The ICAP response headers that Symantec Protection Engine uses indicate the total number of violations that are found in the scanned data. If violations are detected, a series of indented lines that contain information about each violation follow the header.
By default, Symantec Protection Engine does not send the threat category name in the ICAP response header. However, you can modify the EnableThreatCategoryResp value to include the threat category name in the header.
When enabled, the field in the response header appears as "ThreatDescription" and contains the threat category name. The threat category name is appended to the virus name with a delimiter pipe; for example, ThreatDescription = <VirusName>|NonViralThreat=<CategoryName>.
After you modify the default setting using the command-line tool, restart the Symantec Protection Engine service
Symantec Protection Engine sends the threat category name.
Symantec Protection Engine does not send the threat category name
This parameter is only applicable with new ICAP services introduced in Symantec Protection Engine version 7.0 and later. For more information, see the Symantec Protection Engine Software Developer's Guide.
Imported Document ID: HOWTO79821
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe