About supported protocols for Symantec Protection Engine
Table: Supported protocols lists the supported protocols that client applications can use to send scan requests to Symantec Protection Engine.
Table: Supported protocols
Symantec Protection Engine implements a TCP/IP protocol to provide scanning functionality to client applications. This protocol is text-based, like HTTP or SMTP. It uses ASCII commands and responses to communicate between the client and the server.
To scan a file, a client connects to the default IP port. It sends the file to be scanned and then reads the results of the scan. After the client receives the scan results, the client and server disconnect and must initiate a new connection to scan each subsequent file.
ICAP is a lightweight protocol for executing a remote procedure call on HTTP messages. ICAP is part of an architecture that lets corporations, carriers, and ISPs dynamically scan, change, and augment Web content as it flows through ICAP servers. The protocol lets ICAP clients pass HTTP messages to ICAP servers for adaptation. Adaptation might include some sort of transformation or other processing, such as scanning or content filtering. The server executes its transformation service on the messages and responds to the client, usually with modified messages. The adapted messages might be either HTTP requests or HTTP responses.
In a typical integration, a caching proxy server retrieves the requested information from the Web. It caches the information and serves multiple requests for the same Web content from the cache, where possible. A caching proxy server can use ICAP to communicate with Symantec Protection Engine. It can also request the scanning of the content that is retrieved from the Web.
A proprietary Remote Procedure Call (RPC) protocol
Remote procedure call (RPC) is a client/server infrastructure that increases the interoperability and portability of an application. RPC lets the application be distributed over multiple platforms. The use of RPC frees the developer from having to be familiar with various operating systems and network interfaces. RPC simplifies the development of applications that span multiple operating systems and network protocols. The semantics of the remote procedure call remain the same whether or not the client and server are on the same computer.
Symantec Protection Engine uses a proprietary scanning protocol with the MS-RPC protocol to interface with client applications. This protocol is supported only on Windows 2008 Server or Windows 2012 Server. Any appropriate client can use RPC to communicate with Symantec Protection Engine to request the scanning and repairing of files.