icap Antivirus with F5 Big IP

Question

to set up an iCAP antivirus solution at F5 level in LTM:

is the f5 redirect all flows to the antivirus to scaning it or those that contain attachments?

for base64 and Json flows, how does the F5 process it to analyze their encapsulated content?

keesvandenbos · Answer

Hi,&nbsp;The implementation guide states that the BIG-IP wil conditionally forward the HTTP requests to the ICAP scanner. https://techdocs.f5.com/en-us/bigip-14-0-0/big-ip-local-traffic-manager-implementations-14-0-0/configuring-content-adaptation-for-http-requests.html&nbsp;So the BIG-IP doesn't analyze the data, the ICAP scanner does.&nbsp;Cheers,&nbsp;Kees

joethefifth · Answer

Resurecting this.Requets Adapt profile detects content-type mutipart headers as upload but does not detect content(-type/Application/jason as file uploads. Any info on how to implement other types of uploads.

joethefifth · Answer

F5 states it can be done here by ICAP LTM. Wa have the same issue on ASM ICAP and decided to go with LTM ICAP.&nbsp;https://support.f5.com/csp/article/K47008252

Forum Discussion

icap Antivirus with F5 Big IP

3 Replies

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

Disastser Recovery

F5 breaking Exchange authentication

Dump all host running services during APM logon

External Data Group Import Failing.

Can F5 restrict the file types transferred via FTP?

Related Content

F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature

ICAP 204 Response Frequently Asked Questions

APM - Software Check Antivirus does not work on Linux platforms

integrate icap antivirus in asm

External antivirus with ICAP compatibility matrix

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS