On 6.8.x we can put the name of ICAP Server service, that is working on my appliance.
We can view tha on Proxies > ICAPs Server -> REQMOD Settings -> REQMOD resource name: XXXXXXXXXX
On my ICAP client, I put this service working with that link:
In the McAffe 7 dont have this option, to put the name of the service.
I wanna know the default name of REQMOD Mode on McAffe 7.
When i put no resource name in the ICAP Client, it show me a notification like that.
icaptest error: invalid service url. Need to specify the resource nameMessage was edited by: Caio Tobias on 7/8/10 9:58:49 AM CDT
You can put any value in for the service name on the client.
The MWG7 ICAP server will accept all values.
If you need to have some different selection with the policy, you can use a profile parameter:
And in the rules, use a property of:
ICAP.Policy equals "myPolicy"
Describe what machine is the ICAP client and what machine is the ICAP server. I might not understand what you are asking exactly.
Is MWG being used as an ICAP server to accept traffic from another proxy like Squid or BlueCoat and doing URL (REQMOD) and Antimalware (RESPMOD) scanning?
Is MWG an ICAP client, where you want to also forward outboud traffic (REQMOD) to a DLP solution?
MWG 6 and 7 can be either or both, depending on what you are trying to do.
The response I gave before was assuming you were using MWG7 as an ICAP Server that other proxies were send traffic to for scanning. It sounded like that's what you wanted. Is this what you want to do?
If MWG7 is the ICAP server for RESPMOD URL filtering, you create a rule set and check the Request Cycle for the Rule Set. Then put URL.Categories rules into the rule set and they will be categorized.
If you are sending content to MWG7 for scanning, then check only the Response Cycle (RESPMOD) on the rule set and place Antimalware rules in the Rule Set.
Does that explain it better? I'm trying to be as general as possible in the public forum so that it may apply to others reading this.
Can the Web Gateway 6.8 and 7, acting as an ICAP server, send username and IP information to a DLP solution?
Here the question a client is asking:
Web Gateway 6.8.7 build 9396, the issue is that username information is not being passed through to our Symantec DLP solution via ICAP using our current authentication method (Transparent). Can this be accomplished in 6.8? If so how? If not in 6.8 can it be done in version 7, and if so how?
generall MWG should pass the info as part of the X-Authenticated-User, X-Authenticated-Groups and X-Client-IP headers. I don't see any issue why this should be the case with the ICAP solution from Vontu. My usggestions is you make a telnet to vontu on the ICAP port and send an options request.
As an example from one of McAfee's DLP solutions:
[root@reconnex ~]# telnet localhost 1344
Connected to localhost.
Escape character is '^]'.
ICAP/1.0 200 OK
Date: Tue, 08 Mar 2011 08:04:07 GMT
Service: Reconnex iGuard ICAP Server 1.0
X-Include: X-Client-IP, X-Server-IP, X-Authenticated-User
In the options response, you see the supported X-Headers in the X-Inlcude section.
Do the same an post to to see if the Vontu solution support these headers.