Forum Discussion

adeelshahzad's avatar
adeelshahzad
Icon for Nimbostratus rankNimbostratus
Aug 02, 2024

OPSWAT Integration with F5

Hi Experts,

Could you please help me with below points and what are the possibilities. Thanks.

  1. What type of application or content-type supported by WAF, before it send upload file requests towards OPSWAT servers for scanning.
  2. Any other way for capturing traffics from WAF to OPSWAT servers for those specific requests, forwarded for upload file scanning, apart from tcpdump?
  3. WAF can forward upload file for scanning even in if it learning mode?
  • For inbound use cases, here is an article that talks about how to configure MetaDefender ICAP to scan incoming SSL-offloaded (BIG-IP has the serverssl cert and key and talks HTTP to the pool member) web traffic:

    https://docs.opswat.com/mdicap/integrations/f5-big-ip-asm--waf-

     

    For outbound use cases where BIG-IP has to un-wrap the SSL (BIG-IP does not have the serverssl cert and key), we have a module called "SSL Orchestrator" that can man-in-the-middle outbound connections and utilize a variety of ICAP or inline-HTTP servers for content scanning.