Forum Discussion

Rhys_Peters_770's avatar
Historic F5 Account
Nov 07, 2012

Sophos Antivirus Integration



I am deploying an ASM policy which offloads antivirus scanning of file uploads to an external ICAP server. I am following the below configuration guide:


The ICAP server is running Sophos antivirus. The default settings in the ASM policy are tailored to a McAfee solution. The above guide advises the advanced settings for "virus_header_name" and "icap_uri" need to be re-configured to suit the software running on the ICAP server.


I have been provided the below examples, but nothing for the Sophos software.Can anyone tell me what these string values need to be set to in order to support the Sophos software?




Specifies the header name used by an anti-virus program on an ICAP server. By default, the system supports an ICAP server with McAfee anti-virus protection. If you are using a different ICAP server, change this to the appropriate header value.


Values for supported anti-virus programs:


McAfee: X-Virus-Name (default)


Trend Micro InterScan Web Security: X-Virus-ID


Kaspersky: X-Virus-ID


Symantec: X-Violations-Found



icap_uri :


Specifies the URI for the ICAP service, which checks requests for viruses by connecting to an Internet Content Adaptation Protocol (ICAP) server.


Values for supported ICAP services:


McAfee: /reqmod


Trend Micro InterScan Web Security: /reqmod


Kaspersky: /av/reqmod


Symantec: /symcscanreq-av-url






2 Replies

  • Sophos have this great document that has lots of the information you where (all those years back) looking for.


    I only noted this because i am working through the process of implementing this same functionality now


    • Daniel_Kopfenst's avatar
      Icon for Nimbostratus rankNimbostratus

      Hi Simon,


      did you manage to integrate Sophos via ICAP, if so what values have you used for icap_uri and virus_header_name ?


      Thanks, Daniel