Introducing OPSWAT MetaDefender ICAP Server with Windows Defender Antivirus

By: Peter Thayer
From: Microsoft Defender ATP

Applying world-class security solutions to hybrid environments: ICAP with Windows Defender Antivirus

 Microsoft recognizes customers’ needs for hybrid security solutions where the best components of Microsoft’s security suite can be utilized to ensure security of local components like large network storage arrays. Currently, Windows Defender Antivirus works with EMC solutions utilizing CAVA.

Now, in partnership with OPSWAT’s MetaDefender Advanced Threat Prevention Platform, antivirus scanning in Windows Defender Antivirus is available for on-prem and hybrid-cloud Internet Content Adaptation Protocol (ICAP) scanning. Customers requiring scanning for large, local storage arrays or cloud storage arrays can now utilize the industry-leading antivirus engine in Windows Defender Antivirus.

OPSWAT MetaDefender supports both ICAP file submission for scanning and REST-based submission.

What is ICAP AV scanning?

Internet Content Adaptation Protocol (ICAP) was introduced in 1999 by the ICAP forum. ICAP is a lightweight protocol designed to offload processing of Internet-based content to dedicated servers. The goal of ICAP, a lightweight HTTP-based RPC protocol, is to offload tasks like antivirus scanning onto specialized servers to increase network throughput. As an open protocol, the support of ICAP AV scanning for large storage arrays or secure web gateways is ubiquitous.  Most of these devices can be configured to forward files when they are open, written, or transferred to an ICAP AV scanner.

What is REST AV scanning submission?

Representative State Transfer (REST) is a style of web services which are simple to invoke and stateless, providing a scalable set of services and service interoperability. Because REST calls are stateless, load management can be efficiently controlled with simple load balancing mechanisms between servers.  REST’s simplicity and stateless nature tend to produce more robust service implementations than session-based services.

What this means for your hybrid environment

If your organization relies on Windows Defender Antivirus for threat identification, you can now use it to efficiently perform antivirus scans on storage arrays, network appliances, and cloud-based bulk storage (e.g., AWS S3 or Azure Blobs) using OPSWAT MetaDefender, which is AV-agnostic.

Customers can use Windows Defender Antivirus exclusively or combine multiple licensed AV scanning solutions on the same server. MetaDefender is highly scalable and built for high-performance traffic handling and scanning. Security policies for specific hosts, client machines or HTTP headers can be applied.

For hybrid cloud customers, MetaDefender with Windows Defender Antivirus can be used to scan AWS S3 storage, local SANs and NASs, or Document Management System. ICAP scanning provides efficient scanning on read/write access for bulk storage.

Windows Defender Antivirus is a leading antivirus solution in the market today. It consistently achieves top scores in industry tests. We have achieved with advanced machine learning technologies and extensive threat intelligence.  

The scale of Microsoft’s optics into endpoints makes our machine learning models highly effective. With our rich data set, its integration into the operating system, and growing cross-platform capabilities, Windows Defender Antivirus provides best-in-class endpoint threat detection.

How you can get the benefits of Windows Defender Antivirus on MetaDefender

For existing OPSWAT MetaDefender customers, you just need to add Windows Defender Antivirus as a component in your scanning package on the MetaDefender console. For customers looking for an ICAP scanning solution to secure their cloud storage or local infrastructure, contact MetaDefender for package information and licensing requirements. MetaDefender is released with both appliance and virtual solutions. You can tailor-fit a solution that’s optimized for your infrastructure and budget.

You can also use the MetaDefender’s cloud submission portal to analyze files and compare results across supported antivirus solutions.

We’ve got your back

With the recent general availability of Microsoft Defender ATP for Mac, Microsoft is delivering leading endpoint security solutions across platforms. support for security in hybrid cloud environments is another manifestation of Microsoft’s commitment to empower you to do more, whatever your infrastructure requirements.


Related Link

Sign up for Blog updates
Get information and insight from the leaders in advanced threat prevention.