The symantec connect community allows customers and users of symantec to network and learn more about creative and innovative ways to use symantec products and technologies. Improving the user experience to avoid having users abort and reinitiate their web requests due to scanning delays, we can provide feedback to let users know that scanning is in progress. Not a major overhaul, but some things that were missed from the best practices guide that just so happened to be causing a bit of an issue. Configure an icap client for example, network appliance netcache applianceblue coat port 80 security appliance cache servercisco icap server to communicate with the icap server. Having multiple metadefender servers assigned to a service group allows administrators to easily add capacity to meet increases in traffic. All users receive a no icap server is available message in their web browsers when trying to go to any website on proxysg or advanced secure gateway asg. Modify the file named setup to indicate your domains proxy server if you are using one. When you enable the blue coat webfilter bcwf service, the appliance reports the dynamic realtime rating drtr server for icapservicestatsname. Having multiple metadefender servers assigned to a service group allows administrators to easily add capacity to. This causes the blue coat appliance to periodically send a url filter request to the websense icap service to ensure that it is still running and responding correctly. If youve followed the icap guide on the bluecoat site, ensure the site youre using to test match the categories youre forwarding to dlp in the virtual policy manage blue coat vpm. Blue coat can be configured to enable user names, internal ips, and domain groups to be sent to cisco cloud web security without needing to make enduser changes. Proxysg sends icap trap for snmp manager even though there is.
Dec 20, 2010 the icap module allows to connect your antivirus solution with airlock 4. Airlock itself will serve as a reverse proxy and an idea. By far the leading proxyswg solution on the market. The one thing that blue coats proxyav has over cicap is that it assigns a token to all scanned objects so that object doesnt need to be scanned again if it hasnt changed when requested by another user. All right, title and interest in and to the software and documenta tion are and shall remain the exclusive property of blue coat systems, inc. Icap server connect to existing icap clients within your infrastructure. Metadefender icap server trust your network traffic opswat. Blue coat web application protections is a subscriptionbased offering that supplements the services available in blue coats proxysg web application reverse proxy warp. It is a protocol for webbased av appliances to communicate with scanning engines of various providers b. Configuring the proxy to communicate with icap service. Blue coat systems proxysg appliance configuration and management suite volume 7. The one thing that blue coat s proxyav has over c icap is that it assigns a token to all scanned objects so that object doesnt need to be scanned again if it hasnt changed when requested by another user. This article describes the necessary configuration steps for making the symantec protection engine for cloud services formerly symantec scan.
The company had a broad security portfolio including hardware, software and services. The versions are identical in behavior and more or less identical codewise too. Configure an icap client for example, network appliance netcache appliance blue coat port 80 security appliance cache server cisco icap server to communicate with the icap server. I have tested using cicapclient on ubuntu and i can confirm that the server im testing with is working. All icap requests are now sent streaming to the icap server. That is, data is sent to the icap server as soon as it is available in squid. Installing metadefender icap server on red hat enterprise linux or centos computers. This article describes the necessary configuration steps for making the symantec protection engine for cloud services formerly symantec scan engine work with airlock. Not only do 85% of fortune global 500 companies use blue coat, the company also provides solutions that scale downward to support very small installations. High performance onpremises appliances that protect organizations across the web, social media, applications and mobile networks. Secure icap gateway blue coat implementation guide page 5 of 12 5 3 clearswift secure icap gateway configuration the blue coat proxysg acts as an icap client, as it sends requests for content to be inspected. Configure the icapsupporting virus scanning server 2. Description internet content adaptation protocol icap is an open standard protocol that.
Blue coat icap implementation is fully compatible today with many av icap aware server. Clearswift secure icap gateway clearswift clearswift. No fullproof way unless the machine is lockdown and control but can has ripple effect. How to implement icap integration there are three easy steps to implementing, configuring, and testing the blue coat icap solution. The icap module allows to connect your antivirus solution with airlock 4. Enable persistent connections recommended blue coat is reusing connections to the icap server, so it is highly recommended to enable persistent connections on the icap side or the blue coat might detect. Optionally configure healthcheck for the external icap server. The clearswift icap gateway act as an icap server, as it responds to requests made by the proxysg. Blue coat proxysg logs have to be sent to the lcp via ftp. Configure and construct a blue coat policy with the desired virus scanning exactness 3. Description when browsing through a bluecoat proxy with a finjan scanner configured as an icap, client timeouts occurs. Flushing existing cached content from the appliance.
Enable persistent connections recommended blue coat is reusing connections to the icap server, so it is highly recommended to enable persistent connections on the icap side or the blue coat might detect some icap connection drop errors under high load. Blue coat has written the cpl for this policy and you can download the file, customize it for your own needs, and install it on your proxysg. This article describes how to integrate a blue coat antivirus server with airlock. This has a python icap internet content adaptation protocol server and irml parser. Symantec bluecoat sg icap and sandblast tex check point. In 2016, it was acquired by and folded into symantec. So today we would like to talk about how metadefender. Metadefender icap server protects your systems by inspecting every file traveling through your network.
Jan 04, 2012 blue coat has written the cpl for this policy and you can download the file, customize it for your own needs, and install it on your proxysg. Files are remediated, before they are accessible to the end user. We have previously discussed how to scan network traffic for malware by configuring metadefender icap server formerly known as metascan icap server functionality for use with a squid proxy server, and although squid is used by many organizations and is a great open source proxy solution, the most widelyused commercial proxy is blue coat. This deployment recommendation describes a forward proxy. Please note that a blue coat sg is not needed to use a blue coat av for checking requests and responses with airlock. It imports them into a mysql, microsoft sql server, or oracle database or its own builtin database, aggregate them, and generate dynamically filtered reports. The proxysg and the proxyav communicate through the icap protocol. Below is part of the small case study i completed to explain the options and differences between them, as well as my.
This icap trap is sent to the snmp manager when the appliance cannot send dynamic rating requests to the drtr server due to network access issues. Type the logon user name and password, if prompted. Nov 11, 2014 blue coat also allows you to group multiple icap servers together into a service group, and then balances traffic between the servers in that service group. Jun 05, 2009 this article describes how to integrate a blue coat antivirus server with airlock. Hardware, software image, vmware vsphere provides full flexibility to adapt to your organizations it strategy. Click the configuration tab and go to access logging formats. Ciscos ironport web security appliance supports icap. Drivers and software celestron telescopes, telescope. Icap is a protocol designed to offload specific internetbased content to dedicated servers, thereby freeing up resources and standardizing the way in which features are implemented. This can be done either directly using the blue coat authentication and authorization agent bcaaa, or in icap mode using connector. Users bypassing bluecoat proxy solutions experts exchange. Every file is scanned for malware and vulnerabilities. Blue coat also allows you to group multiple icap servers together into a service group, and then balances traffic between the servers in that service group.
It is configured with rules that route data to the websense icap server. Copyright 19952020 symantec corporation, powered by opensource software. It is a standard developed by blue coat to communicate between proxysg and other blue coat appliances. Nov 28, 2016 no fullproof way unless the machine is lockdown and control but can has ripple effect. Icap timeout error when browsing through bluecoat proxy.
Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. Blue coat systems was a company that provided hardware, software, and services designed for cybersecurity and network management. From sdi to ip video, 4k, and everywhere inbetween, icap is the largest closed captioning and subtitle delivery network in the world icap provides 247365 connectivity to thousands of certified caption partners around the globe and currently supports an evergrowing number of broadcast and cable channels, ott content providers, professional sports stadiums, universities, conference centers. An integral part of the trusted applications center product family, web application protections makes it easier and more efficient to set policy and protections around. For example, a server that handles only language translation is inherently more efficient than any standard web server performing many additional tasks. Im trying to communicate with a blue coat antivirus box using icap. Im fairly new at java, but i do have experience in other objectoriented languages. Set up icap for the blue coat port 80 security appliance. Configure the icap supporting virus scanning server 2.
To set up icap for the blue coat port 80 security appliance. Content analysis software ca advanced secure gateway software asg proxysg software sgos. To configure the blue coat proxysg, follow the steps below. Click icap in the left menu, then click the icap service s tab. Icap timeout error when browsing through bluecoat proxy icap. Make sure that you download the applicable package for your distribution.
The clearswift icap gateway act as an icap server, as it. The reqmod vectoring point has been changed from postcache to precache. Get access to immediate incident response assistance. Upload the installation package to your server computers. The procedure for setting up icap on a blue coat appliance might vary depending on the product version. Recently i was digging into a bluecoat proxysg proxyav setup for icap and noticed some things that had room for improvement. Sending file and receiving response using icap and. This project is intended to be used with blue coat proxyav bcp, but other icap antivirus system might work as well. Using this, a web proxy can do rulebased adaptation of content before delivery to clients.