Configuring traffic processing settings on the ICAP server.

Traffic processing settings on the ICAP server are applied on all servers that have the application installed.

To configure ICAP server traffic processing settings:

  1. In the application web interface window, select the SettingsGeneralICAP server section.
  2. In the Header with the client IP address box, enter the header that the proxy server uses for sending the IP address of the proxy server user.

    The default setting is X-Client-IP.

    If the header in this box differs from the header on the proxy server, the application cannot identify users correctly when checking traffic processing rules.

  3. In the Header containing user name box, enter the header that the proxy server uses to send the name of the proxy server user.

    The default setting is X-Client-Username.

    If the header in this box differs from the header on the proxy server, the application cannot identify users correctly when checking traffic processing rules.

  4. If the proxy server sends user names in Base64 encoding, select the User name in Base64 encoding check box.
  5. In the Path to request modification service box, specify the address of the Request Modification (REQMOD) service that processes outbound traffic.
  6. In the Path to response modification service box, specify the address of the Response Modification (RESPMOD) service that processes inbound traffic.
  7. If you want to prevent the user's browser from terminating the connection with a timeout error when large objects are loaded:
    1. Set the Start to transfer HTTP messages before their scanning is complete toggle switch to Enabled.

      If this parameter is enabled and it is taking a long time to scan an object, Kaspersky Web Traffic Security sends a part of the object to the browser without waiting for the scan to complete. In the meantime, Kaspersky Web Traffic Security continues scanning the object in accordance with traffic processing rules. If at the conclusion of the scan, access to the object is allowed, the object is sent to the browser in its entirety. If access to the object is denied, the browser session is terminated and the remaining part of the object is not delivered. In this case, the loading of the prohibited object is terminated without providing a reason. The user does not get a denial message and is not redirected to a different page.

    2. In the Bitrate (KB/s) field, specify the number of bytes that will be transmitted to the browser every second until the application finishes scanning the HTTP message.

      You can specify an integer from 1 to 1024.

    3. In the Send delay (s) field, specify the delay time in seconds. The application will begin sending the object to the browser after the specified number of seconds.

      You can specify an integer from 1 to 3600.

  8. Click Save.

Traffic processing settings for the ICAP server are configured.

Page top