When trying to bypass RTMP traffic using KB4673, some RTMP traffic still matches the icap policy and fails due to icap scanning.
In KB4673 it discusses how to bypass and match RTMP protocol types from being sent to antivirus scanning. This works for the majority of RTMP traffic.
To resolve this issue add the following CPL code to your local files polices.
1- Go to Configuration > Policy > Policy Files > Install local file from: " Select "Text Editor" can click install.
2- At the bottom of the policy or within the CPL code provided from KB4673 add the following to KB4673 under the section labeled:
;Condition 2: defining streaming media mime types for filter identification
define condition MEDIA_MIME_TYPES
response.header.Content-Type="application/x-fcs"
3- Click Install.
Now RTMP traffic that matches this application type will not be