ICAP

Default: 0

Enables (1) or disables (0) ICAP support with Data Security Suite (DSS). See Working With Web DLP.

Default: NULL

The Uniform Resource Identifier for the ICAP service.

A backup server can be specified in a comma-separated list.

Obtain the identifier from your Forcepoint DLP administrator. Enter the URI in the following format:

icap://hostname:port/path

<hostname> is the IP address or hostname of the Protector appliance.

<port> is 1344 by default.

<path> is the path of the ICAP service on the host machine.

For example:

icap://ICAP_machine:1344/ opt/icap_services

You do not need to specify the port if you

are using the default ICAP port 1344.

Default: 1

• 1 allows traffic when the ICAP servers are down
• 0 sends a block page if the ICAP servers are down

Default: 0

• 0 sends a block page if a file larger than the Forcepoint DLP size limit (default 50 MB) is sent.
• 1 allows traffic

Default: 1

• 0 sends decrypted traffic directly to its destination.
• 1 sends decrypted traffic to Forcepoint DLP for analysis.

Default: 1

When enabled (1), send native FTP upload file transfers to ICAP server for analysis.

Default: 5

The read/response timeout in seconds. The activity is considered a failure if the timeout is exceeded.

Default: 5

The recovery interval, in seconds, to test whether a down server is back up.

Default: 1

When to ICAP servers are specified:

• 1 distributes requests to all available servers
• 0 sends requests to only the primary server.