2 Create a Blue Coat policy to implement the desired content scanning. Implementing Response ICAP To configure and test the Blue Coat ICAP solution for incoming traffic on the ProxySG appliance, you must complete the following tasks: 1 Configure the ProxySG to communicate with the content-scanning server. These other devices/integrations have not been tested and certified by Blue Coat and are therefore not supported. NOTE: ICAP is an open publicly available standard, so there may be other 3rd party content scanning devices that are functionally compatible with Proxy SG beyond those listed here. Port Authority (now WebSense Data Protection) Third party off-box ICAP DLP/ILP appliances supported: Third party off-box ICAP antivirus appliances/servers supported: The Blue Coat ICAP implementation currently supports the following vendors: Scan engines supported on Blue Coat ProxyAV appliances: Blue Coat ProxySGs support multiple content-scanning vendors to provide administrators with the flexibility to choose the vendor that best addresses the security concerns of their enterprise. This ability to immediately serve scanned content to users provides a considerable performance enhancement for networks that require content scanning. ![]() Instead of scanning an object every time it is requested, the ProxySG can cache an object that has been scanned and identified as “clean” and subsequently serve it to users. Why Implement ICAP? The key benefit to a Blue Coat solution consisting of a ProxySG appliance and an ICAP-supported appliance/ server is the ability of the ProxySG to cache scanned content. By physically integrating the ProxySG and off-box scanning appliance and including it in the Blue Coat ProxySG configuration, the ProxySG is able to send traffic to the scanning appliance so that it can detect viruses, worms, spyware, malware, Trojans or, when used for request modification, provide data leak prevention (DLP), also known as information leak prevention (ILP) or information detection and leak prevention (IDLP). ![]() What is ICAP Integration? ICAP is the protocol used by Blue Coat ProxySG appliances to communicate with Blue Coat ProxyAV appliances as well as some third party appliances to perform content scanning. This document provides instructions on how to perform generic, third-party appliance ICAP response integration, as well as ProxyAV ICAP integration, and Two-Way response and request ICAP implementation. The most common ICAP integration deployment is a Blue Coat ProxySG appliance and a Blue Coat ProxyAV appliance. ProxySG ICAP Integration Blue Coat’s proxies can utilize the Internet Content Adaptation Protocol (ICAP) to hand off HTTP requests and/or responses to an external server for configured processing and transformation. Technical Brief: ProxySG ICAP Integration
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |