If you use a separate proxy server, you must configure the settings of Kaspersky Web Traffic Security connection to the ICAP server.
If you use a separate proxy server, by default, Kaspersky Web Traffic Security does not encrypt ICAP traffic or authenticate ICAP clients. The application administrator must independently ensure a secure network connection between your proxy server and Kaspersky Web Traffic Security by using traffic tunneling or iptables.
To configure ICAP server connection settings:
In the application web interface window, select the Settings → General → ICAP server section.
In the ICAP server address list, select one of the following values:
127.0.0.1 (IPv4 address) if the proxy server and Kaspersky Web Traffic Security are installed on the same server. The application will process traffic only from the current server.
0.0.0.0 (IPv4 address) if you use a separate proxy server. The application will process traffic from any server.
::1 (IPv6 address, analogous to the address 127.0.0.1) if the proxy server and Kaspersky Web Traffic Security are installed on the same server. The application will process traffic only from the current server.
:: (IPv6 address, analogous to the 0.0.0.0 address) if you use a separate proxy server. The application will process traffic from any server.
Type the ICAP server connection port.
Possible values are from 1 to 65535, except ports 22, 80, 443, 705, and 9045.
In the Maximum connections over the ICAP protocol box, set a limit for simultaneous connections to the ICAP server.
You can specify a value from 1000 to 10,000. The default setting is 5000.
Click Save.
The ICAP server connection settings are configured.