Configuring an ICAP Engine

These configuration settings are fully exploited when an ICAP Engine definition is referred from a Virtual Path, i.e. when implicit scan is used - see also and . When an ICAP Engine is referred from an ICAP Service Task (see also ), only the Connection parameters must be used.

Here is how to configure an ICAP Engine.

First you will need to enter the Setup → ICAP Engines section of Data One.

Then click on the New button. This will open the ICAP Engines page.

There you will need to insert and select the parameters that Data One needs to connect to the ICAP server. Here they are (remember that all parameters with an * are mandatory):

Parameter

Description

Name *

Name of the ICAP connection you are creating.

Description

Description of the ICAP connection you are creating. The maximum number of characters is 2048.

CONNECTION

Host *

Remote ICAP host IP Address or hostname. The maximum number of characters is 255.

Port *

Port to connect to the remote host (1 to 65535). Default value: 1344.

HTTP Method *

The HTTP method used to interact with the ICAP Server. Possible values are:

GET (default value)
POST
PUT

ICAP Method *

The ICAP method used to interact with the ICAP Server. Possible values:

RESPMOD (default value)
REQMOD

AV service *

Name of the AV service. At least one of the two services AV service or DLP service needs to be configured; an ICAP engine can provide only one or both services. The maximum number of characters is 255.

DLP service *

Name of the DLP service. At least one of the two services AV service or DLP service needs to be configured; an ICAP engine can provide only one or both services. The maximum number of characters is 255.

Basic authentication

Option to activate basic authentication when you connect to an ICAP server. Possible values:

Enabled
Disabled (default value)

Username

This field is editable only when the Basic authentication option is enabled. Username for the Basic authentication.

Password

This field is editable only when the Basic authentication option is enabled. Password for the Basic authentication.

Preview size

The size in bytes of the preview sent to the ICAP server. Default value: 1024.

Max file size

The maximum size in megabytes of the file sent to the ICAP service. If the actual file size is larger than the maximum file size, the file will not be sent to the ICAP server for scanning.

SSL

Option to activate an SSL authentication protocol. Possible values:

Enabled
Disabled (default value)

Match server hostname

Possible values:

Enabled
Disabled (default value) When set to Enabled, the Client verifies that the Distinguished Name (DN) certificate contains the IP that has been contacted (i.e., the HOST value above).

Server key label

Key identifier to create the SSL connection

Authentication protocol

Select the SSL authentication protocol:

ALL
ONLY SPECIFIC VALUES

Accepted cipher suites

ALL
ONLY SPECIFIC VALUES

Connection timeout

Number of seconds without network activity to wait before closing a session due to inactivity. Default value: 10.

Response timeout

Number of seconds without a response from the server to wait before closing a session due to no response from the server. Default value: 120.

Max retries

Maximum number of retries. If this field is empty or set to 0, no retries will be executed and the job will be set to Failed if the first attempt is not successful. A high value corresponds to a high number of retrying attempts.

Retry interval

Time (in seconds) waited before retrying executing a job. The lower the value, the more frequent the retrying attempts. If this field is empty or set to 0, no retries will be executed and the job will be set to Failed if the first attempt is not successful.

FILE ACTIONS

Server unavailable

Define whether to allow or delete a file if the ICAP server is unavailable and the scan cannot be performed. Possible values:

Allow (default value)
Delete Click the ADD button in the Notification box to send a notification when a file cannot be scanned because the server is unavailable. In the New Notification pop-up define a Name for the notification and select the Notification Channel you want to use.

AV threat detected

When an AV threat is detected on a scanned file, the file is automatically deleted. Click the ADD button in the Notification box to send a notification when a file is deleted because an AV threat has been detected. In the New Notification pop-up define a Name for the notification and select the Notification Channel you want to use.

DLP breach detected

When a DLP breach is detected on a scanned file, the file is automatically deleted. Click the ADD button in the Notification box to send a notification when a file is deleted because a DLP threat has been detected. In the New Notification pop-up define a Name for the notification and select the Notification Channel you want to use.

File scan skipped

Define whether to allow or delete a file if the scan has been skipped due to the file size exceeding the max size set above. Possible values:

Allow (default value)
Delete Click the ADD button in the Notification box to send a notification when a file scan has been skipped. In the New Notification pop-up define a Name for the notification and select the Notification Channel you want to use.

Once you have set all the necessary parameters, click Save.

You will see the configuration in the result list.

In the result list, there are columns for:

The last time a Server has been modified
The name of the ICAP Engine
The name of the AV service associated with the ICAP Engine
The name of the DLP service associated with the ICAP Engine
The host name

The 3-dots icon at the end of each entry lets the user Edit and Delete the ICAP Engine. Learn how to use the toolbar at the top of the page here. Results can be sorted in the Filters panel on the right of the page. Insert the ICAP Engine name and click on the APPLY button to filter results.

PreviousICAP Engines NextDefining an ICAP rule

Last updated 2 months ago