
If you enable the ICAP Server on a Check Point Cluster object: ICAP server functionality is not supported in VSX mode. If you enable ICAP server on the gateway and not enable the Threat Emulation or the Anti-Virus blades, the ICAP server runs but without inspection.Īny Security Gateway can function as an ICAP server. Any other blades in a Threat Prevention profile are ignored. ICAP server is only supported with the Threat Emulation and Anti-Virus blades.

The ICAP client sends the verdict to the client.The ICAP server sends the verdict to the ICAP client.The Threat Emulation engine returns a verdict (block, modified or continue) to the ICAP server.The ICAP server sends the file to the Threat Emulation engine.The ICAP client forwards the file to the ICAP server which is in the Check Point Threat Emulation gateway.The Web server sends the requested file to the third party gateway/proxy.
ICAP BROWSER DOWNLOAD
ICAP BROWSER SOFTWARE
The ICAP Client uses this method to retrieve configuration information from the ICAP Server.įor example: A Check Point UserCheck page presented by the Threat Emulation or Anti-Virus Software Blades.Ī default gateway or a proxy server can forward the HTTP Request / Response to its original destination. The ICAP Client uses this method for an HTTP / HTTPS response modification. The ICAP Client uses this method for an HTTP / HTTPS request modification. The ICAP message is encapsulated into the TCPĬlient Request Modification. For more information and updates, see sk123412. ICAP server is supported only on R80.20 GA gateways and above and supports only the Threat Emulation and Anti-Virus blades. ICAP server can work with multiple ICAP clients. In addition, see the Draft RFC - ICAP Extensions. ICAP is specified in RFC 3507 (for more information, see ICAP Specification). Check Point devices can work with third party devices without changing the network topology. ICAP is an RFC protocol, which lets devices from different vendors communicate. The remote host can allow, block, or modify the content.


This frees up resources and standardizes the way in which new features are implemented. The Internet Content Adaptation Protocol (ICAP) is a request and response protocol, similar to the HTTP/1.1 protocol, and allows a proxy (or other devices) to send HTTP traffic for inspection by a remote host. ICAP Server support for Threat Prevention
