Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Employee
Employee

Re: Symantec (Bluecoat) SG ICAP and Sandblast (TEX)

Hello Heiko, 

       I am looking for documentation for F5 LTM i2600 integration with Sandblast appliance. Do you have one? 

Thank you!

Regards,

Coco

0 Kudos
Highlighted

Re: Symantec (Bluecoat) SG ICAP and Sandblast (TEX)

Hi Coco,

On F5 side this is a bit problematic. You can't limit the number of ICAP sessions. For example, if the TE appliance is set to 100 sessions and you open the 101 session, you will get an ICAP error.

Unfortunately, this cannot be adjusted on the F5 side. I have already opened a ticket at F5. But so far without success.

On the TE Appliance you have to configure it as described in my articles:

Symantec (Bluecoat) SG ICAP and Sandblast (TEX) 

Fortigate Firewall ICAP and Sandblast (TEX) 

Here you can find an article how it works with F5:

AskF5 | Manual Chapter: Configuring Content Adaptation for HTTP Requests 

Regards

Heiko

Highlighted
Employee
Employee

Re: Symantec (Bluecoat) SG ICAP and Sandblast (TEX)

Thank you for the sharing Heiko! Smiley Happy

In my design, customer will have F5 LTM work with 2-3 Sandblast appliances. In this case, will LTM be able to deliver the 101 session to next available Sandblast appliance? Thank you!

Regards,

Coco

Highlighted

Re: Symantec (Bluecoat) SG ICAP and Sandblast (TEX)

Hi Coco,

it is the same issue! The problem is only shifted (100* 3 Te appliances). So you have the ICAP error of the 301 connection. With Bluecoat or Fortigate you can define the upper limit "max ICAP connections". With F5 this is unfortunately not possible. This means that this can always be a problem if it is exceeded. I have not found a solution yet. 

Regards,

Heiko

Highlighted

Re: Symantec (Bluecoat) SG ICAP and Sandblast (TEX)

Hello Mr. Heiko, congratulations for your exceptional knowledge about security and deep configuration of checkpoint products. Can I ask you for a new document about  icap integration with symantec DLP sever using the new capabilities of icap client on r80.20?

Thank you so much.

Regards.

Alessandro

0 Kudos
Highlighted

Re: Symantec (Bluecoat) SG ICAP and Sandblast (TEX)

Sorry, I have no experience with R80.20 and ICAP yet.

I'll try that out in the next few days.

Highlighted

Re: Symantec (Bluecoat) SG ICAP and Sandblast (TEX)

Thank you!

0 Kudos
Highlighted

Re: Symantec (Bluecoat) SG ICAP and Sandblast (TEX)

More coming soon!

0 Kudos
Highlighted

Re: Symantec (Bluecoat) SG ICAP and Sandblast (TEX)

Thank's for this info.

Heiko

0 Kudos
Highlighted

Re: Symantec (Bluecoat) SG ICAP and Sandblast (TEX)

Testing at the moment with R80.20 and R80.30EA.

More coming soon.

0 Kudos