Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

Web Security: ICAP Support

Many DLP Systems, etc. work to filter web traffc by utilizing a 3rd party HTTP Proxy (Squid, etc.)... Most work with ICAP compatible Proxies... adding this ability would preclude my customers from having to add yet another proxy to their network infrastructure.

37 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    BrucekConvergentBrucekConvergent shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    9 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • DenisDenis commented  ·   ·  Flag as inappropriate

        The more we talk with system integrators and customers on the transition from TMG to UTM, the more we need to hear this function.
        Since in large enterprises, TMG is a component of the overall security system.

      • Joe SalandJoe Saland commented  ·   ·  Flag as inappropriate

        Two things, one I find it odd that someone said this is not in the cards when Sophos is a member of the I-CAP Forum (http://www.sophos.com/en-us/about-us/company-profile/industry-affiliations.aspx). I would hope that means they have the intention of adding this capability to this product. Secondly, without ICAP support the integration of this totally awesome UTM solution with other necessary security solutions (DLP?) really make it a hard sell in today's environment.

      • Thomas TSPThomas TSP commented  ·   ·  Flag as inappropriate

        It´s really right, the additional ICAP-interface is very important and not only a "nice to have" in this time.
        Its a "must!", because today legal web-links left on legal web-sides and/or in mails leads to illegal actions.
        And smart security devices always use ICAP against this this very dangerous behavior!!

      • BrucekConvergentBrucekConvergent commented  ·   ·  Flag as inappropriate

        Bob, It wouldn't necessarily have to be part of the reverse Proxy... however, I feel it should be implemented; a lot of Astaro's competition support ICAP. There's example code out there in the form of Squid (which Astaro used to use) .. Squid supports ICAP. I like the new proxy's performance better, but maybe they should "borrow" a bit from an old friend.

      • Bob AlfsonBob Alfson commented  ·   ·  Flag as inappropriate

        Bruce, could/should this be a part of the design of a reverse HTTP proxy?

        (I learn something from BruceK every day!)

      Feedback and Knowledge Base