Deployment and Installation CenterWebsense TRITON Enterprise v7.6.x
Deployment and Installation Center
|
|
|
|
Web Security Gateway Anywhere and Email Security Gateway (V10000 G2)
|
Web Security Gateway Anywhere and
Email Security Gateway (V10000 G2)This section contains information and instructions for deploying Websense Web Security Gateway Anywhere and Email Security Gateway (Anywhere) based on a Websense V10000 G2 appliance running in Web and Email Security mode.The following illustration is a high-level diagram of a basic appliance-based deployment of Web and Email Security Gateway. Note that this illustration is intended to show the general distribution of components and does not include network details (such as segmenting, firewalls, routing, switching, and so forth).The Websense hybrid Web Security service can provide Web filtering for small remote offices. This is accomplished by designating a remote office as a hybrid filtered location. See Initial Configuration for more information.Either the hybrid service or Websense Remote Filtering can provide Web filtering for off-site users (e.g., telecommuters or traveling personnel). To use the hybrid service, a PAC file or the Websense Web endpoint is installed on the user's machine. This directs Web browsing to be filtered through the hybrid service according to policies in place.To use Websense Remote Filtering, Remote Filtering Client must be installed on the off-site machine. It works with Remote Filtering Server (see below).If your subscription includes Email Security Gateway Anywhere, you can enable the Websense hybrid email service. This is an in-the-cloud service that provides an extra layer of email scanning, stopping spam, virus, phishing, and other malware attacks before they reach the network and considerably reducing email bandwidth and storage requirements. You can also use the hybrid service to encrypt outbound email before delivery to its recipient.Websense Remote Filtering is accomplished using a Remote Filtering Server and Remote Filtering Client. Websense Remote Filtering Server is typically installed on its own machine in the network DMZ. Remote Filtering Server is used, in conjunction with Remote Filtering Client, to filter off-site users that are outside the corporate network.The Websense V10000 G2 appliance provides the majority of Web and Email Security Gateway functions. Web traffic is directed through the Websense appliance for filtering.Incoming email flows from the hybrid email service (if enabled) to the Websense appliance and to your mail server. The Websense appliance also provides the Personal Email Manager facility for end users to manage quarantined email.A separate TRITON management server is required. TRITON management server is the term used to refer to the machine on which TRITON Unified Security Center is installed. This machine is used to manage your Websense deployment. It includes TRITON Infrastructure and all of the TRITON Unified Security Center modules (Web Security, Data Security, and Email Security).The Data Security module of the TRITON Unified Security Center works with the Websense appliance to provide Web and email DLP (data loss prevention) features.Linking Service is typically installed on this machine. Real-Time Monitor, Web Security Log Server, and Email Security Log Server may also be installed on this machine (note that these components may be installed on another machines; they are not required to be located on the TRITON management server).Microsoft SQL Server, running on a Windows server in your network, is used to store Websense logging and reporting data. Quarantined email are also stored here.SQL Server must be obtained separately; it is not included as part of a Websense subscription. When installing Websense components, SQL Server must be installed and running, typically on its own machine as shown above. SQL Server Express (installed using TRITON Unified Security Setup) may be used in place of SQL Server. However, it is a best practice to use SQL Server Express only in non-production or evaluation environments.Sync Service and Transparent identification agents (DC Agent, Logon Agent, eDirectory Agent, and RADIUS Agent) must be installed on a separate machine from the appliance. Also, you can install additional instances of some Web Security filtering components on off-appliance machines.The link above goes to general instructions for creating a TRITON management server. As you follow those instructions, choose to install all three modules of the TRITON Unified Security Center. This is done in the Installation Type screen of TRITON Unified Security Setup. When you reach that screen, select Web Security, Data Security, and Email Security (under TRITON Unified Security Center).
|
|
|
|
|
Web Security Gateway Anywhere and Email Security Gateway (V10000 G2)
|
