4.4.2 BlueCoat ProxySG

Prerequisite

ProxySG Management Console

The ProxySG configuration should be done from the ProxySG Management Console interface. Below is the minimum configuration required for Metadefender ICAP Serverscan ICAP integration with ProxySG. Please refer to the ProxySG manual for advanced proxy configuration. Open a web browser and load the ProxySG Management Console. (Please refer to the ProxySG manual for details about how to open the ProxySG Management Console.) The ProxySG configuration should be done from the ProxySG Management Console interface. Below is the minimum configuration required for Metadefender Core ICAP integration with ProxySG. Please refer to the ProxySG manual for advanced proxy configuration. Open a web browser and load the ProxySG Management Console. (e.g. https://<ip address>:8082 Please refer to the ProxySG manual for details about how to open the ProxySG Management Console.)

Disable Automatic Cache Refresh

  1. Click on the 'Configuration' tab, and navigate to 'Proxy Settings'->'HTTP Proxy'

  2. Select the 'Freshness' tab and select the 'Disable refreshing' option

  3. Select the 'Acceleration Profile' tab and uncheck the following options

    1. Pipeline embedded objects in client request

    2. Pipeline redirects for client request

    3. Pipeline embedded objects in prefetch request

    4. Pipeline redirects for prefetch request

  4. Click 'Apply' to save these settings

Adding REQMOD Service (Upload Mode)

  1. Within the 'Configuration' tab, navigate to 'External Services'->'ICAP'

  2. Click 'New'

  3. Enter a service name for the Metascan service (in this example we use 'MetascanReqmod') and click 'OK'

  4. In the services list, select 'MetascanReqmod' and click 'Edit'

  5. Update the following values

    1. In ICAP Service

      1. Set Service URL to 'icap://<Metascan Server>/OMSScanReq-AV'

      2. Select 'Use vendor's "virus found" page'

    2. In ICAP Service Ports

      1. Check 'This service supports plain ICAP connections

      2. Set the 'Plain ICAP port' value to your Metascan's ICAP port (1344 by default)

    3. In ICAP v1.0 Options

      1. Check 'Request modification'

      2. Check 'Send Client address'

  6. Click 'OK'

  7. Click 'Apply' to save the configuration

Adding RESPMOD Service (Download Mode)

  1. Within the 'Configuration' tab, navigate to 'External Services'->'ICAP'

  2. Click 'New'

  3. Enter a service name for the Metascan service (in this example we use 'MetascanRespmod') and click 'OK'

  4. In the services list, select 'MetascanReqmod' and click 'Edit'

  5. Update the following values

    1. In ICAP Service

      1. Set Service URL to 'icap://<Metascan Server>/OMSScanResp-AV'

      2. Select 'Use vendor's "virus found" page'

    2. In ICAP Service Ports

      1. Check 'This service supports plain ICAP connections

      2. Set the 'Plain ICAP port' value to your Metascan's ICAP port (1344 by default)

    3. In ICAP v1.0 Options

      1. Check 'Response modification'

      2. Check 'Send Client address'

  6. Click 'OK'

  7. Click 'Apply' to save the configuration

Create Metadefender REQMOD Policy

  1. Within the 'Configuration' tab, navigate to 'Policy'->'Visual Policy Manager'

  2. Click the 'Launch' button

  3. In the 'BlueCoat Visual Policy Manager' window, navigate to 'Policy'->'Add Web Content Layer'

  4. Enter a layer name (in this example we use 'Metadefender ICAP Server ReqMod') and click 'OK'

  5. In the newly created 'Metadefender ICAP Server ReqMod' tab, right click on 'Use Default Caching' and choose 'Set...'

  6. In the 'Set Action Object' window, click 'New' and select 'Set ICAP Request Service...'

  7. In the 'Add ICAP Request Service Object' window, set the following values

    1. Set 'name' to 'Metadefender ICAP Server Request Service'

    2. In 'Available services', select 'MetascanReqMod' and click 'Add'

  8. Click 'OK' to finish and 'Apply' to save

Create Metadefender RESPMOD Policy

  1. Within the 'Configuration' tab, navigate to 'Policy'->'Visual Policy Manager'

  2. Click the 'Launch' button

  3. In the 'BlueCoat Visual Policy Manager' window, navigate to 'Policy'->'Add Web Content Layer'

  4. Enter a layer name (in this example we use 'Metadefender ICAP Server RespMod') and click 'OK'

  5. In the newly created 'Metadefender ICAP Server RespMod' tab, right click on 'Use Default Caching' and choose 'Set...'

  6. In the 'Set Action Object' window, click 'New' and select 'Set ICAP Response Service...'

  7. In the 'Add ICAP Response Service Object' window, set the following values

    1. Set 'name' to 'Metadefender ICAP Server Response Service'

    2. In 'Available services', select 'MetascanRespMod' and click 'Add'

  8. Click 'OK' to finish and 'Apply' to save

Configure Bluecoat SSL

refer to Configure Bluecoat SSL