One of my customer has requirement they have Virtual server in F5 and backend pool members are Sap Netweaver gateways. Web Client from internet access this virtual server,and do upload of various file format to this application. How those uploaded files can be scanned for threats and which F5 module has to be positioned here. Please help me out with technical inputs.
Appreciate your immediate response on this.
F5 doesn't include AV module but you can configure LTM to forward requests to an external ICAP server.
Thanks for your inputs, do we need to write an irule to achieve this AV scanning.
SSL offloading is done on F5, so i hope we can forward the attachment to ICAP Server before sending it to backend pool server. Please through some lights on this with much more details irule details for the same.
everything is described here:
ICAP is a protocol not chaining to another proxy but forwarding request or response to an external ICAP server and expect a content status... then the BigIP will forward the request to the server if clean, or respond to the client with a response page provided by ICAP Server.
There is no need to write an irule to work.
Don't forget an external ICAP server is required. Most of AV editors have an ICAP solution you can install with BigIP.
Hi There, i need your input on configuring URI path while creating ICAP service, which would help me to configure correctly.
Local Traffic > Profiles > Services > ICAP
On the right side of the screen, select the Custom check box.In the URI field, type a URI in this format: icap://hostname:port/path.
For example, using macro expansion, you can set the URI value to:
please let me know how to configure this uri for my Symantac Server.
Any luck on the above query how to set URI value on ICAP Profile.
In icap deployments, uri is provided by the icap server...
Search in Symantec documentation what is the icap reqmod uri!