Open with table of contents

Configure ICAP Server

The ICAP Server enables the Gateway to process and manage Internet Content Adaptation Protocol connections to ICAP clients. You must configure the ICAP service to ensure that the Gateway is correctly managing the connections with your ICAP Client.

Tell me about...

• The ICAP Server Configuration page

  The SECURE ICAP Gateway receives requests from your existing ICAP clients to communicate with the Gateway. This page displays the settings which enable this communication. It includes the ICAP Service URLs, the Listening Port and ICAP Services Configuration. You can also add or modify an ICAP client if necessary.

• ICAP Server Listening Port

  The port used by the ICAP Gateway to receive connections from your ICAP client.

• Requests and Responses

  You can enable the ICAP Server to process both or either:

  • Request modification requests
  • Response modification requests
• Message previewing

  Enables previews on requests and responses. It is recommended that Message previewing is enabled.

  The preview size in the ICAP client must be set to 0 so that only headers are sent to the Gateway for analysis.

• Scan HTTPS CONNECTs

  Enables the scanning of HTTPS CONNECTs. When a CONNECT method is received it can be analyzed to enforce the security policy. If your proxy decrypts HTTPS content, the CONNECT method will be followed by HTTP traffic, which will be sent to the SECURE ICAP Gateway for inspection.

  If Enable scanning of HTTPS CONNECTs is not enabled and the ICAP client does not send decrypted traffic to the Gateway, it is possible that users will have access to sites which are blocked by your policy.

• ICAP Clients

  The list of currently configured ICAP clients. You can add new IP addresses or change the IP address of existing ICAP clients.

How do I...

• Enable request and response modification requests?

  1. Click System > ICAP Server Configuration.
  2. In the ICAP Services Configuration section, click Click here to change these settings.

  3. Select the type of requests you want the ICAP Server to process.

     Select the Enable message previewing check box. This enables the server to preview requests before processing is performed.

  4. Click Save.
  5. Apply the configuration.
• Add an ICAP client?

  1. Click System > ICAP Server Configuration.
  2. In the ICAP Clients section. click Add.
  3. Enter the IP address of the new ICAP client.
  4. Click Add.

  You can change the IP address of your ICAP clients by selecting a client from the list and clicking Edit.

See also...

• Monitoring the ICAP Server