Internet Content Adaptation Protocol Proxy

Internet Content Adaptation Protocol Proxy

Delegate virus scanning to the McAfee Web Gateway to scan content for viruses by enabling Internet Content Adaptation Protocol (ICAP) Proxy. This configuration conditionally forwards HTTP traffic to an  ICAP Server, scanning it for malware before sending it to the AirWatch Content Integration Endpoint.

Picture1.png

1. AirWatch Client sends an HTTP request to an AirWatch Content Integration Endpoint to upload or download content.

  • AirWatch Client - Refers to Content Locker, AirWatch Console, or the Self-Service Portal.
  • AirWatch Endpoint -  Refers to Content Gateway or Remote File Storage.

2. ICAP Proxy forwards the HTTP request over the appropriate protocol to the ICAP Server.

  • REQMOD – Refers to the protocol that sends upload requests.
  • RESPMOD – Refers to the protocol that sends download requests.

3. McAfee Web Gateway scans the content for malware and returns a message:

  • 403 – Returns when the ICAP Server detects malware.
  • 200 – Returns when the ICAP Server does not detect malware.

4. ICAP Proxy forwards malware-free requests to the specified AirWatch Content Integration Endpoint.

Alternatively, if the ICAP server detects malware, an error message returns to the client:

  • AirWatch Console – Displays a pop-up with the 403 – Forbidden Error message.
  • Self-Service Portal – Displays a pop-up with the 403 – Forbidden Error message.
  • Content Locker – Displays an Upload failed or Download failed message.

ICAP Proxy Configuration

When setting up a Content Gateway node via Groups & Settings > All Settings > Content > Content Gateway or Remote File Storage server via Groups & Settings > All Settings > Content > Remote Storage, you have the following options to configure ICAP Proxy.

ICAP Request Scanning

Enable a supported third party ICAP server to scan content for malware prior to its upload into the corporate network. At this time, AirWatch supports McAfee Web Gateway v7.5.2.7.0 and above. Disable if your organization doesn't implement a supported ICAP server, or does not wish to implement virus scanning on content uploads.

ICAP Request Address

Enter the request address. Use an IP address, icap://<IP Address for REQMOD>, for the best performance.

 

ICAP Request Port

Enter the request port for the ICAP server. The recommended port for McAfee Web Gateway is 1344.

 

ICAP Response Scanning

Enable a supported third party ICAP server to scan content for malware prior to downloading it from the corporate network. At this time, AirWatch supports McAfee Web Gateway v7.5.2.7.0 and above. Disable if your organization doesn't implement a supported ICAP server, or does not wish to implement virus scanning on content downloads.

 

ICAP Response Address

Enter the response address. Use an IP address, icap://<IP Address for RESPMOD>, for the best performance.

 

ICAP Response Port

Enter the response port for the ICAP server.The recommended port for McAfee Web Gateway is 1344.

 

ICAP Proxy Installation

Scan uploads to and downloads from Content Gateway or Remote File Storage for malware using the ICAP Proxy. Enabling and configuring the ICAP Proxy while configuring Content Gateway or Remote File Storage packages the ICAP Proxy with the other service's installer.

Installing ICAP Proxy with Content Gateway or Remote File Storage causes additional prompts to appear during the installation of these components. Review the prompts and determine what to do if installing this service alongside Content Gateway or Remote File Storage.

Prompt

Description

Squid

Install squid, when prompted, unless previously installed.

 

Content Gateway or Remote File Storage Port

Provide the port the Content Integration Endpoint uses.

Have more questions? Submit a request

0 Comments

Article is closed for comments.