Support Center > Search Results > SecureKnowledge Details
ICAP Server support for Threat Prevention Technical Level


  • This feature is now available in the R80.20 (GA) Security Gateway and Security Management. 

ICAP Server can work with the Threat Emulation and Anti-Virus blades only. Any other blades in a Threat Prevention profile will be ignored.

To activate the ICAP Server in a Security Gateway object in SmartConsole, you must first enable Threat Emulation and/or Anti-Virus blade in that Security Gateway object.

Upon ICAP Server activation, an auto-generated rule is created in the Threat Prevention rule base, as in MTA. This rule is installed on all Security Gateways with active ICAP Server.


  • ICAP Server has only one rule that must be located in an upper rule (alongside with MTA) of the Threat Prevention policy.
  • ICAP Server supports only Anti-Virus deep-scan. Any additional functionality, such as MD5 hash, URL reputation, and signature based protection, is not supported for this flow.
  • There are no network based rules or exceptions that are related to ICAP rule / profile.
  • VSX is not supported.
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document