The purpose of this article is to provide initial guidelines for configuring the connection between the ProxySG and the Content Analysis System. For more information on this subject, refer to the latest integration guide for each CAS version located here (version 2.3.X as of this article):
This article assumes you are performing SSL Interception (decryption) for client machines that are going through the proxy. This is a requirement in order for the proxy to send HTTPS traffic for analysis (regardless of the deployment in use), so make sure you have an SSL Interception rule in place before you attempt configuring and testing this integration.
Also, after the initial configuration, make sure you install our best practices CPL code in order to avoid overloading the CAS with queued ICAP connections. Refer to this article for more information on this:
Once you have configured your CAS so that it is part of your network and that it has the relevant licenses installed you will then need to connect to your ProxySG and add the CAS unit as an ICAP service and configure it via policy as seen below: