If you use a separate proxy server, you must configure the settings of Kaspersky Web Traffic Security connection to the ICAP server.
If you use a separate proxy server, by default, Kaspersky Web Traffic Security does not encrypt ICAP traffic or authenticate ICAP clients. The application administrator must independently ensure a secure network connection between your proxy server and Kaspersky Web Traffic Security by using traffic tunneling or iptables.
To configure ICAP server connection settings:
In the application web interface window, select the Settings section, ICAP server subsection.
In the ICAP server address list, select one of the following values:
127.0.0.1 (IPv4 address) if the proxy server and the Worker server are installed on the same host. Kaspersky Web Traffic Security will process traffic only from the current host.
0.0.0.0 (IPv4 address) if you use a separate proxy server. Kaspersky Web Traffic Security will process traffic from any host.
::1 (IPv6 address, analogous to the 127.0.0.1 address) if the proxy server and the Worker server are installed on the same host. Kaspersky Web Traffic Security will process traffic only from the current host.
:: (IPv6 address, analogous to the 0.0.0.0 address) if you use a separate proxy server. Kaspersky Web Traffic Security will process traffic from any host.
Type the ICAP server connection port.
In the Maximum connections over the ICAP protocol box, set a limit for simultaneous connections to the ICAP server.
You can specify a value from 1000 to 10,000. The default setting is 5000.
Click Save.
The ICAP server connection settings are configured.