Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Working With Web DLP > Registering and configuring TRITON AP-DATA
Registering and configuring TRITON AP-DATA
Help | Content Gateway | Version 8.0.x
Related topics:
*
Stopping and starting Data Security processes
 
For an introduction to TRITON AP-DATA, see Working With Web DLP.
Registration and configuration summary:
*
Registration with on-box Web DLP components is automatic. No configuration is required.
Threat dashboard forensics data is collected automatically.
If registration fails, an alarm displays.
*
Registration with off-box TRITON Management Server is automatic after Configure > My Proxy > Basic > Web DLP > Integrated on-box is enabled and Content Gateway is restarted.
Content Gateway queries TRITON Manager for the presence of TRITON AP-DATA.
 
* 
Important 
Content Gateway and the TRITON management server system times should be synchronized to within a few minutes.
Registration is tested and retried, if needed, every time Content Gateway is started.
If automatic registration fails, an alarm displays.
 
* 
Important 
TRITON AP-DATA and Content Gateway communicate over several ports. If IPTables are configured on the Content Gateway host system, these ports must be open in IPTables. See these Technical Library articles: TRITON Ports and Configuring IPTables for Websense Content Gateway.
*
Web DLP policies are configured in the System Modules section of the DATA module in TRITON Manager. You must deploy the policies to put them into effect. See TRITON AP-DATA Help for details.
*
View registration status in the Content Gateway manager on the Monitor > Summary page by clicking More Detail and checking the list at the bottom of the Subscription Details section.
*
Registration success and failure information is logged in: /opt/WCG/logs/dss_registration.log
Registration and configuration details
If you are deploying TRITON AP-WEB without the Web DLP module, registration with the Forensics Repository is automatic. There is no additional configuration.
If you are deploying TRITON AP-WEB with Web DLP, you must enable Web DLP in the Content Gateway manager:
*
Go to Configure > My Proxy > Basic and enable Web DLP > Integrated on-box. If this option is not enabled, registration is with the Forensics Repository only.
 
* 
Important 
Before enabling Web DLP > Integrated on-box, ensure that the TRITON management server is running and accessible, and that its system clock is synchronized with the Content Gateway server.
After Web DLP > Integrated on-box is enabled, registration with the DATA module of the TRITON Manager is automatic and is performed, if needed, every time that Content Gateway starts. To perform registration, Content Gateway queries the Websense Policy Broker for needed information, including IP address and cluster ID.
Registration status can be viewed in the Content Gateway manager on the Monitor > Summary page by clicking More Detail and reviewing the list at the bottom of the Subscription Details section.
Once registered, Content Gateway uses the Web DLP policy engine for malware detection. Go to the DATA module of the TRITON Manager to configure and deploy Web DLP policies.
If automatic registration fails, an alarm displays.
Manual registration
After Web DLP > Integrated on-box is enabled and Content Gateway has been restarted, you can attempt a manual registration by going to Configure > Security > Web DLP (see below).
Restarting Content Gateway always checks the registration status and initiates an auto-registration attempt, if needed.
Registration success and failure information is logged in: /opt/WCG/logs/dss_registration.log
 
* 
Important 
If Content Gateway is not located on a V-Series appliance, registration requires that the Content Gateway host system have an IPv4 address assigned to the eth0 network interface. After registration, the IP address may move to another network interface on the system; however, that IP address is used for Web DLP policy configuration and deployment and must be available as long as the two modules are registered.
Manual registration with TRITON management server:
1.
Ensure that the Content Gateway and TRITON management server systems are running and accessible, and that their system clocks are synchronized within a few minutes.
2.
Ensure that Web DLP > Integrated on-box is enabled. In the Content Gateway manager select Configure > Basic > General. In the list of Features, under Networking locate Web DLP, select On, then select Integrated on-box, and then click Apply.
3.
Next to Integrated on-box, click the Not registered link. This opens the Configure > Security > Web DLP registration screen.
4.
Enter the IP address of the TRITON management server.
5.
Enter a user name and password for logging onto the TRITON manager. The user must be an administrator with DATA module Deploy Settings privileges.
6.
Click Register. If registration is successful, a message confirms the result and prompts you to restart Content Gateway.
If registration fails, an error message indicates the cause of failure. Correct the problem and perform the registration process again.
Configuration options
When registration is successful, on the Configure > Security > Web DLP page set the following options:
1.
Analyze FTP Uploads: Select this option to send FTP uploads to TRITON AP-DATA for analysis and policy enforcement.
2.
Analyze HTTPS Content: Select this option to send decrypted HTTPS posts to TRITON AP-DATA for analysis and policy enforcement. The HTTPS protocol option must be enabled on Content Gateway.
 
* 
Note 
For these options to have any effect, Content Gateway must be configured to proxy FTP and HTTPS traffic.
3.
Click Apply to save your settings and then restart Content Gateway.
4.
Go to the DATA module of the TRITON Manager to configure the Content Gateway module. See "Configuring the Web Content Gateway module" in TRITON AP-DATA Help.
TRITON AP-DATA and Content Gateway communicate over several ports. If IPTables are configured on the Content Gateway host system, these ports must be open in IPTables. See these Technical Library articles: TRITON Ports and Configuring IPTables for Websense Content Gateway.
 
* 
Note 
A Content Gateway manager alarm is generated if:
*
Web DLP is enabled but not registered
*
Web DLP is enabled and registered but not configured in the DATA module of TRITON Manager

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Working With Web DLP > Registering and configuring TRITON AP-DATA
Copyright 2016 Forcepoint LLC. All rights reserved.