1. Knowledge Base
  2. CloudFS Maintenance

ICAP Operations

Internet Content Adaptation Protocol (ICAP) is a standard or URL modification, web cache management, and anti‐virus scanning of URL, HTTP posts, and file server files. The node uses ICAP as a client to send file content to antivirus servers for virus scanning.

Use the ICAP Un‐Quarantine page to determine whether an ICAP server is responding, to quarantine files if that has not been done by the ICAP server, and to release quarantine as needed.

To access ICAP operations options, navigate to the following page:

Maintenance > ICAP Operations

ICAP Options

The following table describes the node's diagnostic tools.

Packet Capture Option Description
ICAP Server Test
Test Communications

Enter the IP address or hostname of an ICAP server and click Test Communication to verify that the node can communicate with the server.

ICAP Log Displays the ICAP log.
ICAP File Quarantine
File path and name File path and name Specify the path of the file to quarantine or un‐quarantine.
Quarantine Quarantine the specified file.
Un‐Quarantine Remove quarantine status from the specified file.
Quarantine Status

Display the current quarantine status.

The following notes apply to the node's ICAP operations options:

  • This feature is available only if the ICAP license is installed.
  • Specify the ICAP parameters on the License Manager page.
  • If you have specify an ICAP server on the License Manager page, the IP address of the server is filled in automatically on the ICAP page. You can probe another server in this section by entering an IP address and clicking Probe Server. however, the address you enter is not saved.
  • Results of the server probe are displayed in a pop‐up window.
  • Quarantining of files is typically done by the ICAP server. If needed, you can manually quarantine or un‐quarantine files in the ICAP Un‐Quarantine page.
  • Any viruses that are found are listed in /var/log/avquarantine, which is accessible on the Maintenance > Diagnostics page.

ICAP Parameters

To use ICAP, specify the following ICAP parameters on the Configuration > Licenses Manager page under AS‐ICAP. See License Manager.

The following table lists the ICAP parameters.

Option Description
Port The default ICAP port is 1344. Change the value if the ICAP server is listening on a different port.
Service ICAP service name. This is ignored by most ICAP servers; however, some vendors require specific values. The most common service name is "avscan".
include‐files Comma‐separated list of of glob based file paths that will be scanned. Use * as a wildcard.
exclude‐files Comma‐separated list of of glob based file paths that will not be scanned. Use * as a wildcard.

Scan files when they are open for reading.


Scan files when they are closed following write operation.

denyonerror If no scanner is available or some system error has occurred, assume that the content is suspicious and deny client access.
allow206 Not currently supported.