I am new here in the McAfee community and I would just like to start off by saying hello to everyone and I look forward to a good discussion, and hopefully one that ends up not only helping my situation but others that run into the same issue, if that is even possible. Also my knowledge of McAfee Web Gateway, version 188.8.131.52, is very novice so please go easy on me, I know there are a great deal of knowledgeable individuals in this community I'm just not one of them yet.
Okay, down to business. I have a McAfee Web Gateway appliance that I just upgraded to version 184.108.40.206 from 6.8.6. Now in our case we ONLY use the Web Gateway, and we can get into a utilization discussion later, appliance as an ICAP server, nothing else. The device serves as a, well the best way I can describe it, "Man in the middle" where we have an IBM XS-40 DataPower device sending Base 64 RespMods to the McAfee Web Gateway to scan items that are uploaded to our system via users. Now here is the issue that we have run into with this new OS is that we need to find a way for the appliance to decode the Base 64 requests prior to them being sent to the ICAP server for scanning. Also some other configuration information, so that we can keep the discussion well focused on finding a way to decode Base 64 requests within the Web Gateway, is that; one the DataPower appliance is using a custom style sheet to send the requests to the Web Gateway and that cannot be shared nor modified because the style sheet is how we are communicating to the Web Gateway that the data being sent to it is Base 64 encoded. Two we made certain that the ICAP Server was enabled in the Configuration>Proxies (HTTP(S), FTP, ICAP, and IM) section as well as making certain that our URIs were set the same way we had them in version 6.8.6. We also made sure that our timeouts and other settings, that we could find in version 7.0, were set similar to the settings in version 6.8.6. We generated packet captures of the transfer and we can see that the appliance is opening the request, however, for what ever reason, the Web Gateway suddenly resets the connection.
So bottom line... We need to know how, if possible, to teach the McAfee Web Gateway, via some sort of rule set, how to decode Base 64 encoded requests before sending the requests on to the ICAP server for scanning. Does anyone know how that might be accomplished? Also, just because this is driving me crazy, but is there anyone else simply using the McAfee Web Gateway appliance as an ICAP server only? I appreciate all the help that I can get. Thank you.