icap Antivirus with F5 Big IP

Question

to set up an iCAP antivirus solution at F5 level in LTM:

is the f5 redirect all flows to the antivirus to scaning it or those that contain attachments?

for base64 and Json flows, how does the F5 process it to analyze their encapsulated content?

keesvandenbos · Answer

Hi,&nbsp;The implementation guide states that the BIG-IP wil conditionally forward the HTTP requests to the ICAP scanner. https://techdocs.f5.com/en-us/bigip-14-0-0/big-ip-local-traffic-manager-implementations-14-0-0/configuring-content-adaptation-for-http-requests.html&nbsp;So the BIG-IP doesn't analyze the data, the ICAP scanner does.&nbsp;Cheers,&nbsp;Kees

joethefifth · Answer

Resurecting this.Requets Adapt profile detects content-type mutipart headers as upload but does not detect content(-type/Application/jason as file uploads. Any info on how to implement other types of uploads.

joethefifth · Answer

F5 states it can be done here by ICAP LTM. Wa have the same issue on ASM ICAP and decided to go with LTM ICAP.&nbsp;https://support.f5.com/csp/article/K47008252

Forum Discussion

icap Antivirus with F5 Big IP

3 Replies

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

SSH forward proxy

Multiple Default Gateways

ASM Sec-CH-UA-Full-Version-List backquote in Header

Scenarios where Service Policy should be used over iRule and Vice versa

Issue on connection limit

Related Content

F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature

ICAP 204 Response Frequently Asked Questions

APM - Software Check Antivirus does not work on Linux platforms

integrate icap antivirus in asm

External antivirus with ICAP compatibility matrix

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS