North America
  • North America
  • Europe
  • United Kingdom
  • Asia & Pacific
  • Australia
  • South America
  • Africa

Traffic Forwarding: ICAP

Release Time
11/08/2017
Views
1601 times
Category
Xcitium Secure Web Gateway
Tags


(ICAP) integration is required when there is another ICAP client in the customer network. In this method, like the chain scenario, traffic first comes to the network device and communicates with Dome using the ICAP protocol.
Packets go from the endpoint to the ICAP client first, then to  Xcitium Dome, pass back to the ICAP client and then to the internet.

 

The following example explains the ICAP method using a Bluecoat Proxy SG and Dome integration scenario, where Bluecoat is the ICAP Client and Dome is ICAP Server.

 

ICAP Integration

 

In this scenario, the Bluecoat Proxy will be acting as the ICAP client where Dome is the ICAP server. It's recommended to send both responses and requests to Dome's ICAP Service.


• Dome Response Mode URI: icap://ipaddressofdome:1344/response
• Dome Request Mode URI: icap://ipaddressofdome:1344/request

 

 

On Bluecoat Visual Manager

 

 

  1. Go to 'Configuration, External Services and ICAP'.
  2. Click 'New'
  3. Give the ICAP Service a name (e.g. 'Dome Request')
  4. In the service list, select the new service you just created and click 'Edit'.
  5. Add the Dome Request URL to Service URL (Dome Service URL is icap://ipofdome:1344/request) and Select 'Method Supported' as 'Request Modification'.
  6. Click 'OK'.
  7. Click 'Apply'.

Repeat the process above for Response modification.

 

After connecting your network(s), make sure to add them as a 'Trusted Network' in the 'Locations' interface. If you do not then Dome will not function correctly and your network will not be able to connect to the internet. Refer to 'Managing Trusted Networks' for more details.
Please contact us at domesupport@Xcitium.com if you have any issues connecting endpoints / networks to Dome Standard.