|
|
|
|
|
|
ICAP Headers
|
Values
|
Examples
|
|---|---|---|
|
Server
|
Deep Discovery Analyzer
version and build number
|
Server: Deep Discovery Analyzer 6.0 Build 1202
|
|
ISTag
|
Version of the Advanced Threat Scan Engine for Deep Discovery (Linux, 64-bit) component
This is used to validate that previous Deep Discovery Analyzer responses can still
be considered fresh by an ICAP client that may still be caching them.
|
ISTag: "10.300.1021"
|
|
Encapsulated
|
The offset of each encapsulated section's start relative to the start of the encapsulating message's body |
Encapsulated: req-hdr=0, req-body=147
|
|
Date
|
The date time value provided by the Deep Discovery Analyzer clock, specified as an RFC 1123 compliant date/time string |
Date: Thu, 04 Jan 2018 02:33:04 GMT
|
 |
NoteIf enabled, Deep Discovery Analyzer always returns the X-Response-Desc header, and only returns the X-Virus-ID
and X-Infection-Found headers when a known threat is detected during the pre-scanning
of samples
received from ICAP clients.
|
|
ICAP Headers
|
Values
|
Examples
|
|---|---|---|
|
X-Virus-ID
|
One line of US-ASCII text with the name of the virus or risk encountered
|
X-Virus-ID: TSPY_ONLINEG.MCS
|
|
X-Infection-Found
|
Numeric code for the type of infection, the resolution, and the risk description
|
X-Infection-Found: Type=0; Resolution=2; Threat=TSPY_ONLINEG.MCS;
|
|
X-Response-Desc
|
Reason Deep Discovery Analyzer considers
a URL or file sample as malicous or safe
|
X-Response-Desc: URL: No risk rating from WRS; FILE: Detected by ATSE
|
|
NoteTo enable these headers and configure other ICAP settings, go to .
For details, see Configuring ICAP Settings.
|