Enable nonviral threat categories information

The ICAP response headers that Symantec Protection Engine uses indicate the total number of violations that are found in the scanned data. If violations are detected, a series of indented lines that contain information about each violation follow the header.
By default, Symantec Protection Engine does not send the threat category name in the ICAP response header. However, you can modify the EnableNonViralThreatCategoryResp value to include the threat category name in the header.
When enabled, the field in the response header appears as "ThreatDescription" and contains the threat category name. The threat category name is appended to the virus name with a delimiter pipe; for example, ThreatDescription = <VirusName>|NonViralThreat=<CategoryName>.
After you modify the default setting using the command-line tool, restart the Symantec Protection Engine service.
For more information about ICAP response headers, see the
Symantec Protection Engine Software Developer's Guide
.
EnableNonViralThreatCategoryResp settings lists the EnableNonViralThreatCategoryResp settings.
EnableNonViralThreatCategoryResp settings
XPath
Field values
Default setting
/configuration/ProtocolSettings/ICAP/​ EnableNonViralThreatCategoryResp/​@value
  • True
    Symantec Protection Engine sends the nonviral threat category name.
  • False
    Symantec Protection Engine does not send the nonviral threat category name.
False