Deployment and Installation Center
Websense TRITON Enterprise v7.6.x

Go to the table of contents Go to the previous page Go to the next page Go to the index
Web Security Gateway Anywhere (appliance-based)

Web Security Gateway Anywhere (appliance-based)
This section contains information and instructions for a Websense-appliance-based deployment of Websense Web Security Gateway Anywhere. In this deployment scenario, a Websense V10000, V10000 G2, or V5000 G2 appliance provides the majority of Web Security Gateway Anywhere functions. For information about a software-based deployment of Web Security Gateway Anywhere, see Web Security Gateway Anywhere (software-based).
The following illustration is a high-level diagram of a basic single-appliance-based deployment of Web Security Gateway Anywhere. Note that this illustration is intended to show the general distribution of components and does not include network details (such as segmenting, firewalls, routing, switching, and so forth).
Microsoft SQL Server is used to store Websense data (including log and reporting data). SQL Server must be obtained separately; it is not included as part of a Websense subscription. When installing Websense components, SQL Server must be installed and running, typically on its own machine as shown above. SQL Server Express (installed using the Websense installer) may be used in place of SQL Server. However, it is a best practice to use SQL Server Express only in non-production or evaluation environments.
TRITON management server is the term used to refer to the machine on which TRITON Unified Security Center is installed. This machine is used to manage your Websense deployment. It includes TRITON Infrastructure and any or all of the TRITON Unified Security Center modules (Web Security, Data Security, and Email Security). In Web Security Gateway Anywhere deployments, both the Web Security and Data Security modules of the TRITON Unified Security Center are enabled. Linking Service is typically installed on this machine. Additional components may also be installed on this machine. For example, Web Security Log Server and Real-Time Monitor (note that these components may be installed on another machine; they are not required to be located on the TRITON management server).
Sync Service and Transparent identification agents (DC Agent, Logon Agent, eDirectory Agent, and RADIUS Agent) must be installed on a separate machine from the appliance.
Small remote offices can be filtered through the Websense hybrid service. This is accomplished by designating a remote office as a hybrid filtered location. See Initial Configuration for more information.
Off-site users (e.g., telecommuters or traveling personnel) can be filtered using the Websense hybrid service or Websense Remote Filtering. To use the hybrid service, a PAC file or the Websense Web Endpoint is installed on the user's machine. This directs Web browsing to be filtered through the hybrid service according to policies in place. See Deploying Websense Endpoints for more information.
Websense Remote Filtering is accomplished using a Remote Filtering Server and Remote Filtering Client. Websense Remote Filtering Server is typically installed on its own machine in the network DMZ. Remote Filtering Server is used, in conjunction with Remote Filtering Client, to filter off-site users that are outside the corporate network. A combination of hybrid service and Remote Filtering can be used for off-site users—i.e., some filtered through the hybrid service, others filtered by Remote Filtering.
The above link goes to general instructions for creating a TRITON management server. In the case of Web Security Gateway Anywhere, choose to install both the Web Security and Data Security modules of TRITON Unified Security Center: when you reach the Installation Type screen of the Websense installer, select both Web Security and Data Security (under TRITON Unified Security Center).
Important 
Policy Broker and Policy server must already be running in your deployment prior to creating a TRITON management server.
If, during appliance setup (see Step 2 above), you chose to run the appliance in full policy source mode, then these components are already running.
You can choose to install them at the same time as TRITON Unified Security Center (on the TRITON management server) or install them


Go to the table of contents Go to the previous page Go to the next page Go to the index
Web Security Gateway Anywhere (appliance-based)