MetaDefender ICAP Server

Advanced Threat Prevention for Network Traffic

Cybercriminals relentlessly attempt to upload malware to your systems. Employees accidentally visit malicious websites or download harmful files and vulnerable software from the internet. Both internal and external users intendedly or unintendedly submit files containing sensitive data.

Enterprises need a powerful multi-layered cybersecurity system to prevent harmful, offensive or inappropriate content.

MetaDefender ICAP Server protects your systems and users by inspecting every file traveling through your network. Every file is scanned for malware and vulnerabilities. With custom policies and workflows, suspicious files can be blocked or deeply sanitized. Sensitive information is blocked, removed or redacted before leaving your network. All files are remediated, before they are accessible to the end user.

MetaDefender ICAP Server is a plug-and-play solution to protect your network against malicious internet content.

How an ICAP Server works

MetaDefender ICAP Server provides ICAP interface on top of MetaDefender Core to provide industry leading advanced threat protection. Any content routed through the ICAP interface will be scanned and processed before entering your network and reaching end users.

MetaDefender ICAP Server can seamlessly integrate with any ICAP enabled network appliances, including reverse proxies, web application firewalls, load balancers, forward proxies, web gateways, SSL inspectors, etc.

ICAP Server Benefits

  • Real-time comprehensive threat detection and prevention for your network
  • Protection from malicious file uploads at the gateway of your network
  • Protection against zero-day and advanced targeted attacks
  • Detect file-based vulnerabilities before they are installed.
  • No more sensitive data entering or leaving your organization without your discretion
  • Custom policies, workflow and analysis rules to meet your unique security needs
  • Simple integration with any ICAP enabled devices

ICAP Server Integration Use Cases

File Upload Security

Reverse Proxy / Web Application Firewall / Load Balancer

Hackers can bypass security and upload a new file or overwrite an existing file that can be used to launch a server-side attack. A hacked server can be used to distribute malware, demand ransom, or steal sensitive data. Protect application web servers from malicious file uploads using MetaDefender ICAP Server located before the entrance to your website.

Supports:F5 Advanced WAF™,F5 Big-IP® ASM™, F5 Big-IP LTM™, Symantec ProxySG

Web Traffic Security

Forward Proxy / Web Gateway / Firewall

Users are susceptible to tricks while browsing the web and sometimes reputable websites can be compromised.

Prevent malicious files from being downloaded from the internet by your users. Screen web traffic before it reaches your secured network using MetaDefender ICAP Server located at the gateway of your network.

Supports: Squid, ARA Networks JAGUAR5000,McAfee Web Gateway™, Fortinet FortiGate®

SSL Inspection

Most malware comes encrypted now to bypass network security methods. Use an SSL inspector to decrypt traffic and check for malware in those encrypted payloads. Integrate multiple MetaDefender features at the point of decryption for simplicity and agility using MetaDefender ICAP Server located in line with your SSL inspector.

Supports: F5 SSL Orchestrator™, A10 Networks Thunder® SSLi®

We've used OPSWAT technology for several years, in multiple integrations and in various products. Their reputation in the industry has just been stellar. I've worked in the industry for 30 years, and OPSWAT is a company I've always trusted and worked well with.

Joe Peck
Senior Director of Product Management, F5®

John Wagnon

Senior Solution Developer, F5 Networks

Outlines the power of combining F5® BIG-IP® Load Traffic Manager™ (LTM®) with MetaDefender ICAP Server to protect web applications against known and unknown threats.

Schedule a meeting with OPSWAT technical experts to learn how to use an ICAP Server to secure your network infrastructure