Opens the Websense Protector Installation Wizard. The user can also run wizard securecomm to go directly to the registration stage of the Wizard, where Data Security Manager details are entered.

date is also a native Linux command. Root users can access the CLI command by running it with its full path: /opt/websense/neti/bin/date.

If the -d option is given, the date is displayed or set using an all digit format (mm/dd/yyyy, for example: 02/21/2006). Otherwise, a dd-mmm-yyyy format is used. dd is the day of the month [01 to 31] mmm is the month in abbreviated 3-letter format [Jan, Feb, Mar, etc.] yyyy is the year [2006, 2007]

time is also a native Linux command. Root users can access the CLI command by running it with its full path: /opt/websense/neti/bin/time.

-u sets the time in UTC
-h displays a short usage message HH:MM:SS HH is the hour [00 to 24]
MM is the minutes [00 to 59]
SS is the seconds [00 to 59]

list: displays a complete list of time zones that can be set in the Websense Protector show: displays the time zone set in the Websense Protector (default option) set timezone: sets the time zone. The set command must be followed by the name of the time zone to be selected, as listed using the list command. Note that the names of the time zones are case-sensitive.

When no argument is given, show is assumed.

Root users must access the CLI command by running it with its full path: /opt/websense/neti/bin/info.

cpu: displays the protector's CPU usage information.
memory: displays the protector memory usage information.
network: displays the protector's network settings including hostname, domain name, IP address and routing table.
diag: creates a diagnostic file to be used by Websense technical services.
uptime: displays the amount of time the protector has been up and operational.
features: lists all the possible features available on this protector and what they can do (monitor or block)
hardware: displays hardware information including which network cards are installed.
stats: displays traffic statistics for each protocol being monitored; this is useful to verify the operational status of the Protector.
stats reset: resets all statistics counters to zero.

This command allows a user to collect statistics about network behavior over time. It does so by running info stats at specified intervals for a given number of times. The collected statistics are saved in a CSV file for easy manipulation and analysis in spreadsheet tools such as Microsoft Excel. The resulting file is saved as opt/pa/log/collect_stats.csv.gz

-d: delete previously recorded statistics information file, if one exists interval: the interval in seconds between two runs that take a snapshot of the statistics.
count: how many times the statistics snapshot should be taken.

list: displays a list of DNS servers in the protector
delall: deletes all DNS servers set in the protector
add: adds a DNS server specified by its IP address to the protector
del: deletes the DNS server denoted by the specified IP address

list: displays a list of configured default domain names in the protector
delall: deletes all default domain names set in the protector
add: adds a default domain name specified by domain to the protector

Use the -m switch to set a domain as main. The main domain is the domain that the protector is actually is a member of. Without the –m switch a 'search domain' is created. For the protector to resolve a domain this domain is searched as well. There may be many 'search domains' but only one main domain.

del: deletes the default domain name denoted by domain from the protector

ipaddr: when given, the ipaddr is used as a default gateway for the protector.
list: shows the configured default gateway.
delete: deletes the defined default gateway.

name: if given, the host name is set to the name given. Otherwise, the host name is displayed.

Configures and displays the protector's network interface information. When invoked without arguments or with the list option, the command displays a list of all available interfaces in the system. When invoked with only an interface name, the command shows detailed information about that interface. Any other invocation method configures the interface denoted in ifname.

ip: the IP address denoted by ipaddr is assigned to the interface. This option is valid only for the management interface. When setting ip, the prefix and bcast options must also be set
prefix: network mask of the interface. For example: 24 (will assign 255.255.255.0 mask to the interface)
bcast: broadcast address of the interface. For example: for an interface with the IP address 192.168.1.1/24, the broadcast address is usually 192.168.1.255.
speed: interface link speed. Available speeds: auto, 10, 100, 1000
duplex: interface link duplex. Available duplex options: auto, half, full
mgmt: sets the interface as the management interface of the protector. The previously defined management interface can no longer be used for management purposes.
enable, disable: enables or disables the interface (default is enable)
descr: assigns a short description for the interface. Note that if the description contains spaces, it must be enclosed within quotation marks ("").

list: displays the routing table of the Protector
add: adds a route to a network or IP
del: deletes a route to a network or IP

The user command allows you to define additional users who can access the system. Each user has a profile that defines the operations available to users. Available profiles:
admin: all commands are allowed
netadmin: only networking related commands are allowed
policyadmin: only the policy command is allowed

add: add a user with the given profile and password
del: delete a user
mod: modify a user's profile and/or password
list: display a list of all defined users and their profiles

show: displays the current active filters - monitored networks
set: defines a list of monitored networks
delete: deletes previously set filter rules

Sets the protector to monitor all TCP traffic to/from 10.0.0.1 and ignore all other hosts in the network. If VLAN is used, it should be listed first in the filter (vlan and tcp, not tcp and vlan).