TRITON - Web Security Help
Websense Web Security v7.5

Go to the table of contents Go to the previous page Go to the next page Go to the index View or print as PDF
Scanning and SSL Bypass Options

Related topics:
Scanning options and SSL decryption bypass features are available with Websense Web Security Gateway and Websense Web Security Gateway Anywhere.
Scanning options support the analysis of Web traffic as it flows through the Content Gateway module (the Websense proxy). Only sites that are not already blocked, based on the active policy, are analyzed.
Several presentation reports can provide details about how scanning features protect your network from attempts to access sites containing threats. See Reporting on scanning activity.
SSL decryption bypass options support the specification of Web sites and Web site categories that are not subject to decryption and analysis as they flow through the proxy. These options apply only if SSL Manager is enabled on Content Gateway.
Scanning options summary:
*
Content categorization categorizes content from URLs that are not in the Websense Master Database and from sites with dynamic Web 2.0 content, as identified by Websense Security Labs. Analysis returns a category for use in filtering.
Important 
If a user requests a site in an active limited access filter (see Restricting users to a defined list of Internet sites) or the Unfiltered URLs list (see Redefining filtering for specific sites), the request is permitted, even when scanning options are enabled and threats are found.
*
Analyzes traffic to discover protocols tunneled over HTTP and HTTPS. Such traffic is reported to Websense Web filtering for protocol policy enforcement. Scanning includes both inbound and outbound traffic.
*
Analyzes inbound content to find security threats such as malware, viruses, phishing, URL redirection, Web exploits, proxy avoidance, and others.
*
Analyzes outbound content to discover and block malicious content like bot and spyware phone home traffic.
*
Security threats: File scanning applies 2 methods of inspection to detect security threats.
*
Analyzes files with Websense advanced detection techniques to discover malicious content, such as viruses, Trojan horses, and worms, returning a threat category for policy enforcement.
When either Advanced Detection or Anti-virus Scanning is enabled, File scanning optionally identifies and analyzes rich Internet applications, such as Flash files, to detect and block malicious content.
Files to Scan settings determine which types of files are analyzed for malicious content, including executable and unrecognized files. Individual file extensions may also be specified.
*
File Size Limit and Content Stripping settings apply to all traffic transiting the proxy (Advanced options).
*
The File Size Limit specifies the largest file on which scanning is performed. Larger files pass through the proxy without scanning analysis.
*
The Content Stripping options cause the specified types of code to be removed from HTML content. Removing such content may result in unrenderable, unusable, or unreadable pages.
Scanning exceptions are lists of URLs that are always scanned or never scanned. The type of scanning to always or never perform is specified per URL or group of URLs. A list of client IP addresses whose content is never scanned can also be specified.
SSL decryption bypass summary:
SSL decryption bypass allows the identification of Web site categories and hostnames or IP addresses for which SSL decryption is not performed. This feature is available only when the SSL Manager is enabled on the Content Gateway.
The scanning and SSL decryption bypass features are available with Websense Web Security Gateway and Websense Web Security Gateway Anywhere. To enable these features, a Websense Web Security Gateway or Websense Web Security Gateway Anywhere subscription key must be entered in 2 places:
*
In TRITON - Web Security, go to Settings > Account.
*
In Content Gateway Manager, go to Configure > My Proxy > Subscription > Subscription Management.


Go to the table of contents Go to the previous page Go to the next page Go to the index View or print as PDF
Scanning and SSL Bypass Options