Deployment and Installation Center
Websense TRITON Enterprise v7.6.x

Filtering Service can receive HTTP requests from Websense Content Gateway; an integrated firewall, proxy server, caching application; or Websense Network Agent.
In a multi-segmented network, Filtering Service must be installed in a location where it can both receive and manage Internet requests from the integration product and communicate with Network Agent.
Must have bidirectional visibility into Internet traffic to filter non-HTTP requests (such as instant messaging, chat, streaming media, and other Internet applications and protocols).
Multiple instances of Network Agent may be required in larger or distributed networks. Each Network Agent monitors a specific IP address range or network segment.
Using multiple Network Agents ensures that all network traffic is monitored, and prevents server overload. The required number of Network Agents depends on network size and Internet request volume.
As a network grows and the number of Internet requests increases, components can be deployed to additional, non-dedicated machines to improve processing performance on the dedicated machines.
You can deploy multiple Filtering Service instances, connected to one Policy Server. This is useful for remote or isolated sub-networks.
Network Agent can be deployed with the filtering components or on a separate machine. Network Agent should not be deployed on the same machine as response-critical components. For more information, see Deploying Network Agent.
Do not install Websense components on a domain controller or on a firewall machine.