Complexity grows as capability evolves. Modern enterprise security infrastructure often processes growing data volumes while maintaining strict SLAs in high-throughput environments. Organizations processing terabytes daily can neither afford bottlenecks nor gaps in visibility or threat protection.
MetaDefender ICAP Server 5.11.0 continues to address this dual challenge: the need for speed and the demand for thorough protection. This release builds on that foundation with controls and optimizations that improve throughput and reduce bottlenecks, while preserving the same exceptional security performance that organizations and network administrators rely on for file security at the network perimeter.
在本版本中:
- Dynamic Load Balancing: Routes files to the optimal MetaDefender Core instance to streamline CPU usage and scan queues.
- Dynamic File Routing: Direct files by size or type to most suitable MetaDefender Core instance to ensure optimal performance across diverse content.
- New File Type Filtering UI: Lets administrators configure the designated server profiles based on file attributes, following OWASP’s best practice of validating true file types to prevent spoofing.
- Security Integrations: Includes SAML 2.0 support (ForgeRock), email threat protection (Rspamd), and automated credential management (BeyondTrust Password Safe).
Business Impact: Maintains SLA compliance, eliminates bottlenecks, and secure enterprise workloads efficiently.
MetaDefender ICAP Server:网络边界的文件安全
OPSWAT MetaDefender ICAP Server保护企业在网络边界免受基于文件的网络攻击。当恶意文件通过负载平衡器、WAF(网络应用程序防火墙)、MFT (托管文件传输)解决方案或任何其他ICAP网络安全设备时,全面的多层次安全技术会对其进行检测和防范。
All suspicious files traveling through your network traffic are blocked or sanitized before they are accessible to end users to protect against evolving cyberthreats. Sensitive data is redacted, removed, or blocked to help organizations meet security compliance standards.
Dynamic Load Balancing: Selects Optimal Resource for File Processing
挑战
High-volume environments can overwhelm individual processing MetaDefender Core instances. This potentially creates a cascading effect where overloaded MetaDefender Core instances continue receiving new files while already at capacity, causing persistent delays and SLA violations.
解决方案
The intelligent load balancing system optimizes resource utilization through real-time performance evaluation and dynamic traffic routing.
Deep CDR 如何运作
The Dynamic Load Balancing feature uses the /readyz API endpoint to gather three key metrics from each MetaDefender Core instance: CPU load, average duration time, and the number of files in the scan queue.
Dynamic File Routing: Auto-Route Files by Type and/or Size to the Specialized Resource
We introduced the File Type Filtering capabilities in version 5.9.0. This release continues to enhance its ability to validate file type early at the network perimeter.
挑战
Large files and archives create processing bottlenecks that impact overall system performance, forcing organizations to strike a balance between comprehensive security and operational efficiency.
解决方案
Automatically direct files to dedicated MetaDefender Core workflows based on attributes such as size and type – for example, large files or archives (e.g., 1GB-100GB or .RAR files) to a specialized instance, smaller files to standard workflows – so that all other traffic can be scanned without impact.
File Routing UI
To make file routing control accessible, MetaDefender ICAP Server 5.11.0 introduces an enhanced interface for creating custom scan rules. Administrators can now configure custom scan targets based on file attributes such as size and type. This allows administrators to control file routing without creating multiple workflows.
Go to Workflow Management > Scan to configure your target scanning servers.
- Enable attribute-based scanning: Target scans using specific file attributes such as type or size for more precise threat detection.
- Custom scan rules: Easily add scan servers and create tailored filters based on file type to sustain high throughput and file processing efficiency.
用例示例
Operational Use Cases
Network administrators can leverage this feature to eliminate processing bottlenecks by automatically routing files to cores optimized for their specific characteristics:
- Archive Processing: ZIP, TAR, 7Z files routed to cores with extended timeouts and archive-optimized scanning workflows
- Standard Documents: Office, PDF files processed through standard pipeline for sustained throughput
行业应用
Organizations across industries deploy Dynamic File Routing to address specific operational challenges while maintaining comprehensive security coverage:
- Financial Services: Archive files route to dedicated cores while transaction documents maintain sub-second processing
- Healthcare: Large medical imaging files process separately from standard patient documents
益处
- Dynamic Resource Allocation: Routes traffic to the most optimal MetaDefender Core instances based on real-time capacity.*
- Bottleneck Prevention: Avoids resource contraints on individual MetaDefender Core instances due to large, complex archives
- Ensures SLA Compliance: Consistent performance regardless of workload diversity, especially during peak load periods.
- Performance Improvement: Measurable gains in throughput and response times
- Maximizes ROI: Better utilization of existing infrastructure investment
- Reduces Operational Overhead: Automated optimization minimizes manual intervention
Upgraded Integrations Into Your Security Ecosystem
Advanced Identity Management: ForgeRock SAML 2.0 Enhancement
Expanding beyond basic SAML support, the enhanced ForgeRock integration addresses these authentication requirements:
- Assertion Decryption: Ensures authentication data remains protected through X.509 certificate-based encryption.
- Identity Provider Sign-In: Enables streamlined IdP-initiated authentication for improved user experience and security.
Email Security Integration: Rspamd for Email Malware Scanning
Rspamd is an open-source spam and email filtering solution. It also provides an ICAP interface for anti-malware scanning. Network administrators can now enable:
- Advanced Email Threat Protection: Incorporate MetaDefender ICAP Server’s malware multiscanning capabilities, along with other threat prevention technologies, directly into email workflows.
- Transparent Deployment: Configure Rspamd to utilize MetaDefender ICAP Server without disrupting existing email infrastructure.
Security Compliance Automation: BeyondTrust Password Safe
Strengthen credential security and compliance with automated password lifecycle management. The BeyondTrust Password Safe integration with MetaDefender ICAP Server enables:
- Automated Credential Retrieval: Retrieve rotated Active Directory account passwords directly from BeyondTrust Password Safe via API.
- Security Compliance: Eliminate static bind passwords while maintaining audit trails and privileged account security.
How Industries Apply MetaDefender ICAP Server 5.11.0
High-Throughput Financial Environments
Global financial institutions processing millions of transactions daily require security solutions that scale without compromise. The combination of Dynamic Load Balancing and File Routing ensures:
- Archive Processing Optimization: Large regulatory filings and backup archives process efficiently without impacting trading systems
- Real-Time Transaction Security: Sub-second scanning for payment processing and trading platforms
Healthcare Data Protection
Healthcare organizations managing diverse data types from patient records to medical imaging benefit from:
- Large File Optimization: MRI, CT scans, and diagnostic images process through specialized cores
- Standard Document Efficiency: Patient records and administrative documents maintain rapid processing
Insurance Claims Processing
Insurance providers handling complex claims with multiple document types achieve:
- Mixed Workload Management: Large claim packages route to dedicated processing while routine documents maintain fast turnaround
- SLA Consistency: Predictable processing times regardless of file diversity
- Operational Efficiency: Reduced resource contention and improved system utilization
File Security at the Perimeter for Enterprise Network Traffic
Level-up your security operations with MetaDefender ICAP Server's file security defense at the network perimeter. Schedule your personalized demo and see how you can apply load balancing, file routing, and multi-layered file security technologies into your existing security infrastructure.
发布详情
- 产品MetaDefender ICAP Server
- Release Date: October 14, 2025
- 版本说明: 5.11.0
- 从OPSWAT 门户网站下载
Learn More about MetaDefender ICAP Server or talk to our security experts.
