Difference between revisions of "ICAP"
en>Santosh.thorat |
|||
(One intermediate revision by one other user not shown) | |||
Line 10: | Line 10: | ||
= Enabling ICAP section on SafeSquid User Interface = | = Enabling ICAP section on SafeSquid User Interface = | ||
== <span class="mw-headline" id="Access_the_SafeSquid_interface">[ | == <span class="mw-headline" id="Access_the_SafeSquid_interface">[https://docs.safesquid.com/wiki/Access_The_SafeSquid_User_Interface Access the SafeSquid interface]</span> == | ||
{| border="0" cellpadding="1" cellspacing="1" style="width: 100%" | {| border="0" cellpadding="1" cellspacing="1" style="width: 100%" |
Latest revision as of 19:38, 15 June 2022
What is the advantage of using ICAP?
ICAP is a protocol designed to off-load specific Internet-based content to dedicated servers, thereby freeing up resources and standardizing the way in which features are implemented. For example, a server that handles only language translation is inherently more efficient than any standard Web server performing many additional tasks.
ICAP concentrates on leveraging edge-based devices (proxies and caches) to help deliver value-added services. At the core of this process is a cache that will proxy all client transactions and will process them through ICAP Web servers. These ICAP servers are focused on a specific function, for example, add insertion, virus scanning, content translation, language translation, or content filtering. Off-loading value-added services from Web servers to ICAP servers allows those same web servers to be scaled according to raw HTTP throughput versus having to handle these extra tasks.
ICAP in its most basic form is a "lightweight" HTTP based remote procedure call protocol.
In other words, ICAP allows its clients to pass HTTP based (HTML) messages (Content) to ICAP servers for adaptation. Adaptation refers to performing the particular value added service (content manipulation) for the associated client request/response.
How does ICAP work in SafeSquid?
The ICAP feature enables the proxy server to use an ICAP server to perform request modification, request satisfaction, or response modification to any request or response.
When enabled, what basically happens is this:
For request modification:
- client sends request to proxy server.
- proxy server forwards request to the ICAP server, ICAP server will respond with a possibly modified request header.
- proxy server will use that modified request header to process the request.
This allows the ICAP server to do things like redirection, header filtering, etc.
For request satisfaction:
- client sends request to proxy server.
- proxy server forwards request to ICAP server, ICAP server will respond with a _response_ header and possibly a response body.
- proxy server will pass that response header and body onto the client, the request will not be further processed.
This allows the ICAP server to do things like URL blocking, etc.
For response modification:
- client sends request to proxy server.
- proxy requests file from web server (or uses cached response). - proxy server forwards response header and body to ICAP server, ICAP server will respond with a possibly modified response header and body.
- proxy server will then send the possibly modified response header and body to the client.
This allows the ICAP server to do things like virus scanning, content modification, block inappropriate content, etc.
When an ICAP server is installed with a caching system, every transaction is piped through the ICAP server, allowing the server to modify or redirect Web requests or responses.
When an ICAP server is installed in an FTP system, every transaction is piped through the ICAP server, allowing virus and content filtering
software to operate on the content.
Enabling ICAP section on SafeSquid User Interface
Access the SafeSquid interface
Go to Configure Page |
||||
Go to Real time content security
|
||||
Go to ICAP Section |
||||
GlobalEnabledEnable or Disable this section.
|
||||
|
||||
ICAP |
||||
Here we can create the policies for ICAP section. Click on ADD icon to create a new policy. EnabledEnable or Disable this Policy.
Default PoliciesSafeSquid comes with some default Inspection policies as follows. Enable or Disable above policies as per the requirement or add new policy for new requirement |