Table of Contents You are at the beginning of the document Go to the next page

Table of Contents

Getting Started
Working in the TRITON console
Navigating the Web Security manager
Reviewing, saving, and discarding changes
Your subscription
Managing your account through the MyWebsense Portal
Configuring your account information
The Websense Master Database
Configuring database downloads
What is WebCatcher?
Websense Technical Support
The Web Security Dashboard
Threats dashboard
Investigate threat event details
How severity is assigned to suspicious activity
Reviewing threat incident details
Reviewing threat-related forensic data
Risks dashboard
Usage dashboard
System dashboard
Adding elements to a dashboard tab
Time and bandwidth saved
Web Security Status Monitor mode
Internet Usage Filters
Managing access to categories and protocols
When a category or protocol is blocked
New Master Database categories and protocols
Special categories
Risk classes
Security protocol groups
Using quota time to limit Internet access
Search filtering
Working with filters
Creating a category filter
Editing a category filter
Creating a protocol filter
Editing a protocol filter
Websense-defined category and protocol filters
Category and protocol filter templates
Configuring filtering settings
Working with clients
Working with computers and networks
Working with users and groups
Directory services
Windows Active Directory (Mixed Mode)
Windows Active Directory (Native Mode)
Novell eDirectory and Oracle (Sun Java) Directory Server
Advanced directory settings
Working with custom LDAP groups
Adding or editing a custom LDAP group
Adding a client
Searching the directory service
Changing client settings
Password override
Account override
Moving clients to roles
Working with hybrid service clients
Internet Access Policies
The Default policy
Working with policies
Creating a policy
Editing a policy
Assigning a policy to clients
Enforcement order
Prioritizing group and domain policies
Responding to a URL request
Exceptions to Policies
Managing exceptions
How are exceptions organized?
Adding or editing an exception
Overriding an exception
If multiple exceptions could apply, which takes precedence?
Editing multiple exceptions at the same time
Exception shortcuts
How do I block or permit a URL for everyone?
How do I block or permit a URL for one person?
How do I block or permit a URL for my entire role?
How do I block or permit a URL for one of my managed clients?
How do I create an unfiltered URL?.
Block Pages
Blocking graphical advertisements
Blocking embedded pages
Working with block pages
Customizing the block message
Changing the size of the message frame
Changing the logo that displays on the block page
Using block page content variables
Reverting to the default block pages
Creating alternate block messages
Using an alternate block page on another machine
Determining why a request was blocked
Request blocked by Filtering Service
Request blocked by the hybrid service
Use Reports to Evaluate Internet Activity
What is Internet browse time?
Presentation reports
Creating a new presentation report
Defining the report filter
Selecting clients for a report
Selecting categories for a report
Selecting protocols for a report
Selecting actions for a report
Setting report options
Customizing the report logo
Confirming report filter definition
Working with Favorites
Running a presentation report
Scheduling presentation reports
Setting the schedule
Selecting reports to schedule
Setting the date range
Selecting output options
Viewing the scheduled jobs list
Viewing job history
Reviewing scheduled presentation reports
Investigative reports
Summary reports
Using search to generate a summary report
Anonymizing investigative reports
The Anonymous option
Multi-level summary reports
Flexible detail reports
Columns for flexible detail reports
User Activity Detail reports
User activity detail by day
User activity detail by month
Standard reports
Favorite investigative reports
Scheduling investigative reports
Managing scheduled investigative reports jobs
Outliers reports
Output options for investigative reports
Accessing self-reporting
Application reporting
How is user agent data collected?
Browser use details
Platform use details
Real-Time Monitor
Real-Time Monitor in Multiple Policy Server Deployments
Content Gateway Analysis
Scanning options
Content categorization
Tunneled protocol detection
Security threats: Content security
Security threats: File analysis
Outbound security
Advanced options
Scanning exceptions
Data files used with scanning
Reporting on advanced analysis activity
How analysis activity is logged
SSL decryption bypass
Configure the Hybrid Service
Activate your hybrid service account
Define filtered locations
Adding or editing filtered locations
Managing explicit proxies
Adding or editing an explicit proxy
Configuring failover to the hybrid service
Specify sites not managed by the hybrid service
Adding or editing unfiltered destinations
Configure user access to the hybrid service
Adding domains
Editing domains
Customizing hybrid block pages
Enabling HTTPS notification pages
What is a PAC file?
Send user and group data to the hybrid service
Configure Directory Agent settings for the hybrid service
Configure how data is gathered for the hybrid service
Oracle (Sun Java) Directory Server and the hybrid service
Novell eDirectory and the hybrid service
Adding and editing directory contexts
Optimizing search results
Schedule communication with the hybrid service
Define custom authentication settings
Adding custom authentication rules
Editing custom authentication rules
Monitor communication with the hybrid service
View hybrid service authentication reports
View User Agent Volume report
Manage Off-site Users
Using remote filtering software
Configuring Remote Filtering settings
Configure remote filtering to ignore FTP or HTTPS traffic
Configure the Remote Filtering Client heartbeat interval
Hybrid service management of off-site users
Configuring hybrid filtering for off-site users
Off-site user self-registration
Protect Vital Information
Protecting against data loss
Protecting end users' devices
Mobile Integration
Refine Web Security Policies
Restricting users to a defined list of URLs
Limited access filters and enforcement order
Creating a limited access filter
Editing a limited access filter
Adding sites from the Edit Policy page
Copying filters and policies to roles
Building filter components
Working with categories
Editing categories and their attributes
Reviewing all customized category attributes
Making global category changes
Renaming a custom category
Creating a custom category
Keyword-based policy enforcement
Defining keywords
Reclassifying specific URLs
Prioritizing Security Risk categorization
Blocking posts to sites in some categories
Working with protocols
Protocol-based policy enforcement
Editing custom protocols
Adding or editing protocol identifiers
Renaming a custom protocol
Making global protocol changes
Creating a custom protocol
Adding to a Websense-defined protocol
Using Bandwidth Optimizer to manage bandwidth
Configuring the default Bandwidth Optimizer limits
Managing traffic based on file type
Enforcement based on file extension
Enforcement based on file analysis
Enabling file type blocking in a category filter
Working with file type definitions
Adding custom file types
Adding file extensions to a file type
Using regular expressions
Using the Toolbox to verify policy enforcement behavior
URL Category
Check Policy
Test Filtering
URL Access
Investigate User
Identifying a user to check policy or test filtering
User Identification
Transparent identification
Transparent identification of remote users
Manual authentication
Configuring user identification methods
Setting authentication rules for specific machines
Defining exceptions to user identification settings
Revising exceptions to user identification settings
Secure manual authentication
Generating keys and certificates
Activating secure manual authentication
Accepting the certificate within the client browser
DC Agent
Configuring DC Agent
Reviewing DC Agent polled domains and domain controllers
The dc_config.txt file
Logon Agent
Configuring Logon Agent
Configuring RADIUS Agent
eDirectory Agent
Configuring eDirectory Agent
Adding an eDirectory server replica
Configuring eDirectory Agent to use LDAP
Enabling full eDirectory Server queries
Configuring an agent to ignore certain user names
Identification of hybrid users
Authentication priority and overrides
Web Endpoint deployment overview
Manually deploying Web Endpoint for Windows
Manually deploying Web Endpoint for Mac OS X
Integrating a single sign-on identity provider
Websense Directory Agent
Directory Agent and User Service
When users are not identified
Delegated Administration and Reporting
The fundamentals of delegated administration
Delegated administration roles
Delegated administrators
Delegated administration and reporting permissions
Administrators in multiple roles
Multiple administrators accessing the TRITON console
Preparing for delegated administration
Creating a Filter Lock
Locking categories
Locking protocols
Preparing delegated administrators
Managing delegated administration roles
Adding roles
Editing roles
Adding Administrators
Adding managed clients
Managing role conflicts
Updating delegated administration roles
Delete roles
Delete managed clients
Managing Super Administrator clients
Performing delegated administrator tasks
View your user account
Add clients to the Clients page
Create policies and filters
Reviewing administrator accounts
Enabling network accounts
Web Security Server Administration
Websense Web Security components
Policy enforcement and management components
Reporting components
User identification components
Interoperability components
Reviewing your Web Security deployment
Using the Policy Server map
Using the component list
Evaluating directory performance
Review directory server details
Understanding Policy Broker
Reviewing Policy Broker connections
Working with Policy Server
Reviewing Policy Server connections
Adding or editing Policy Server instances
Working in a multiple Policy Server environment
Changing the Policy Server IP address
Working with Filtering Service
Review Filtering Service details
Review Master Database download status
Resuming Master Database downloads
Filtering Service support for YouTube in Schools
Policy Server, Filtering Service, and State Server
Integrating with a third-party SIEM solution
Working with Content Gateway
Managing Content Gateway connections
Viewing and exporting the audit log
Stopping and starting Websense services
Websense Web Security installation directories
Flood control
Configuring general alert options
Configuring system alerts
Configuring category usage alerts
Adding or editing category usage alerts
Configuring protocol usage alerts
Adding or editing protocol usage alerts
Configuring suspicious activity alerts
Reviewing current system status
Backing up and restoring your Websense data
Scheduling backups
Running immediate backups
Maintaining the backup files
Restoring your Websense data
Discontinuing scheduled backups
Command reference
Reporting Administration
Assigning categories to risk classes
Configuring reporting preferences
Configuring how requests are logged
Configuring Log Server
Testing the Log Database connection
Introducing the Log Database
Database jobs
Log Database administration settings
Configuring database partition options
Configuring Log Database maintenance options
Configuring how URLs are logged
Configuring Internet browse time options
Configuring trend and application data retention
Log Database sizing guidance
Configuring Dashboard reporting data
Configuring investigative reports
Database connection and report defaults
Display and output options
Network Configuration
Network Agent configuration
Configuring global settings
Configuring local settings
Configuring NIC settings
Configuring monitoring settings for a NIC
Adding or editing IP addresses
Verifying Network Agent configuration
Installation and subscription issues
There is a subscription problem
Unable to verify the subscription key
After upgrade, users are missing from the Web Security manager
Master Database issues
The initial filtering database is being used
The Master Database is more than 1 week old
The Master Database does not download
Subscription key
Internet access
Verify firewall or proxy server settings
Insufficient disk space on the Filtering Service machine
Insufficient memory on the Filtering Service machine
Restriction applications
Master Database download does not occur at the correct time
Contacting Technical Support for database download issues
Policy enforcement issues
Filtering Service is not running
User Service is not available
High CPU usage on the Filtering Service machine
Sites are incorrectly categorized as Information Technology
Keywords are not being blocked
Custom or limited access filter URLs are not handled as expected
Websense software is not applying user or group policies
Remote users do not receive the correct policy
Network Agent issues
Network Agent is not installed
Network Agent is not running
Network Agent is not monitoring any NICs
Network Agent can't communicate with Filtering Service
Update Filtering Service IP address or UID information
Insufficient memory on the Network Agent machine
High CPU usage on the Network Agent machine
User configuration and identification issues
User and group-based policies are not applied
Unusually high directory server connection latency
Filtering Service can't communicate with transparent ID agent
DC Agent has insufficient permissions
DC Agent unable to access required file
DC Agent Domains and Controllers page is blank
I cannot add users and groups to the Web Security manager
Directory service connectivity and configuration
Directory service configuration
User identification and Windows Server
Turning on the Computer Browser service
Changing DC Agent, Logon Agent, and User Service permissions
User Service on a Websense appliance or Linux server
Remote users are not prompted for manual authentication
Remote users are not being filtered correctly
Block message issues
No block page appears for a blocked file type
Users receive a browser error instead of a block page
A blank white page appears instead of a block page
Log, status message, and alert issues
Where do I find error messages for Websense components?
Websense Health alerts
Two log records are generated for a single request
Usage Monitor is not available
Usage Monitor is not running
Policy Server and Policy Broker issues
I forgot my password
The Websense Policy Database service fails to start
Policy Server stops unexpectedly
A Policy Broker replica cannot synchronize data
Delegated administration issues
Managed clients cannot be deleted from role
Logon error says someone else is logged on at my machine
Recategorized sites are filtered according to the wrong category
I cannot create a custom protocol
Log Server and Log Database issues
Log Server is not running
Log Server has not received log files from Filtering Service
Low disk space on the Log Server machine
No Log Server is installed for a Policy Server
More than one Log Server is installed for a Policy Server
Log Database was not created
Log Database is not available
Log Database size causes reporting delays
More than 100 files in the Log Server cache directory
Last successful ETL job ran more than 4 hours ago
Configure Log Server to use a database account
Log Server is not recording data in the Log Database
Updating the Log Server connection account or password
Configuring user permissions for Microsoft SQL Server
Log Server cannot connect to the directory service
Wrong reporting page displayed
Investigative report and presentation report issues
Presentation Reports Scheduler not connected to Log Database
Inadequate disk space to generate presentation reports
Scheduled jobs in presentation reports failed
Data on Internet browse time reports is skewed
Bandwidth is larger than expected
Trend data is missing from the Log Database
Trend reports are not displaying data
Some protocol requests are not being logged
All reports are empty
Database partitions
SQL Server Agent job
Log Server configuration
Microsoft Excel output is missing some report data
Saving presentation reports output to HTML
Error generating presentation report, or report does not display
Investigative reports search issues
General investigative reports issues
Other reporting issues
Low memory on the Real-Time Monitor machine
Real-Time Monitor is not running
Real-Time Monitor is not responding
Cannot access certain reporting features
No charts appear on the Status > Dashboard page
There is a forensics data configuration problem
The forensics repository location could not be reached
Forensics data will soon exceed a size or age limit
Websense Multiplexer is not running or not available
Interoperability issues
Content Gateway is not running
Content Gateway is not available
Content Gateway non-critical alerts
Administrator unable to access other TRITON modules
Sync Service is not available
Sync Service has been unable to download log files
Sync Service has been unable to send data to Log Server
Hybrid policy enforcement data does not appear in reports
Disk space is low on the Sync Service machine
The Sync Service configuration file
Directory Agent is not running
Directory Agent cannot connect to the domain controller
Directory Agent communication issues
Directory Agent does not support this directory service
The Directory Agent configuration file
Directory Agent command-line parameters
Alerts were received from the hybrid service
Unable to connect to the hybrid service
Hybrid service unable to authenticate connection
Missing key hybrid configuration information
Hybrid failover proxy removed from explicit proxies list
Troubleshooting tips and tools
Where is the Websense "bin" directory?
The Windows Services tool
The Windows Event Viewer
The Websense log file

Table of Contents You are at the beginning of the document Go to the next page
Copyright 2016 Forcepoint LLC. All rights reserved.