Enabling and disabling integration with a proxy server via ICAP
If you are using the distributed solution and multitenancy mode, use the web interface of the PCN or SCN server for which you want to configure parameters.
When a standalone proxy server is used, Kaspersky Anti Targeted Attack Platform does not provide encryption of ICAP traffic or authentication of ICAP clients by default. The application administrator must take steps to ensure a secure network connection between your proxy server and Kaspersky Anti Targeted Attack Platform by using traffic tunneling or iptables.
To enable or disable integration with a proxy server over ICAP:
- Select the Sensor servers section in the window of the application web interface.
The Server list table will be displayed.
- Select the Sensor component for which you want to configure integration with a proxy server over the ICAP protocol.
This opens the Sensor component settings page.
- Select the ICAP integration with proxy server section.
- In the State field, set the toggle switch to Enabled.
The Host field displays the URL of the Response Modification (RESPMOD) service that processes inbound traffic.
Use this URL to configure integration with Kaspersky Anti Targeted Attack Platform via ICAP on a proxy server in your company.
- Click Apply.
Integration with a proxy server over the ICAP protocol will be enabled.
If you have deployed the Central Node and Sensor components as a cluster, you can configure fault-tolerant integration with a proxy server.
To configure the fault-tolerant integration with the proxy server:
- Configure Round Robin on the DNS server for the domain name corresponding to the Central Node cluster.
- Specify this domain name in the proxy server settings.
Integration with the proxy server will be configured based on the domain name. The proxy server will communicate with a random server in the cluster. If this server fails, the proxy server will communicate with another healthy server in the cluster.
Page top