Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page
Deployment Planning for TRITON Solutions > TRITON Enterprise deployment overview
TRITON Enterprise deployment overview
Deployment and Installation Center | Web, Data, and Email Protection | v8.0.x
Websense TRITON Enterprise includes TRITON AP-WEB, TRITON AP-DATA, and TRITON AP-EMAIL.
*
The TRITON Manager, the management interface for web, data, and email advanced protection solutions, resides on a Windows server.
*
TRITON AP-WEB may be deployed on Websense appliances, dedicated Windows or Linux servers, or a combination of platforms.
*
TRITON AP-DATA runs on Windows servers, optional protector appliances, and elsewhere in the network.
*
TRITON AP-EMAIL enforcement components reside only on Websense appliances. Management and reporting components reside on Windows servers.
High-level deployment diagram
The diagram shows an appliance-based deployment:
Remote office and off-site users
With the Web Hybrid module, you can use the hybrid service in the cloud to provide security for small remote offices. This is accomplished by designating a remote office as a hybrid filtered location.
The hybrid service can also provide policy enforcement and reporting for off-site users (e.g., telecommuters or traveling personnel).
To direct user requests to the hybrid service, you can install a PAC file or TRITON AP-ENDPOINT Web on the user's machine. Web requests from that machine are then directed to the hybrid service for policy enforcement.
Hybrid services
If your subscription includes the Web Hybrid module and Email Hybrid module:
*
The cloud-based hybrid web service can provide Internet security for remote offices and off-site users.
*
The cloud-based email hybrid service provides an extra layer of email scanning, stopping spam, virus, phishing, and other malware attacks before they reach your network and possibly reducing email bandwidth and storage requirements. You can also use the hybrid service to encrypt outbound email before delivery to its recipient.
Websense appliances
Websense appliances may be used to deploy core web and email protection functionality.
*
The Content Gateway proxy on the appliance manages web traffic.
*
Incoming email flows from the email hybrid service (if enabled) to the Websense appliance and to your mail server. The Websense appliance also provides the Personal Email Manager facility for end users to manage quarantined email.
TRITON AP-DATA Protector
The protector is a Linux-based soft-appliance, providing monitoring and blocking capabilities, preventing data loss and leaks of sensitive information. Using PreciseID technology, the protector can be configured to accurately monitor sensitive information-in-transit on any port.
Components that may not be installed on Websense appliances
TRITON management server
The TRITON management server is the Windows server on which the TRITON Manager (console) is installed. The TRITON console is the management and reporting interface for Websense web, data, and email protection solutions.
The Data Security Management Server and, typically, Crawler also reside on the TRITON management server machine to provide key TRITON AP-DATA functions, including web and email DLP (data loss prevention) features.
Linking Service also usually resides on the management server.
Web and Email Log Server
A separate Windows machine hosts two instances of Log Server: one for TRITON AP-WEB and one for TRITON AP-DATA. These services receive information about web and email traffic and process it into their respective Log Database.
Optional web protection components
Sync Service and transparent identification agents (DC Agent, Logon Agent, eDirectory Agent, and RADIUS Agent) may not reside on Websense appliances.
Also, you can install additional instances of several web protection components on Windows or Linux servers, if needed.
TRITON AP-DATA agents
Microsoft TMG agent, Crawler, FCI agent, and TRITON AP-ENDPOINT DLP are installed on appropriate machines.
See Installing TRITON AP-DATA for installation instructions.
TRITON AP-ENDPOINT DLP (User Machine)
TRITON AP-ENDPOINT DLP can be installed on any machine.
Third-party components
Microsoft SQL Server
Microsoft SQL Server, running on a Windows server in your network, is used to store Websense TRITON logging and reporting data. Quarantined email messages are also stored here.
When Websense TRITON components are installed, SQL Server must be installed and running, typically on its own machine as shown in the diagram above. SQL Server Express (installed using the TRITON Unified Installer) may be used in small deployments or evaluation environments.
Mail server
Your internal mail server.

Go to the table of contents Go to the previous page Go to the next page
Deployment Planning for TRITON Solutions > TRITON Enterprise deployment overview
Copyright 2016 Forcepoint LLC. All rights reserved.