Deployment and Installation Center
Websense TRITON Enterprise v7.6.x

Library Search:


Go to the table of contents Go to the previous page Go to the next page Go to the index
Installing and Deploying Websense Endpoint Clients

Installing and Deploying Websense Endpoint Clients
Applies to
*
Data Security v7.6.3 and beyond
*
Web Security v7.6.2 and beyond
*
Web Security Gateway v7.6.2 and beyond
*
Web Security Gateway Anywhere v7.6.2 and beyond
In this topic
*
Overview
*
When to use Web Endpoint
*
When to use the Remote Filtering Client
*
When to use Data Endpoint
*
Endpoint solution system requirements
Overview
Websense, Inc., offers solutions for securing client workstations, laptops, and other endpoint devices from data loss and inbound Web threats when the devices are outside the corporate network.
The solutions are endpoint client software applications that run on the endpoint devices to block, monitor, and log transactions (like Internet requests) according to the organization's security and acceptable use policies. Administrators can create policies that provide full visibility into inbound and outbound traffic, but that don't restrict use of the device.
For Web security, the endpoint clients are:
*
Remote Filtering Client (see When to use the Remote Filtering Client)
*
Websense Web Endpoint (see When to use Web Endpoint)
And for data loss prevention (DLP):
*
Websense Data Endpoint (see When to use Data Endpoint)
Websense endpoint solutions include both server and client components. See System Requirements for information about the hardware and operating systems supported by endpoint components.
When to use the Remote Filtering Client
Websense Web Filter, Web Security, and Web Security Gateway (Anywhere) customers can use remote filtering software to monitor and filter Internet activity for endpoint devices (client machines) outside the network.
 
* 
Important 
In Web Security Gateway Anywhere deployments, Remote Filtering Client cannot be used for clients filtered by the hybrid service.
Remote filtering software has 2 components: Remote Filtering Client and Remote Filtering Server.
*
Remote Filtering Client is installed on each endpoint device (client machine).
*
Remote Filtering Service resides inside the network, and acts as a proxy to Websense Filtering Service.
Remote Filtering Client routes Internet requests to Remote Filtering Server, which forwards it to Filtering Service. The request is then evaluated to determine whether or not to permit the site.
By default, the remote filtering components monitor all HTTP, HTTPS, and FTP traffic and apply a user-based policy or the Default policy.
All communication between the client and server is authenticated and encrypted.
 
* 
Warning 
Remote Filtering Client cannot be installed on machines running Remote Filtering Server. That combination eventually causes filtering to fail.
When to use Web Endpoint
In Websense Web Security Gateway Anywhere deployments, Websense Web Endpoint can be used to secure client machines filtered by the hybrid service.
Web Endpoint provides transparent authentication, enforces the use of hybrid filtering policies, and passes authentication details to the hybrid service. It is designed for organizations that want to take advantage of in-the-cloud (security-as-a-service) Web filtering.
With Web Endpoint installed, Web traffic is routed via the hybrid proxies to control user access to Web content, according to the applicable filtering policies. Web Endpoint has 2 operation modes:
*
Web scanning and filtering. The endpoint client redirects HTTP and HTTPS traffic to the hybrid service with an encrypted token that identifies the user, enabling the correct policy to be applied and reporting data to be correctly logged. No password or other security information is included.
The endpoint client can be used with both full-tunnel and split-tunnel VPNs, ensuring that all Web traffic is scanned and filtered.
*
Proxy manipulation. For supported browsers, the endpoint client manipulates proxy settings in real-time. For example, if the endpoint detects it is at a hotspot, but the user has not finished registration, it removes its proxy settings until the gateway has successfully opened.
You can enable Web Endpoint for some or all machines filtered by the hybrid service.
When to use Data Endpoint
Data Endpoint is designed for organizations concerned about data loss originated at the endpoint, whether malicious or inadvertent. For example, if you want to prevent employees from taking sensitive data home on their laptops and printing it, posting to the Web, copy and pasting it, etc., you would benefit from this endpoint solution.
Websense Data Endpoint is a comprehensive, secure and easy-to-use endpoint data loss prevention (DLP) solution. It monitors real-time traffic and applies customized DLP policies over application and storage interfaces. You can also apply discovery policies to endpoints to determine what sensitive data they hold.
You can monitor user activity inside endpoint applications, such as the cut, copy, paste, print, and print screen operations. You can also monitor endpoint Web activities and know when users are copying data to external drives and endpoint devices.
Endpoint solution system requirements
System Requirements provides the operating system requirements for endpoint server and client components.
*
Find Web security requirements under "Web Security and Web Security Gateway," in the "Software deployments," "Client OS," and "Web endpoint" sections.
*
Find data security requirements under "Data Security," in the "Operating system" and "Data Endpoint hardware requirements" sections.

Quick Links



Go to the table of contents Go to the previous page Go to the next page Go to the index
Installing and Deploying Websense Endpoint Clients
(c) 2011 Websense, Inc. All Rights Reserved.