Configure the Proxy Server and ICAP Client

Archive Integration Guide › ICAP Agent › Integration Procedure for ICAP Clients › Configure the Proxy Server and ICAP Client

Configure the Proxy Server and ICAP Client

The proxy server must have an ICAP client installed. ICAP clients can process both requests and responses. See the documentation for your proxy server and ICAP client for full configuration details. For integration with CA DLP, you need to:

Ensure authentication is enabled on the proxy server: The authentication method encrypts the user's IP address and user name.
If authentication is not enabled, user credentials cannot be passed from the ICAP client to the ICAP agent.
Specify the ICAP agent port number: Specify the port assigned to the ICAP agent.
This must match the port specified by the AgentPort registry value. By default, this is 1344.
Specify the ICAP agent host machine: You need this to allow the ICAP client to route requests and responses to the ICAP agent.
For example, for Blue Coat ProxySG servers you must provide a service URL, formatted as shown below:
```
icap://<ipaddress>:CA Portal/<reqmod>|<respmod>
```
where:

<ipaddress> is the IP address of the ICAP agent host machine.

CA Portal specifies the port number used for communication between the ICAP client and ICAP agent. If you use the default port (1344), you can omit the port number from the URL.

<reqmod>|<respmod> identifies the type of event, an HTTP request or HTTP response.

In addition, you need to:
- Enable the ICAP v1 options Client Address and Authenticated User.
- Disable Preview Size for HTTP responses. This option is not supported by the CA DLP ICAP agent. If it is enabled, the ICAP agent may not work correctly.