File based attacks are one of the top attacks’ vectors.

Although most of the medium and large enterprises invest millions in cyber security tools, the companies remain vulnerable to new attacks and malware created daily. One of the weakest point of failure at organization’s cyber security infrastructure is unknown malware hidden in files bypassing the existing cyber security systems; and one of the popular vector for hackers is the use of portable media to access the company’s network.

Removable Media: A Clear and Present Danger

Removable media like USB drives, thumb drives, CD/DVDs and external hard drives are a widely-used and convenient data transfer vector. They are also one the most dangerous sources of network malware infections.

Users frequently and innocently connect removable media to network-connected endpoints. These sources are often loaded with unknown software and files obtained from third parties at tradeshows, sales meetings, events, or even from personal computing environments and trusted internal sources.

To maintain productivity and allow business to flourish, it’s critical to let files and data flow into your organization. Yet security professionals concur that any files – especially those from external sources – can be infected with malicious code.

Legacy solutions slow or block workflow, leading users to seek workarounds and negatively impacting productivity. Moreover, traditional solutions are effective only against known threats – not new or previously uncatalogued malware.

The solution: The odix Kiosk – Files Sanitizing Station

The odix Kiosk is a Linux-based hardened workstation dedicated to safely introducing files from removable media. The odix cyber security Kiosk has no hard disk and both the operating system and software are SATADOM-based – completely neutralizing the possibility of malicious manipulation.

Conveniently placed at central locations throughout the office space, users go to odix Kiosks to plug in any removable media sources – instead of attaching them to their own devices. In just seconds, incoming files are sanitized and forwarded to users via email. odix Kiosk is a perfect solution for secured data exchange from USB flash memory devices to a network (or other devices).

How Does the odix Kiosk Work?

The odix Kiosk is powered by ODI Security’s field-proven Content Disarm and Reconstruction (CDR) engine. This patented technology scans, disarms and rebuilds files into clean versions that can be safely introduced to any network. odix Kiosks remove both known and unknown malicious code from a wide range of file types using odix CDR technology

odix Kiosk – Your Network Gatekeeper

The cyber security Kiosk is a physical network station that sanitizes files on removable memory media including USB drives, thumb drives, CD, DVD or any other physical memory media. The solution is a dedicated proprietary odix stand. This stand-alone solution is air gapped against cyber-attacks.

The physical sanitizing system comes without a hard disk (HD), and the odix operating system and software are from SATADOM. This feature completely neutralizes the ability to attack the position through the operating system or through odix` software.

In addition, a Linux-based derivative of the UBUNTU operating system is used to create a less vulnerable environment with fewer weaknesses and better reinforcement capabilities. Additionally, the operating system is well encrypted. This solution has the highest resistance to attacks of any kind.

The sensitization process (odixing) is done on the malware scanning kiosk itself, isolating potential threats from the network. Only clean and safe files (the odixed files) are sent to the network via the management server.

odix Management Server

The management server enables setting, configuration, monitoring and reporting and provides holistic management of all odix components. The management server includes the following functionalities:

Updates – Sends updates to the sanitizing core and to the five antivirus engines used in the Kiosk and distributes updates to the sanitizing server

User Profiles – Establishes user profiles for the sanitizing server and the physical sanitizing stand including: Rules regarding which files are allowed to be sanitized and which files are prohibited and permitted sanitizing volumes for a single file and a collection of files

Log Data – The management server is used to store log data transferred from the server and from all physical positions to it

Connectivity – The management server is connected to several organizational servers including:

Organizational Active Directory (AD) server to identify the users of the sanitizing stands

An organizational file server to which all sanitized files are transferred

odix Kiosk for highly secured networks

When it comes to OT networks, isolation becomes mandatory. odix Kiosk includes an isolated deployment scenario without connectivity to the organization network. This type of deployment is designed for air-gapped networks; operational, ICS, SCADA etc.

Such configuration provides safe and secured solution for inserting files into such networks.

odix Kiosk Advantages

Preventive sanitizing system – Eliminates ALL malware threats.

Support of more than 11,000 file types

Sanitization process is done on the kiosk itself not inside the network.

No re-writable components on the Kiosk! Operating system is booted from a Live Image configuration

Reinforced Linux operating system and operating environment

Smart management server that allows easy setting of policies and licensing

Management server is separated from the kiosk itself for better security.

Architecture that enables easy expansion and integration of dedicated filters

Convenient and user-friendly interface

Easy deployment – Easy configuration

A perfect combination between a totally secured
architecture and a user-friendly interface
Use case example