or greater |
Max number of retries when Metadefender Core is too busy |
Maximum amount of retries that Kiosk will attempt on a file when the Core server notifies that it is too busy to handle new requests |
0 |
0 for infinite 100 or greater |
Boot sector processing |
Allows processing of the first
512 bytes of an input media's partitions\disks. |
Enabled |
|
Display warning for network errors |
Display a warning to the user regarding network issues with the Core server while files are being processed |
Enabled |
|
Allow decryption of encrypted archives |
Allows you to input passwords when encrypted archives are detected |
Enabled |
|
Allow user to skip entering a password for McAfee Encrypted USB |
In the case that a McAfee encrypted drive is set to unlock via other means instead of a password, a user can skip entering a password |
Disabled |
|
Skip processing locked system files |
Enables skipping of system files on media that Core cannot access and will typically result in a failed scan |
Disabled |
|
Continue processing media with inaccessible content |
Action to take when media has deeply nested directories that Kiosk cannot access |
Disabled |
|
Mount and scan Virtual Hard Disks |
Allow processing of the contents within an VHD\VHDX file |
Disabled |
|
|
Enables sending the entire VHD\VHDX file to MetaDefender after all contents have been processed |
Enabled |
|
Mount and scan Virtual Machines |
Allow processing of the contents within a VMDK file |
Disabled |
|
|
Enables sending the entire VMDK file to MetaDefender after all contents have been processed |
Enabled |
|
Mount and scan Acronis disk backups |
Allow processing of the contents within an Acronis disk backup |
Disabled |
|
|
Enables sending the entire Acronis disk backup to MetaDefender after all contents have been processed |
Enabled |
|
Acronis Executable Path |
The full path to the Acronis executable that handles mounting the disk backup (acrocmd.exe) |
(Blank) |
|
Heuristic File Type Detection |
Kiosk will heuristically group similar file type extensions for reporting |
Disabled |
|
|
|
|
|
User Interface Timeout |
The time the Kiosk UI will wait for a session to begin before automatically switching back to the idle screen |
5 minutes |
60 seconds or greater |
Display disclaimer screen |
Display the disclaimer screen to a user when a new session is started |
Enabled |
|
Allow user to browse for files |
Allow user to select files before processing media |
Enabled |
|
Allow user to process all files |
Allow user to select to process the entire media |
Enabled |
|
Alert user if MetaDefender Core license is close to expiration |
Alerts you on the Kiosk idle screen if the Core license is close to expiration |
Disabled |
|
Alert user if MetaDefender Kiosk license is close to expiration |
Alert you on the Kiosk idle screen if the Kiosk license is close to expiration |
Disabled |
|
Reboot at end of session |
Specifies if the system should reboot after a session completes |
Disabled |
|
Allow user to select languages |
Allow user to select which language the Kiosk UI's text will be displayed as |
Enabled |
|
Available Keyboards |
The keyboards allowed for users to select within the on-screen Kiosk keyboard |
All keyboards enabled |
|
Choose Language |
The default language to be used for the UI |
English |
|
|
|
|
|
Multiple Partitions |
Selects the method for processing files on partitions |
Process files on all accessible partitions |
|
|
|
|
|
Host |
IP or DNS of SMTP server |
127.0.0.1 |
|
Port |
Port of the SMTP server |
25 |
|
Enable SSL |
Enable the use of SSL |
Disabled |
|
Username |
Username to authenticate to the SMTP server |
(Blank) |
|
Password |
Password to authenticate to the SMTP server |
(Blank) |
|
|
|
|
|
Boot Hardening - [Enable] [Disable] |
Enables/Disables the process that causes the taskbar on the desktop not to load when Windows is logged in to run Kiosk, thereby disallowing any PC functionality until the Kiosk starts. |
Disabled |
|
|
|
|
|
Enable (pop up detection) |
Enables Kiosk to detect any windows / pop ups open on the system |
Disabled |
|
Time Open Threshold |
Threshold, in minutes, for a pop up to be open to trigger notification |
5 minutes |
Min: 1 minute |
Notification Action |
Action to be taken when a pop up exceeds the time open threshold |
Display warning |
|
Process Whitelist |
Ignore pop ups from the processes listed |
(Blank) |
|
|
|
|
|
Enable (file integrity monitor) |
Enables the File Integrity Monitor, which will shut Kiosk down if any unauthorized changes are made in the Kiosk install directory |
Kiosk: disabled |
|
Server |
File Integrity Monitor server location |
Kiosk: (blank) |
|
Port |
Port to connect to the File Integrity Monitor server |
Kiosk: 0 |
|
Username |
User name to log into File Integrity Monitor server |
Kiosk: (blank) |
|
Password |
Password to log into File Integrity Monitor server |
Kiosk: (blank) |
|
|
|
|
|
Verify SSL Certificates |
Enables verification of SSL certificates when connecting to MetaDefender via HTTPS |
Enabled |
|
|
|
|
|
Log Retention - Application Log |
Specifies the length that Application Log entries will exist before being automatically deleted. |
Never |
Never - 12 months |
Log Retention - Session History |
Specifies the length that Session History entries will exist before being automatically deleted. |
Never |
Never - 12 months |
|
|
|
|
Size Summary -Display |
Displays the total files and size of selected files\folders when browsing for files.
|
Disabled |
|
Size Summary - Max size to stop calculating |
Kiosk stops calculating the selected files and folders if the accumulated size exceeds this threshold value. |
2 MB |
Min: 1 MB |