cancel
Showing results for 
Search instead for 
Did you mean: 

Problem this snippet solves:

This is an iApp template that creates ICAP related elements (nodes, pool, internal virtual server, profiles). The newly created request and response adapt profiles can be used by standard virtual servers so they can interact with a Check Point SandBlast ICAP Server.

How to use this snippet:

How to use the iApp template

0151T000003d9DYQAY.png

  • Deploy a new application by using the iApp: iApps > Application Services > Applications > Create

0151T000003d9DZQAY.png

  • Click Finished to deploy the iApp. You will see the components that have been configured.

0151T000003d9DaQAI.png

  • You can now use the newly created Request and Response Adapt profiles and attach them to a Virtual Server that has been configured with a HTTP profile.

0151T000003d9DbQAI.png

Testing Check Point SandBlast

Below you'll see some screenshots of what happens when a user attempts to upload or download malicous files.

Malicious uploads

  • Upload a file that triggers Threat Emulation (Zero-Day Protection).

0151T000003d9DcQAI.png

  • The upload of this malicious file is prevented by Check Point SandBlast.

0151T000003d9DdQAI.png

  • Here you can see the log message that is created by Check Point.

0151T000003d9DeQAI.png

Malicous downloads

  • A user tries to download a malicious file.

0151T000003d9DfQAI.png

  • The download of a malicious file is prevented by Check Point SandBlast.

0151T000003d9DgQAI.png

  • Below of an example what log message is created by Check Point.

0151T000003d9DhQAI.png

About Check Point SandBlast

For more detailed information about how to configure a Check Point SandBlast ICAP server see:

https://community.checkpoint.com/docs/DOC-3184-f5-big-ip-icap-and-sandblast-tex

Code :

https://github.com/nvansluis/f5.checkpoint_sandblast_icap
Version history
Last update:
‎06-Oct-2018 08:11
Updated by:
Contributors