For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Simon_Ecoffey_8's avatar
Simon_Ecoffey_8
Icon for Nimbostratus rankNimbostratus
Mar 14, 2007

ICAP redirection

We have a web application that authorized users to upload any kind of files.   Would it be possible to redirect those uploaded files to an ICAP server for virus check.   Is it possible to do th...
application delivery
dev
devops
iRules
nathe's avatar
nathe
Icon for Cirrocumulus rankCirrocumulus
Aug 23, 2010
All,

 

 

Just seen this in "BIG-IP Application Security Manager version 10.2.0 Release notes", under "New Features":

 

 

Anti-virus scanning

 

 

With this version you can configure the Application Security Manager to act as an Internet Content Adaptation Protocol (ICAP) client. The system asks an external ICAP server to check HTTP file uploads for viruses before releasing the content to the web-server. To configure antivirus protection, from the Configuration utility, navigate to Application Security » Options » Anti-Virus Protection.

 

 

If the system detects a virus in an incoming request, the system issues the violation Virus Detected, and logs or blocks the illegal request, depending on how you have configured the settings of this violation on the Policy Blocking Settings screen.

 

 

We added an advanced configuration parameter, Virus header name, which is the name of the response header that the ICAP server returns when it detects a virus. The parameter’s default value is X-Virus-Name, which is McAfee’s default response header. If you are using a different ICAP server, change this parameter’s value to the appropriate value used by that ICAP server. This parameter is found on the Advanced Configuration screen (from the Configuration utility, navigate to Application Security » Options » Advanced Configuration).

 

 

Rgds

 

N