http upload - file analysis

Cirrocumulus

Jul 30, 2012

Nik

ASM v10.2.0 release notes (http://support.f5.com/kb/en-us/products/big-ip_asm/releasenotes/product/relnotes_asm_10_2_0.html😞

Anti-virus scanning
With this version you can configure the Application Security Manager to act as an Internet Content Adaptation Protocol (ICAP) client. The system asks an external ICAP server to check HTTP file uploads for viruses before releasing the content to the web-server. To configure antivirus protection, from the Configuration utility, navigate to Application Security » Options » Anti-Virus Protection.

If the system detects a virus in an incoming request, the system issues the violation Virus Detected, and logs or blocks the illegal request, depending on how you have configured the settings of this violation on the Policy Blocking Settings screen.

We added an advanced configuration parameter, Virus header name, which is the name of the response header that the ICAP server returns when it detects a virus. The parameter’s default value is X-Virus-Name, which is McAfee’s default response header. If you are using a different ICAP server, change this parameter’s value to the appropriate value used by that ICAP server. This parameter is found on the Advanced Configuration screen (from the Configuration utility, navigate to Application Security » Options » Advanced Configuration).

Hope this helps,

Forum Discussion

http upload - file analysis

Recent Discussions

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

ports are showing open on online scanning tool

Related Content

http uploads do not redirect to https

https end to end

Selective mutual authentication by HTTP::Host

Custom response File upload

No more http Portal Access

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS