I have been testing a lot in regard to ICAP Feedback settings on a ProxySG and how it will influence the user experience.
You have 4 options to send the data from the ProxySG as you are scanning the data through an ICAP server.
- Do nothing special.
- Patience page. (This option is not available for non-interactive traffic)
- Trickle from start.
- Trickle at end.
Not doing anything may work in same cases but will get you in a heap of trouble if you start to do downloads or the data is not presented fast to the user-agent (aka: webbrowser).
The patience page can be a nice way to interact with your users on large downloads. You get actual information on the progress of the download. But it is ugly to look at. And it does not work well in a lot of cases.
The two ways to trickle data to the user seem to be the best options.
Trickle from start works by sending a small amount of data to keep the user-agents happy untill the data has been scanned. This is a safe option. But it fails miserable on some sites as the user-agent is missing data and starts to break the layout of your website completely.
Trickle at end sends out most of the data to the user-agent but will leave something behind untill the ICAP server is done. This is not safe in theory as you may pass on malicious data. From all my tests I can’t say you can manage to pass malware to the user-agent.
My recommendation is simple. Using Trickle at end will get the best results without compromising security. In order to get a good response I use a delay of 3 seconds.
The drawback is that downloads seem to behave rather oddly. They seem to go quite fast untill near the end where they seem to stall almost completely. But I prefer that over the risk of websites not showing up correctly at all.
junk email filter