Add Content Analysis for In-Path Threat Detection

When you add Symantec Content Analysis to the ProxySG, an ICAP service is automatically created. The first Content Analysis configured takes the service name proxyav1 and is a member of the proxyav service group.

  1. Log in to the ProxySG Management Console.

  2. Select Configuration > Threat Protection > Malware Scanning.

    1. Click New. The Add CAS/ProxyAV ICAP Server dialog opens.
    2. Enter the Server host name or IP address for Content Analysis.
    3. Select the ports per your deployment. You must specify the same ICAP ports on the ProxySG and Content Analysis.

      • The default is plain ICAP connections.
      • If you enabled (or plan to enable) secure ICAP connections between the ProxySG and Content Analysis, select that option.
      • (Optional) If you enable secure connections, you can select the plain ICAP connections option as well. When you do so, non-secure services, such as HTTP and FTP, are scanned using the plain ICAP connection and secure services, such as HTTPS, are scanned using the secure ICAP connection.
    4. Click OK.
  3. Click Apply.

Next Step: Enable Malware Scanning