Comodo Help
Find the desired product help
Comodo Secure Web Gateway

Comodo Secure Web Gateway

Secure Web Gateway Admin Guide

English

Print Help Download Help
Configure Comodo Secure Web Gateway > Connect Your Network / Devices To Secure Web Gateway > Traffic Forwarding Via Internet Content Adaptation Protocol (ICAP)
  • Introduction To Comodo Secure Web Gateway
    • Purchase Licenses
    • Login To The Admin Console
  • The Admin Console
  • The Dashboard
    • Customize The Dashboard
  • Configure Comodo Secure Web Gateway
    • Connect Your Network / Devices To Secure Web Gateway
      • Traffic Forwarding Via Direct Proxy Or PAC
      • Traffic Forwarding Via Proxy Chaining
      • Traffic Forwarding Via Internet Content Adaptation Protocol (ICAP)
      • Traffic Forwarding Via SWG Agent
    • Connect Your Roaming Devices To Comodo Secure Web Gateway
      • View Enrolled Roaming Devices
    • Configure Comodo Secure Web Gateway Messages
    • Configure Domain Name
    • Configure PAC File For Exclusions
    • Configure Data Loss Prevention And View ICAP Service Information
    • Configure Policy Time-Schedules
  • Manage Trusted Networks
  • Manage Policies
    • Security Policy
      • Configure Advanced Threat Protection Settings
      • Configure Containerization Settings
    • Web Content Policy
      • Manage URL Filtering Policies
      • Configure SSL Inspection Settings
      • Manage File Type Control Rules
  • Apply Policies To Networks
  • Administration
    • Configure User Authentication Settings
    • User Management
      • Manage Users
      • Manage User Groups
      • Manage Departments
      • Manage Computers
    • My Profile
  • Reports
    • Custom Reports
    • Scheduled Reports
  • Unknown Threat Statistics
  • About Comodo Security Solutions

Traffic Forwarding via Internet Content Adaptation Protocol (ICAP)

 
  • Similar to the proxy chain scenario as explained in the previous section, ICAP integration is required when there is another ICAP client in the customer network.
    • Like the chain scenario, traffic first comes to the network device and communicates with Comodo Secure Web Gateway (SWG) using the ICAP protocol. Packets go from the endpoint to the ICAP client first, then to Comodo SWG, pass back to the ICAP client and then to the internet.

    The following example explains the ICAP method using a Bluecoat Proxy SG and Comodo SWG integration scenario, where Bluecoat is the ICAP Client and Comodo SWG is ICAP Server.


    ICAP Integration


    In this scenario, the Bluecoat Proxy will be acting as the ICAP client where Comodo SWG is the ICAP server. It's recommended to send both responses and requests to Comodo SWG's ICAP Service.

    • SWG Response Mode URI: icap://ipofdome:1344/response
    • SWG Request Mode URI: icap://ipofdome:1344/request

    Click 'Configuration' > 'Configuration' on the left then 'ICAP' to view the SWG IP for your account.


    Note 1: For Comodo SWG to deliver web access controls and URL blocking, responses must be sent to Comodo SWG's Response Service.


    Note 2: For Comodo SWG to deliver containerization and Valkyrie services, requests must be sent to Comodo SWG's Request Service.


    On Bluecoat Visual Manager

    1. Go to 'Configuration, External Services and ICAP'.

    2. Click 'New'

    3. Give the ICAP Service a name (e.g. 'SWG Request')

    4. In the service list, select the new service you just created and click 'Edit'

    5. Add the SWG Request URL to Service URL (SWG Service URL is icap://ipofdome:1344/request) and select 'Method Supported' as 'Request Modification'

    6. Click 'OK'

    7. Click 'Apply'

    Repeat the process above for Response modification.

     

    Note: The IP varies for different accounts and the SWG IP for your account can be found in the section, Configuration > ICAP.

    • After connecting your network(s), make sure to add them as a 'Trusted Network' in the 'Locations' interface. Select 'ICAP' for user authentication and traffic forwarding.
    • If you don't add the network(s) as a 'Trusted Network' then Comodo SWG will not function correctly. Your network will also not be able to connect to the internet.
    • See 'Manage Trusted Networks' for more details.
    • Select 'ICAP' for user authentication and traffic forwarding option on the Locations interface.
    • User-based rules are supported for ICAP traffic forwarding method.
    • Comodo SWG uses ports 17443, 19443 and 19080 to connect to your networks. Please configure your firewall to allow SWG traffic over these ports.

    Please contact us at domesupport@comodo.com if you have any issues connecting endpoints / networks to Comodo SWG.
    Our Products
    • Free Antivirus
    • Free Internet Security
    • Website Malware Removal
    • Free Anti-Malware
    • Anti-Spam (Free Trial)
    • Windows Antivirus
    • Antivirus for Windows 7
    • Antivirus for Windows 8
    • Antivirus for Windows 10
    • Antivirus for MAC
    • Antivirus for Linux
    • Free Endpoint Security
    • Free ModSecurity
    • Free RMM
    • Free Website Malware Scanner
    • Free Device Manager for Android
    • Free Demo
    • Network Security
    • Endpoint Protection
    • Antivirus for Android
    • Comodo Antivirus
    • Wordpress Security
    Cheap CDN
    • Bootstrap CDN
    • Semantic UI CDN
    • Jquery CDN
    • CDN Plans
    • CDN
    • Free CDN
    Enterprise
    • Patch Management Software
    • Patch Manager
    • Service Desk
    • Website Down
    • Endpoint Protection Solutions
    • Website Security Check
    • Remote Monitoring and Management
    • Website Security
    • Device Manager
    • ITSM
    • CRM
    • MSP
    • Android Device Manager
    • MDR Services
    • Ransomware Prevention
    • Managed IT Support Services
    • Free EDR
    Free SSL Certificate
    Support Partners Terms and Conditions Privacy Policy

    © Comodo Group, Inc. 2024. All rights reserved.