Deploying Web Security core components

Technical Library | Support

Go to the table of contents

Go to the previous page

Go to the next page

Web Security Deployment Recommendations > Deploying Web Security core components

Deploying Web Security core components

Deployment and Installation Center | Web Security Solutions | Version 7.7.x

Web Filter, Web Security, Web Security Gateway, and Web Security Gateway Anywhere, v7.7.x

Core policy components

Core management components

Core reporting components

This section of the Deployment and Installation Center describes the core components required by all Websense Web Security solutions, and explains how they are typically distributed.

For information about how a deployment can be extended beyond the core components, see Extending your Web Security deployment and Deploying transparent identification agents.

If you have a Web Security Gateway solution, also see Content Gateway Deployment.

Additional information for distributed enterprise deployments is available in Deploying Web Security for a distributed enterprise.

Core policy components

To ensure effective filtering, Websense Web Security core management components must be installed so that:

All components can communicate with a central installation of Policy Broker.

There can be only one Policy Broker instance per deployment.

In software installations, Policy Broker can run on Windows or Linux.

With Websense appliances, Policy Broker is present on the full policy source appliance only.

Most components must be able to communicate with Policy Broker on port 55880. (The exceptions are all optional components: transparent identification agents, State Server, Multiplexer, Linking Service, and Directory Agent.)

There is a central instance of Policy Server.

In software installations, the central Policy Server instance runs on the Policy Broker machine.

With Websense appliances, Policy Server is present on the full policy source appliance.

Additional instances of Policy Server can be deployed on Windows or Linux machines, or on user identification and filtering appliances.

Most components must be able to communicate with Policy Server on ports 55806 and 40000. (The exceptions are Remote Filtering Server and State Server.)

At least one instance of Filtering Service communicates with the central Policy Server.

In software installations, Filtering Service can run on the same machine as Policy Broker and Policy Server.

With Websense appliances, a Filtering Service instance is present on the full policy source appliance.

Additional instances of Filtering Service can be deployed on Windows or Linux machines, or on either user identification and filtering (includes Policy Server) or filtering only (must point to a remote Policy Server) appliances.

Filtering Service is configured to receive HTTP(S) requests from one of the following:

Content Gateway (Websense Web Security Gateway or Gateway Anywhere deployments).

Network Agent (Websense Web Filter or Web Security standalone deployments).

An integrated third-party firewall, proxy server, or caching application (Websense Web Filter or Web Security integrated deployments).

Core management components

The TRITON Unified Security Center (TRITON console) is the centralized management console for Websense Web, data, and email security solutions. The TRITON console includes global administrator settings and appliance connection data, as well as 3 management modules: Web Security, Data Security, and Email Security.

TRITON - Web Security is the console used to perform product configuration, policy management, and reporting tasks for Websense Web Security solutions.

Install all TRITON Unified Security Center components on a single Windows server (sometimes called the TRITON management server).

For evaluation and demonstration purposes, TRITON - Web Security is available on Websense appliances.

As a best practice, use a separate, Windows-based TRITON management server for production environments.

TRITON - Web Security must be able to communicate with:

Policy Broker on port 55880

Policy Server on ports 40000, 55806, 55817, 55818, and 55824

Filtering Service on port 55807

Log Server on ports 55812 and 55805

User Service on port 55815

Core reporting components

Web Security Log Server receives information about Internet activity from Filtering Service and processes it into the Log Database.

Install Log Server on a dedicated Windows server.

Log Server does not run on Websense appliances.

Because collecting and processing log records is resource-intensive, Log Server should typically not run on the same machine other resource-sensitive components, like the TRITON console or Filtering Service.

The Log Database resides on a supported Microsoft SQL Server machine.

Do not run Log Server on the SQL Server machine.

By default, Log Server communicates with SQL Server on the default ODBC port (1433). A custom port can be specified during installation. See Using a custom port to connect to the Log Database.

The TRITON console machine must be able to communicate with Log Server and the Log Database.

Go to the table of contents

Go to the previous page

Go to the next page

Web Security Deployment Recommendations > Deploying Web Security core components

Copyright 2016 Forcepoint LLC. All rights reserved.