Forum Discussion

jco_105989's avatar
jco_105989
Icon for Nimbostratus rankNimbostratus
Jun 01, 2011

how to use Icap solution

Dear

 

How to use icap with BIG-IP.

 

my goal is to send owa(2010) attachement file to bluecoat icap antivirus.

 

Any ideas.

 

  • In 10.2.0, ASM supports checking attachments against an ICAP service:

     

     

    It is now safe to enable File Upload

     

    http://devcentral.f5.com/weblogs/macvittie/archive/2010/08/27/f5-friday-it-is-now-safe-to-enable-file-upload.aspx

     

     

     

    http://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/config_guide_asm_10_2_0/asm_sys_mgmt.html1037564

     

     

    Configuring external anti-virus protection

     

    You can configure the Application Security Manager to connect with an Internet Content Adaptation Protocol (ICAP) server to check requests for viruses. If the Virus Detected violation is enabled for that web applications security policy, the system sends requests with file uploads to an external ICAP server for inspection. The ICAP server examines the requests for viruses and, if the ICAP server detects a virus, it notifies the Application Security Manager, which then issues the Virus Detected violation.

     

     

     

    Aaron

     

     

  • Maybe this is a new topic, but it has to do with ICAP on OWA. But it is 'reverse'. It is not to check information coming into the server, but it is to inspect the information being sent out from the OWA server, through the F5, and to the user.

     

     

    We need to protect what information is allowed to be viewed by a user who is using OWA remotely to look at their email.

     

     

    To do this, we want to route any attachment that they want to read (open) to a ICAP server to determine if it violates policy.

     

    We would also like to send the HTML pages as well as the text of the email could certainly contain protected information.

     

     

    Can the ASM be set to use ICAP on 'reverse' traffic --- that is traffic going from the server TO the client?!

     

    thanks!

     

  • is this relevant?

     

     

    Manual Chapter: Configuring Content Adaptation for HTTP Requests and Responses

     

    http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-4-0/13.html