Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page
Integrating Web Security with Microsoft Products > Configuring the ISAPI Filter plug-in to ignore specific traffic
Configuring the ISAPI Filter plug-in to ignore specific traffic
Deployment and Installation Center | Web Security Solutions | Version 7.7.x
 
Applies to:                                         
In this topic                                       
*
Web Filter and Web Security, v7.7.x
*
Configuring the ISAPI Filter plug-in to ignore specific traffic
*
Client computer configuration
*
Firewall configuration
Configuring the ISAPI Filter plug-in to ignore specific traffic
You can configure the ISAPI Filter plug-in to bypass both filtering and logging for certain traffic, based on the user name, host name, or URL. This may be used for a small group of Web sites or users, or for machines in a complex proxy-array or proxy-chaining configuration.
To prevent filtering and logging of this traffic, add the user names, host names, and URLs that you do not want Websense software to filter to the isa_ignore.txt file.
1.
On the TMG machine, open the isa_ignore.txt file in a text editor. This file is located in the Windows system32 directory.
 
* 
Important 
The default isa_ignore.txt file installed during a Websense upgrade or installation contains the following URL:
url=http://ms_proxy_intra_array_auth_query/
Do not delete this URL. It is used by TMG in a CARP array for communication. This URL must be ignored by Websense software to allow filtering and logging to work properly when multiple TMG instances are deployed in an array.
2.
Enter each user name, hostname, or URL that you want Websense software to ignore. Enter each item on its own line in the file, using the formats below.
*
User name: Enter the name of a user whose Internet requests should not be filtered or logged by Websense software:
username=<user_name>
Examples:
username=jsmith
username=domain1/jsmith
*
Hostname: Enter a destination hostname that Websense software should not filter or log user visits to:
hostname=<name>
Example:
hostname=yahoo.com
*
URL: Enter a URL that Websense software should not filter or log user visits to:
url=<URL>
Example:
url=http://mail.yahoo.com/
url=mail.yahoo.com/
 
* 
Note 
To assure that the correct format is available for all situations, it is recommended that you enter the same name in all available configurations. For example, make 2 entries for user name: one with and one without the domain. Make 2 entries for URL: one with and one without the protocol.
3.
Restart the TMG service.
Client computer configuration
Internet browsers on client computers should be configured to use TMG to handle HTTP, HTTPS, and FTP requests.
An exception to this configuration is browsers in an TMG environment using Firewall/Forefront TMG Clients or SecureNAT. These browsers must point to the same port, 8080, that TMG uses for each protocol.
See the browser online help for configuration instructions.
Firewall configuration
To prevent users from circumventing Websense filtering, configure your firewall or Internet router to allow outbound HTTP, HTTPS, and FTP requests only from TMG.
Contact your router or firewall vendor for information about configuring access lists on the router or firewall.
 
* 
Important 
If Internet connectivity of Websense software requires authentication through a proxy server or firewall for HTTP traffic, the proxy server or firewall must be configured to accept clear text or basic authentication to enable the Websense Master Database download.

Go to the table of contents Go to the previous page Go to the next page
Integrating Web Security with Microsoft Products > Configuring the ISAPI Filter plug-in to ignore specific traffic
Copyright 2016 Forcepoint LLC. All rights reserved.