Traffic Forwarding via Internet Content Adaptation Protocol (ICAP)
- Similar to the proxy chain scenario as explained in the previous step, ICAP integration is required when there is another ICAP client in your network.
- Like the chain scenario, traffic first comes to the network device and communicates with Comodo SWG using the ICAP protocol. Packets go from the endpoint to the ICAP client first, then to Comodo SWG, pass back to the ICAP client and then to the internet.
The following example explains the ICAP method using a Bluecoat Proxy SG and Comodo SWG integration scenario, where Bluecoat is the ICAP Client and Comodo SWG is ICAP Server.
ICAP Integration
In this scenario, the Bluecoat Proxy will be acting as the ICAP client where Comodo SWG is the ICAP server. It's recommended to send both responses and requests to Comodo SWG's ICAP Service.
- Comodo SWG Response Mode URI: icap://ipofdome:1344/response
- Comodo SWG Request Mode URI: icap://ipofdome:1344/request
Click 'Configuration' > 'Configuration' on the left then 'ICAP' to view the Comodo SWG IP for your account.
Note 1: For Comodo SWG to deliver web access controls and URL blocking, responses must be sent to Comodo SWG's Response Service. Note 2: For Comodo SWG to deliver containerization and Valkyrie services, requests must be sent to Comodo SWG's Request Service. |
On Bluecoat Visual Manager
1. Go to 'Configuration, External Services and ICAP'.
2. Click 'New'
3. Give the ICAP Service a name (e.g. 'Comodo SWG Request')
4. In the service list, select the new service you just created and click 'Edit'.
5. Add the SWG Request URL to Service URL (Comodo SWG Service URL is icap://ipofdome:1344/request) and select 'Method Supported' as 'Request Modification'.
6. Click 'OK'.
7. Click 'Apply'.
Repeat the process above for Response modification.
Note: The IP varies for different accounts and the Comodo SWG IP for your account can be found in the section, Configuration > ICAP.
|
Please contact us at domesupport@comodo.com if you have any issues connecting endpoints / networks to Comodo SWG.