Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Web Portal File Upload Protection for AV/Threat Mitigations.

One of my customer has requirement they have Virtual server in F5 and backend pool members are Sap Netweaver gateways. Web Client from internet access this virtual server,and do upload of various file format to this application. How those uploaded files can be scanned for threats and which F5 module has to be positioned here. Please help me out with technical inputs.

Appreciate your immediate response on this.

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

F5 doesn't include AV module but you can configure LTM to forward requests to an external ICAP server.

0
Comments on this Answer
Comment made 1 month ago by Suresh 256

Hi Piron,

Thanks for your inputs, do we need to write an irule to achieve this AV scanning.

SSL offloading is done on F5, so i hope we can forward the attachment to ICAP Server before sending it to backend pool server. Please through some lights on this with much more details irule details for the same.

0
Comment made 1 month ago by Stanislas Piron 10237

everything is described here:

https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-12-0-0/16.html

ICAP is a protocol not chaining to another proxy but forwarding request or response to an external ICAP server and expect a content status... then the BigIP will forward the request to the server if clean, or respond to the client with a response page provided by ICAP Server.

There is no need to write an irule to work.

Don't forget an external ICAP server is required. Most of AV editors have an ICAP solution you can install with BigIP.

0
Comment made 2 weeks ago by Suresh 256

Hi There, i need your input on configuring URI path while creating ICAP service, which would help me to configure correctly.

Local Traffic > Profiles > Services > ICAP

On the right side of the screen, select the Custom check box.In the URI field, type a URI in this format: icap://hostname:port/path.

For example, using macro expansion, you can set the URI value to:

icap://${SERVER_IP}:${SERVER_PORT}/videoOptimization

please let me know how to configure this uri for my Symantac Server.

0
Comment made 2 weeks ago by Suresh 256

Hi There,

Any luck on the above query how to set URI value on ICAP Profile.

0
Comment made 2 weeks ago by Suresh 256

Image Text

0
Comment made 2 weeks ago by Stanislas Piron 10237

In icap deployments, uri is provided by the icap server...

Search in Symantec documentation what is the icap reqmod uri!

0