How virus scanning with the ICAP server works

<< Back to Knowledge Search



How virus scanning with the ICAP server works
You want to know how virus scanning with the ICAP server works


The ProxySG uses content scanning policies to determine whether a client request or retrieved object should be sent to the ICAP server for scanning. Consider the following example:

  • A business wants to scan software downloaded by employees from popular shareware Web sites. To do this, the business defines a policy that includes a custom scan shareware action, which could includes URL domains related to the relevant shareware Web sites.

The ProxySG can use Request modification, in which it sends client requests to the ICAP server for scanning prior to retrieving the requested object, or it can use Response modification, in which it retrieves the requested object and then sends the object to the ICAP server for scanning.

The ICAP server can respond to the request by sending an HTTP response (ex. error message) or modifying the request/response (ex. stripping content).


For help writing policies for ICAP content scanning, please see the Configuration and Management Guide (CMG) for the version of SGOS that you are running.  The CMGs are located at .

If you are running SGOS 5.x, please see Volume 7: Managing Content; Chapter 3: Malicious Content Scanning Services; Section D: Creating ICAP Policy in the CMG.

If you are running SGOS 4.x, please see Chapter 11: External Services; Section A: ICAP; Creating ICAP Policy in the CMG.

Additional Information
Bug Number
InQuira Doc IdKB1676

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      SGOS 4, SGOS 5
Topic      Content Filtering, Content Management, Services
Article Number      000011562
Was this helpful?
Previous MonthNext Month