File scan function in ASM

Question

Hi,I am looking for anti virus feature in F5 ASM, when user upload file to server through website, it can be scanned by antivirus. I have gone through couple of articles, but like1.&nbsp; to understand cons and pros on solution from actually implementation.&nbsp;2. Is any header or irule required to configure antivirus for return traffic from icap server&nbsp;3. How actually traffic flows between icap server and f5 ASM.4. What ip address to configure at icap server5. I could see some real header like,&nbsp;Value of virus_header_name..Is any a chance someone use same header for insert virus payload from internet, because it is known.6. When traffic interpret by F5 ASM, how application follows flow..Thank you in advance&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

peddi · Answer

Yes, it has, but how F5 ASM understand return response from Mcafee?also how application follow traffic flows&nbsp;&nbsp;&nbsp;

leslie_hubertus · Answer

Hi&nbsp;peddi&nbsp;- I see nobody has answered your question yet, so I featured it in the Unanswered Questions section of this week's Highlights article. I've also asked a colleague to take a look.&nbsp;

aubreykingf5 · Answer

It speaks ICAP protocol. ICAP was meant to give high-speed allow / deny messages to proxies, so the architecture is what we call a 3-legged proxy. The BIG-IP sends the flow to the AV and waits for AV to allow the flow via ICAP. In this way, the AV and Proxy do not need to know how to talk to eachother.

Forum Discussion

File scan function in ASM

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

OWASP Tactical Access Defense Series: Broken Function Level Authorization (BFLA)

OWASP Automated Threats - OAT-014 Vulnerability Scanning

F5 Cloud-Native Functions For Secure Ingress

F5 Cloud-Native Functions For Modern Demands - Part 1

F5 Cloud-Native Functions For Modern Demands - Part 2

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS