Go to the table of contents Go to the previous page Go to the next page
Initial Configuration for All Websense Modules > Additional configuration for Web Security Gateway Anywhere
Additional configuration for Web Security Gateway Anywhere
Deployment and Installation Center | Web Security Solutions | Version 7.8.x
In addition to the items under Web Security initial configuration, perform these procedures if your subscription includes Web Security Gateway Anywhere.
Confirm Content Gateway registration with Data Security
Content Gateway registers with Data Security automatically. To ensure that registration is successful:
*
*
*
After registration, the IP address can move to another network interface.
If registration fails an alarm displays in Content Gateway Manager.
1.
2.
In Content Gateway Manager, on the Configure > My Proxy > Basic > General page, in the Networking section confirm that Data Security > Integrated on-box is enabled.
3.
Alternatively:
a.
Go to Configure > Security > Data Security and enter the IP address of the Data Security Management Server.
b.
c.
Click Register.
After Content Gateway has registered with Data Security, in Content Gateway Manager go to Configure > Security > Data Security and set the following options:
1.
Analyze FTP Uploads: Enable this option to send FTP uploads to Data Security for analysis and policy enforcement.
2.
Analyze Secure Content: Enable this option to send decrypted HTTPS posts to Data Security for analysis and policy enforcement. SSL Manager must be enabled on Content Gateway.
These options can be accessed whenever Data Security is registered by going to the Configure > Security > Data Security > General page.
3.
Click Apply and restart Content Gateway.
Data Security and the proxy communicate over ports 17000-17014.
Configuring the Content Gateway policy engine
When Content Gateway is registered with the Data Security Management Server, a Content Gateway module appears on the Data Security manager System Modules page.
By default, this agent is configured to monitor web traffic, not block it, and for a default violation message to appear when an incident is triggered. If this is acceptable, you do not need to make changes to the Content Gateway configuration. Simply deploy the new settings.
If you want to block web traffic that breaches policy and customize the violation message, do the following:
1.
From the Data Security manager, select Settings > Deployment > System Modules.
2.
It will be listed as Content Gateway on <FQDN> (<PE_version>), where <FQDN> is the fully-qualified domain name of the Content Gateway machine and <PE_version> is the version of the Content Gateway policy engine.
3.
Select the HTTP/HTTPS tab and configure the blocking behavior you want.
Select Help > Explain This Page for instructions for each option.
4.
Select the FTP tab and configure the blocking behavior you want.
Select Help > Explain This Page for instructions for each option.
5.
Click Save to save your changes.
6.
Click Deploy to deploy your settings.
 
Important 
Even if you do not change the default configuration, you must click Deploy to finalize your Content Gateway deployment process.
Verifying Web and data security linking
When Linking Service is installed, it automatically configures linking between Web and Data Security to allow Data Security access to user identification and URL categorization data.
1.
2.
Select Settings (under General) > System > URL Categories & User Names.
3.
Select Help > Explain This Page for detailed information about the settings on this screen.
4.
Click OK to save any changes.
5.
Click Deploy to deploy your settings.

Go to the table of contents Go to the previous page Go to the next page
Initial Configuration for All Websense Modules > Additional configuration for Web Security Gateway Anywhere
Copyright 2016 Forcepoint LLC. All rights reserved.