Nimbostratus
Would it be possible to redirect those uploaded files to an ICAP server for virus check.
Is it possible to do that with irules or BigIP will support ICAP API in future release.
Thanks
Simon
Nimbostratus
Nimbostratus
Thanks!
Cirrostratus
With a 4Mb limit on TCL variables, I don't think it's feasible to do this now in an iRule.
Aaron
Cirrocumulus
Just seen this in "BIG-IP Application Security Manager version 10.2.0 Release notes", under "New Features":
Anti-virus scanning
With this version you can configure the Application Security Manager to act as an Internet Content Adaptation Protocol (ICAP) client. The system asks an external ICAP server to check HTTP file uploads for viruses before releasing the content to the web-server. To configure antivirus protection, from the Configuration utility, navigate to Application Security » Options » Anti-Virus Protection.
If the system detects a virus in an incoming request, the system issues the violation Virus Detected, and logs or blocks the illegal request, depending on how you have configured the settings of this violation on the Policy Blocking Settings screen.
We added an advanced configuration parameter, Virus header name, which is the name of the response header that the ICAP server returns when it detects a virus. The parameter’s default value is X-Virus-Name, which is McAfee’s default response header. If you are using a different ICAP server, change this parameter’s value to the appropriate value used by that ICAP server. This parameter is found on the Advanced Configuration screen (from the Configuration utility, navigate to Application Security » Options » Advanced Configuration).
Rgds
N
Nimbostratus
can anybody suggest how to redirect FTP (upload/download) traffic to icap server...
also suggest, is FTP over HTTP will work with ASM icap?
-Mayur
Cirrostratus
What is FTP over HTTP? This isn't an implementation I'm familiar with. Do you mean FTP encapsulated somehow in HTTP? Or are you just using FTP on port 80?
Aaron