cancel
Showing results for 
Search instead for 
Did you mean: 

Bypass ICAP Server in MWG 6.8.7

Hello!

Is it possible in MWG 6.8.7 to bypass the ICAP server for hostnames based on a regex? We want to bypass the ICAP service for simple hostnames, for example http://smile (it's not fully qualified) because we are routing all http/https/ftp-traffic via proxy.pac to the  MWGs and want to bypass content filtering for internal hosts.

My first try was to define ([A-Za-z0-9_-]+) but this didn't work.

Any help will be appreciated.

TIA

Gerhard

4 Replies

Re: Bypass ICAP Server in MWG 6.8.7

Why don't you simply bypass proxying to simple  hostnames in the proxy.pac file instead?

You can do this by the function:

if (isPlainHostName(host)) { return DIRECT; }

This is what most people do.

Re: Bypass ICAP Server in MWG 6.8.7

Hi Erik!

That's what we do today.

But we have to separate our test-environment from the development-environment. So in the future we will have two different zones protected by a firewall and the MGW will be the central communication gateway between the two zones. Only the MGW will be allowed to contact the services in the test-environment. Unfortunately there are some common  services in the test-environment which should be reached by the short name, i.e. http://smile

Gerhard

Re: Bypass ICAP Server in MWG 6.8.7

The shell expression patterns in MWG 6.8 are limited. They don't behave like regex.

Version 7 has the ability to do that very easily because you can apply rules to just the URL.Host itself and not the whole URL (scheme://host:port/path?parameters)

I can't see an easy way to isolate a host with no periods in the name without it scanning the entire path, other than putting specific hosts into the ICAP bypass list itself.

Message was edited by: Erik Elsasser on 2/2/11 10:43:55 AM CST

Re: Bypass ICAP Server in MWG 6.8.7

Hi!

Thank you for the information although I've hoped for better news. Well, so I'm trying to get a list of all those services and define them by the usual way.

G.

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support

    • Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center