Example Scenerio
Information relavent to the following example:
• The ICAP server is designed to do proprietary content filtering specific to the organization so it will have to receive the messages and sent back appropriate responses.
• The content filter is a required security precaution so it if the message cannot be processed it is not allowed through.
• Resources on both the Fortigate and the ICAP server are considerable so the maximum connections setting will set at a double the default value to analyse the impact on performance.
• The ICAP server’s IP address is 172.16.100. 55.
• The path to the processing component is “/proprietary_code/content-filter/”.
• Streaming media is not something that the filter considers, but is allowed through the policy so processing it would be a waste of resources.
• The ICAP profile is to be added to an existing firewall policy.
• It is assumed that the display of the policies has already been configured to show the column “ID”.
1. Enter the following to configure the ICAP server:
Go to Security Profiles > ICAP > Server.
Use the following values:
Name | content-filtration-server4 |
IP Type | 4 |
IP Address | 172.16.100.55 |
Port | 1344 |
Use the CLI to set the max-connections value.
config icap server
edit content-filtration-server4
set max-connections 200
end
2. Enter the following to configure the ICAP profile to then apply to a security policy:
Use the following values:
Name | Prop-Content-Filtration |
Enable Request Processing | enable |
Server | content-filtration-server4 |
Path | /proprietary_code/content-filter/ |
On Failure | Error |
Enable Response Processing | enable |
Server | content-filtration-server4 |
Path | /proprietary_code/content-filter/ |
On Failure | Error |
Enable Streaming Media Bypass | enable |
3. Apply the ICAP profile to policy:
The purposes of this particular ICAP profile is to filter the content of the traffic coming through the firewall via policy ID#17
a. Go to Policy > Policy > Policy.
b. Open the existing policy ID# 17 for editing.
c. Go to the section Security Profiles.
d. Select the button next to ICAP so that it indicates that it’s status is ON.
e. Select the field with the profile name and use the drop down menu to select Prop-Content-Filtration.
f. Select OK.