How can MetaDefender Kiosk and Vault (formerly SFT) be configured to work with an Arbit Data Diode?
This article describes how to deploy MetaDefender Kiosk, an Arbit data diode, and a MetaDefender Vault server for the following use case:
-
Portable media is scanned by MetaDefender Kiosk.
-
Clean files are passed through an Arbit data diode to a Vault server.
-
User downloads files from the Vault server.
System Deployment
Do the following before configuring the individual systems:
-
Install MetaDefender Kiosk with MetaDefender Core on the low side network.
-
Install the Arbit data diode with the receiving side in the low side network and the transmitting side on the high side network.
-
Assign a static IP address to the low side.
-
Assign a static IP address to the high side.
-
-
Install the Vault server on the high side network.
-
Assign a static IP address.
-
Vault Server Configuration
-
Create the user accounts on the Vault server.
-
Note the account that should be used as the 'from' account for files coming from MetaDefender Kiosk.
-
-
Generate the authorization token.
Arbit Data Diode Configuration
-
Define the URL list on the high side of the data diode to include the Vault server.
-
URL list includes http://:8000/Vault_rest/file
-
MetaDefender Configuration
-
Configure the appropriate MetaDefender Kiosk workflow profile to enable Copy To Vault in the post-action.
-
Put in the URL of the data diode low-side receiver.
-
http://<diode low-side IP address>:8080/pitcherrestapi/transfer/<URL List>
-
-
Enter the authorization token generated by the Vault server.
-
Enter the Sender Vault account that was created on the Vault server.
This article pertains to MetaDefender Kiosk
This article was last updated on 2019-10-06
VM