North America
  • North America
  • Europe
  • United Kingdom
  • Asia & Pacific
  • Australia
  • South America
  • Africa

Traffic Forwarding: ICAP

Release Time
1489 times
Xcitium Secure Web Gateway

(ICAP) integration is required when there is another ICAP client in the customer network. In this method, like the chain scenario, traffic first comes to the network device and communicates with Dome using the ICAP protocol.
Packets go from the endpoint to the ICAP client first, then to  Xcitium Dome, pass back to the ICAP client and then to the internet.


The following example explains the ICAP method using a Bluecoat Proxy SG and Dome integration scenario, where Bluecoat is the ICAP Client and Dome is ICAP Server.


ICAP Integration


In this scenario, the Bluecoat Proxy will be acting as the ICAP client where Dome is the ICAP server. It's recommended to send both responses and requests to Dome's ICAP Service.

• Dome Response Mode URI: icap://ipaddressofdome:1344/response
• Dome Request Mode URI: icap://ipaddressofdome:1344/request



On Bluecoat Visual Manager



  1. Go to 'Configuration, External Services and ICAP'.
  2. Click 'New'
  3. Give the ICAP Service a name (e.g. 'Dome Request')
  4. In the service list, select the new service you just created and click 'Edit'.
  5. Add the Dome Request URL to Service URL (Dome Service URL is icap://ipofdome:1344/request) and Select 'Method Supported' as 'Request Modification'.
  6. Click 'OK'.
  7. Click 'Apply'.

Repeat the process above for Response modification.


After connecting your network(s), make sure to add them as a 'Trusted Network' in the 'Locations' interface. If you do not then Dome will not function correctly and your network will not be able to connect to the internet. Refer to 'Managing Trusted Networks' for more details.
Please contact us at if you have any issues connecting endpoints / networks to Dome Standard.