Technology Alliance


OPSWAT MetaDefender® is a leading advanced threat prevention platform built on five technology engines: data sanitization (CDR), multi-scanning, vulnerability scanning, data loss prevention (DLP), and archive extraction.

MetaDefender ICAP Server seamlessly integrates into BIG-IP Local Traffic Manager (LTM), Advanced WAF, and SSL Orchestrator to detect and block malicious files before they reach web applications. The solution helps organizations mitigate or prevent a file upload attack via technology specialized on rooting out file-based threats.

Together, F5 and OPSWAT:

Protect web applications served by BIG-IP LTM, Advanced WAF, and SSLO, MetaDefender ICAP Server against file upload attacks – a major source of breaches and denial of service.    

Prevent zero-day exploits in documents, such as embedded malware in macros or hyperlinks with no signature.


Identify software vulnerabilities of applications and their binaries when visible to BIG-IP LTM, Advanced WAF, and SSLO.

Prevent targeted attacks by scanning network traffic with 30+ anti-malware engines, either on-premises or in the cloud.

Support over 30 file types to prevent unknown threats and document-borne zero-day attacks.

OPSWAT MetaDefender’s Data Sanitization engine represents the leading CDR technology on the market, protecting organizations from the widest set of file type attacks. It eliminates potentially insecure aspects of files and reconstructs them before receiving them through a web portal file upload.

file icon

File Type Support

100+ Data Sanitization transformations support over 30 file types and options for post-processing usability.

workflows icon

Custom Workflows

Process files in any order desired, before or after scanning, or multiple times. The Workflow Engine can be set up either manually or programmatically. 

Security icon

File Type Verification

Metadefender mitigates the risk of spoofed file types by blocking files with incorrect extensions, like EXE files masquerading as TXT files.

Scan icon

High Performance File Scanning

Most file scanning takes place in sub-second time, providing immediate advanced threat prevention for web applications receiving a high volume of files or needing immediate response. 

Additional resources

Read the ICAP Server Configuration guide

Read the MetaDefender deployment guide

Visit DevCentral

Talk to an F5 representative