ICAP Interface Support
▀ ICAP Interface Support Overview
▄ Cisco ASR 5x00 Packet Data Network Gateway Administration Guide
376
ICAP Interface Support Overview
This feature supports streamlined ICAP interface to leverage Deep Packet Inspection (DPI) to enable external
application servers to provide their services without performing DPI, and without being inserted in the data flow. For
example with an external Active Content Filtering (ACF) Platform.
A high-level view of the streamlined ICAP interface support for external ACF is shown in the following figure:
Figure 36.
High-Level View of Streamlined ICAP Interface with external ACF
The system with ECS is configured to support DPI and the system uses this capability for content charging as well.
WAP and HTTP traffic is content filtered over the ICAP interface. RTSP traffic that contains adult content can also be
content filtered on the ICAP interface. Only the RTSP Request packets will be considered for content filtering over the
ICAP interface.
If a subscriber initiates a WAP (WAP1.x or WAP2.0) or Web session, the subsequent GET/POST request is detected by
the DPI function. The URL of the GET/POST request is extracted and passed, along with subscriber identification
information and the subscriber request, in an ICAP message to the application server. The application server checks the
URL on the basis of its category and other classifications like, type, access level, content category and decides if the
request should be authorized, blocked, or redirected by answering to the GET/POST with:
A 200 OK message if the request is accepted.
A 302 Redirect message in case of redirection. This redirect message includes the URL to which the subscriber
must be redirected.
Deny-response code 200 for RTSP requests is not supported. Only 403 “Forbidden” deny-response code will be
supported.
Depending on the response received, the system with ECS will either pass the request unmodified, or discard the
message and respond to the subscriber with the appropriate redirection or block message.
Content charging is performed by the Active Charging Service (ACS) only after the request has been controlled by the
application server. This guarantees the appropriate interworking between the external application and content-based
billing. In particular, this guarantees that charging will be applied to the appropriate request in case of redirection, and