Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page
Integrating Web Security with Cisco > User-based filtering for Cisco integration
User-based filtering for Cisco integration
Deployment and Installation Center | Web Security Solutions | Version 7.7.x
 
Applies to:                                         
In this topic                                       
*
Web Filter and Web Security, v7.7.x
*
Overview
*
Enable protocol filtering
Overview
If http, https or ftp authentication is enabled on Cisco Security Appliance, Websense User Service must be installed in the same domain (Windows), or the same root context (LDAP) as authenticated users in order to get correct user information to the Websense Filtering Service component for accurate user-based filtering.
 
* 
Note 
Cisco Secure ACS can provide user information for one domain only. To transparently identify users in multiple domains, use a Websense transparent identification agent. See the Websense Deployment and Installation Center for information about installing transparent identification agents.
If user authentication is not enabled on Cisco Security Appliance, manual authentication or transparent identification agents can be used for user-based filtering. See the TRITON - Web Security Help for information about configuring manual authentication, or configuring transparent identification agents.
Enable protocol filtering
If user authentication information is provided by Cisco Security Appliance, it can only be used for HTTP(S) and FTP filtering by default.
To enable internet protocol filtering, follow these steps:
1.
Log on to the machine on which Filtering Service is installed.
2.
Stop Filtering Service (See Stopping and starting Websense services in the Installation Guide).
3.
Navigate to C:\Program Files\Websense\bin (or, /opt/Websense/bin on Linux).
4.
Open eimserver.ini.
5.
Add the parameter "CacheWISPUsers=on" in the [WebsenseServer] section.
6.
Restart Filtering Service (See Stopping and starting Websense services in the Installation Guide).
If user authentication is provided by manual authentication or transparent identification agents, it can be used for both HTTP(S), FTP and internet protocol filtering.

Go to the table of contents Go to the previous page Go to the next page
Integrating Web Security with Cisco > User-based filtering for Cisco integration
Copyright 2016 Forcepoint LLC. All rights reserved.