Using the Internet Content Adaption Protocol (ICAP)

Antivirus Administration Guide for Hitachi NAS Platform

Part Number

The Internet Content Adaption Protocol (ICAP) is an open standard being adopted to connect devices to enterprise-level virus scan engines. ICAP is becoming the preferred means of virus scanning over the previous RPC-based mechanism of virus scanning. RPC is a legacy remote procedure call interface that some scan engines support.

ICAP provides simple object-based content vectoring for HTTP services. ICAP is a protocol for executing a remote procedure call on HTTP messages. It allows ICAP clients to pass HTTP messages to ICAP servers for transformations or other processing (adaptation). The server executes its transformation service on messages and sends back responses to the client, usually with modified messages. Typically, the adapted messages are either HTTP requests or HTTP responses.

ICAP is primarily designed to facilitate the deployment of various value-added services to web serving systems. Inbound and outbound HTTP traffic can be modified by diverting requests or responses through an “ICAP Server”. This server performs content adaptation, such as ad insertion or virus scanning. ICAP is also used in non-web serving environments, such as NAS systems in which client/server protocols have similar requirements for content adaptation. In NAS platforms, ICAP virus scanning cleans file before they are sent. A client requests files, and the NAS platform delegates the task of ensuring these files are clean to external systems, called “scan engines”, before sending them to the client.

The ICAP feature does not require installation. It can be configured using the CLI or SMU. There are no special prerequisites in terms of hardware platform or licenses (ICAP is not a licensed feature). Virus scanning may impact performance when enabled as it adds an overhead when reading files as they are scanned. The performance impact will depend on the number of virus scan engines connected to the system and the dynamic nature of the data on the NAS system.

All virus scan related settings apply at the per-EVS level.