search cancel

SPE does not respond to non-secure ICAP requests after configuring SPE for secure ICAP

book

Article ID: 202900

calendar_today

Updated On:

Products

Protection Engine for Cloud Services

Issue/Introduction

After configuring Symantec Protection Engine (SPE) for Secure ICAP, it no longer will allow non-Secure ICAP.  Checking the ports running, the service no longer listens on 1344 (non-secure), but instead listens on 11344 (Secure). 

Environment

One of the following is installed:

  • SPE for Network Attached Storage (NAS) 8.x
  • SPE for Cloud Services (CS) 8.x

Resolution

This behavior is by design. 

For customers seeking to migrate from a non-secure ICAP to a secure ICAP, the best practice is to raise a new instance of SPE and configure the new instance for Secure ICAP. This methodology leaves the old instance in place servicing non-secure ICAP scan requests and provides a fallback contingency until migration is complete.