Product Overview
OPSWAT MetaDefender ICAP Server provides advanced threat protection for network traffic. Through seamless integration with any ICAP-enabled network security appliance, MetaDefender ICAP Server scans and inspects all incoming file content before it reaches your organization’s network. With OPSWAT’s proprietary technologies: Deep CDR (Content Disarm and Reconstruction), Multiscanning, and Proactive DLP (Data Loss Prevention), MetaDefender ICAP Server protects enterprise networks from malicious file uploads, zero-day attacks, and sensitive data exposure.
Release Highlights
This release introduces the new centralized PostgreSQL database for efficient data management and deployment, along with other new and enhanced features.
New Database Management System: Centralized Database and Auto-Scaling Deployment
Effective management of multiple databases can be a challenge. To simplify this process and make deployment more efficient, we introduced the centralized database in this release, allowing customers to utilize one single database for multiple MetaDefender ICAP Server instances.
With the migration from SQLite to PostgreSQL as the new database management system, MetaDefender ICAP Server gains improved scalability, network-based database support, enhanced performance, and native high availability. Customers have the option to choose a standalone or shared database, and create a local PostgreSQL server or use a pre-installed remote PostgreSQL server. Learn more about Installation and Database Deployment Options
Benefits:
- Faster performance
- Concurrency support, allowing for more efficient resource utilization.
- Easy accessibility to data
- Auto-scaling capability
- High availability
The data migration occurs automatically in the background during product upgrades. For large-scale database migrations, which may require downtime, MetaDefender ICAP Server provides web-based migration instructions to facilitate the seamless transition from SQLite to PostgreSQL. Upgrade to MetaDefender ICAP Server 5.2.0 guide
Allow Traffic if MetaDefender Core is Unavailable
In the case of MetaDefender Core being unreachable, this version provides an option to mark ICAP requests as “ALLOWED”. Users can configure this option under Workflow Management > Advanced > Core Became Unreachable.
Options-TTL for OPTIONS method
A new option has been implemented to enable or disable the Options-TTL header in the response for the OPTIONS command. This feature supports integration with Oracle ZFS.
Other Updates
- Support to handle files processed by Proactive DLP: Besides sanitized files, now MetaDefender ICAP Server can handle Proactive DLP-processed files returned from MetaDefender Core.
- Optimized connection with MetaDefender Core: The number of sockets remains constant while working with MetaDefender Core, allowing efficient utilization without exhausting system resources.
- Single Sign-On - Azure ODIC enhancement: User information from the ID token (in JWT format) obtained from the authorization endpoint is now used instead of the UserInfo endpoint.
- Security enhancements: Upgraded third party dependencies, including Curl 8.1.2 (formerly 8.0.1), and default TLS version 1.3.
- Minor bug fixes
Release Details
- Product: MetaDefender ICAP Server
- Release Date: 12 July 2023
- Release Notes: 5.2.0
- Download from OPSWAT Portal
For more information, talk to our cybersecurity experts.
