Disable Trickling when using External Services or Malware Scanning

book

Article ID: 169244

calendar_today

Updated On:

Products

Asset Management Solution Data Center Security Monitoring Edition Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

Cause

In some cases, we may need to disable the trickling for specific sites so that the ProxySG/ASG does not restart the client's connection. How to do this depends on your ICAP configuration settings, more specifically,  on whether you are using the External Services or Malware Scanning features. In order to disable this feature, we need to apply specific CPL code to the Local Policy File or a CPL Layer within the VPM.

Resolution

External Services

Use the following CPL code:

;=================================================
; Disable Trickling for specified sites using External Services
;=================================================

<proxy>
condition=No_Trickle_Sites response.icap_feedback(no)

define condition No_Trickle_Sites
url.domain=example.com
end condition No_Trickle_Sites

;=================================================

Malware Scanning

Use the following CPL code:

;================================================= 
; Disable Trickling for specified sites using Malware Scanning
;================================================= 

<proxy Bypass_BC_malware_scanning_solution>
policy.Bypass_BC_malware_scanning_solution ; Creates a new layer after the Malware Scanning layers.

define proxy policy Bypass_BC_malware_scanning_solution
<proxy Bypass_BC_malware_scanning_solution >
condition=No_Trickle_Sites condition=ShouldScanHighPerformance response.icap_feedback(no)
end

define condition No_Trickle_Sites
url.domain=example.com
end condition No_Trickle_Sites

;=================================================