v7.6.5 Release Notes

Version 7.6.5 is an important maintenance release that includes corrections for customer issues.

- New in this version
- Resolved and known issues

Version 7.6.5

Find deployment planning, installation, and upgrade information and instructions for the following Websense Web Security solutions:

* Web Filter v7.6.5
* Web Security v7.6.5
* Web Security Gateway v7.6.5

* Web Security Gateway Anywhere v7.6.5

Deployment scenarios are offered for both appliance and software-based deployments.

If you are planning a deployment, it is recommended you start at the main topic for your deployment scenario. On the main page for a scenario, you can access deployment guidelines, installation instructions, and initial configuration instructions for that scenario.

Click View Complete Document for more

v7.6.2 Release Notes

Version 7.6.2 is an important maintenance release that includes corrections for customer issues.

- Compatibility with V-Series v7.6.x
- New in this version
- Resolved and known issues

Websense Content Gateway Release Notes v7.6.2

Websense Content Gateway v7.6.2 is a maintenance release that corrects several known issues making Content Gateway a more stable component in the Web Security Gateway solution.

- How do I get the patch files?
- Data Security integration
- Known and resolved issues

Version 7.6.2

Find deployment planning, installation, and upgrade information and instructions for the following Websense Web Security solutions:

* Web Filter v7.6.2
* Web Security v7.6.2
* Web Security Gateway v7.6.2
* Web Security Gateway Anywhere v7.6.2

Deployment scenarios are offered for both appliance and software-based deployments.

If you are planning a deployment, it is recommended you start at the main topic for your deployment scenario. On the main page for a scenario, you can access deployment guidelines, installation instructions, and initial configuration instructions for that scenario.

Click View Complete Document for more

TRITON Unified Security Center Release Notes

Version 7.6.2

Version 7.6.2 is a maintenance release of Websense TRITON Enterprise. It offers a number of enhancements to the 7.6 release.

If you are upgrading from version 7.6, upgrade instructions are available in the Websense Technical Library.

Click View Complete Document for more.

Release Notes

TRITON Unified Security Center, v7.6

Version 7.6 is a major release of Websense TRITON Enterprise with the introduction of Websense Email Security Gateway and Email Security Gateway Anywhere. It offers enhanced integration across the Websense product line and a significantly improved unified management experience.

Simplified deployment

It is faster and easier to deploy Websense TRITON Enterprise and the modules in your subscription in this version. The installation is performed using a single installer for the TRITON infrastructure and reporting database. From this installer you can launch the installation of the individual TRITON modules as required.

An upgrade process is available for Web Security and Data Security version 7.1 and 7.5 users

Click View Complete Document for more.

Release Notes

Websense Web Security Solutions, v7.6

Provides an overview of new and changed features in Websense Web Security version 7.6, including changes to:

• * Installation
• * TRITON Unified Security Center
• * Reporting (including the introduction of Real-Time Monitor
• * Delegated administration and reporting
• * Block pages
• * Remote Filtering Client
• * Network Agent (introducing IPv6 filtering)
• * Health Alerts
• * Hybrid filtering configuration (including block page customization)
• * Content Gateway access and alerting
• * International Domain Name (IDN) support

Click View Complete Document for more.

Release Notes

Websense Content Gateway, Version7.6

These Release Notes describe new features, best practices, corrections, and known issues in Websense Content Gateway version 7.6. Find information about:

• * Supported platforms
• * Integration with TRITON - Web Security
• * Integrated Windows Authentication
• * Multiple Realm Authentication
• * Multiple ports in explicit deployments
• * HTTPS URL filtering when not decrypting in transparent proxy deployments
• * SSL Manager configuration clustering
• * FTP filtering and scanning
• * Support for Skype with explicit proxy deployments
• * Multiple ICAP servers
• * New performance graphs

Click View Complete Document for more.

Deployment and Installation Center

Version 7.6

Find deployment planning, installation, and upgrade information and instructions for the following Websense Web Security solutions:

• * Web Filter v7.6
• * Web Security v7.6
• * Web Security Gateway v7.6
• * Web Security Gateway Anywhere v7.6

Deployment scenarios are offered for both appliance and software-based deployments.

If you are planning a deployment, it is recommended you start at the main topic for your deployment scenario. On the main page for a scenario, you can access deployment guidelines, installation instructions, and initial configuration instructions for that scenario.

Click View Complete Document for more

Websense Authentication Service Installation and Configuration Guide

Version 7.6

This document outlines the procedure for installing and configuring Websense Authentication Service and the procedure to follow to configure Websense Web Security Gateway Anywhere. Authentication Service is the interface between the Websense proxy server and the Microsoft Active Directory or LDAP services used on-premises at your location.

Authentication Service facilitates username/password validation using your on-premises Active Directory/LDAP server.  Authentication Service is installed as a virtual appliance and communicates with your local directory using LDAP over SSL.  It can operate in the DMZ or inside the local area network (LAN), or both, based on the mode(s) of operation.

Click View Complete Document for more.

How do I get the patch files?

Go to MyWebsense.com and log in.

Then choose the Downloads tab, and Websense Web Security Gateway.

Data Security Integration

Websense Content Gateway v7.5.5 is compatible with all v7.5 versions of the Data Security Management Server, including v7.5.3 and later, but Websense recommends that customers upgrade to Data Security v7.5.3 prior to upgrading to Content Gateway v7.5.5.

Websense Content Gateway v7.5.5 can now be integrated with Policy Engine v7.5.9 or later.

The installer for Websense Content Gateway handles software only version upgrades. You can:

- Upgrade an installed v7.5.x proxy with a different v7.5.x version.

- Re-install a v7.5.x proxy

Release Notes

Websense Web Security and Websense Web Filter, v7.5

New in this version

Websense Web Security and Websense Web Filter version 7.5 is an English-only release.

Installation changes

New technologies with an updated look and feel are now used for Websense Web Security and Websense Web Filter installation. The installer now includes:

* Built-in Help for most installation screens, accessed via a button
* A progress checklist in the left panel
* Some reduction in the number of screens that must be completed

The new Websense Control Service handles component activation and configuration. It continues to run once installation is complete in order to facilitate adding or removing components.

Click View Complete Document for more.

Release Notes

Websense Content Gateway, v7.5

Use the Release Notes to find information about what's new and improved in Websense Content Gateway Version 7.5.

Sections include:

New features include:

Click View Complete Document for more.

Getting Started Guide

Web Security Gateway Anywhere, Version 7.5

Websense® Web Security Gateway Anywhere™ is a Web security solution designed for distributed enterprises with one or more branch offices and multiple remote users.

Web Security Gateway Anywhere offers an alternative to pure service- or appliance-based solutions. Rather than choosing between an in-the-cloud or on-premises Web filtering solution for your entire enterprise, you can deploy a blended solution that encompasses the best of both worlds, and you can manage it from a single user interface—the TRITON™ Unified Security Center.

Unlike alternate approaches, hybrid filtering gives you the flexibility to choose the platform or mix of platforms that best meets your operational requirements without incurring the cost of managing multiple systems.

In addition, Web Security Gateway Anywhere protects you from data loss over the Web, providing security for outbound content as well. You identify sensitive data and define whether you want to audit or block attempts to post it to HTTP, HTTPS, FTP, or FTP-over-HTTP channels.

Click View Complete Document for more.

Deployment Guide

Websense Web Security, Version 7.5

Use this guide to plan your Websense software deployment before installation. The guide provides an overview of how Websense software can be deployed in a network, as well as operating system and hardware requirements.

This guide applies to version 7.5 of Websense Web Security Gateway Anywhere, Web Security Gateway, Websense Web Security, and Websense Web Filter. The term Websense software is used to refer to all or any of these solutions. When information or instructions apply to particular solutions, they are referred to individually by name.

Websense software consists of components that work together to monitor Internet requests, log activity, apply Internet usage filters, and report on activity. Websense software is highly-distributable, providing the flexibility to scale a deployment to suit your needs. Components can be installed together on one machine for smaller organizations; or they can be distributed across multiple machines, and multiple sites, to create a high-performing deployment for larger organizations. The appropriate deployment is determined by network size and configuration, Internet request volume, hardware performance, and filtering needs.

This manual provides system recommendations to optimize Websense component performance. Performance can also be improved by using more powerful machines for resource-intensive components.

Click View Complete Document for more.

Deployment Guide

Websense Content Gateway, v7.5

Websense® Content Gateway is a high-performance Web proxy that provides real-time content scanning and Web site classification to protect network computers from malicious Web content while controlling employee access to dynamic, user-generated Web 2.0 content. Web content has evolved from a static information source to a sophisticated platform for 2-way communications, which can be a valuable productivity tool when adequately secured.

The dilemma for administrators is how much access to allow. Web 2.0 sites rely primarily on HTTP/HTTPS protocols, which cannot be blocked without halting all Internet traffic. Malicious content can use this means of entry into a company network.

The Websense Content Gateway module offers:

* Automatic categorization of dynamic Web 2.0 sites
* Automatic categorization of new, unclassified sites
* HTTPS content inspection
* Enterprise proxy caching capabilities

Websense Content Gateway is deployed as an add-on module with Websense Web Security or Websense Web Filter. Websense Content Gateway can also be an important piece of the following Websense deployments:

* Web Security Gateway for on premises deployments. On premises deployments may be implemented on Websense V-Series appliances or as software running on general purpose servers.
* Hosted Web Security Gateway for software as a service (SaaS) deployments
* Web Security Gateway Anywhere for distributed enterprises with one or more branch offices and multiple remote users

Click View Complete Document for more.

Preparing for Web DLP

Web Security Gateway Anywhere, v7.5

One of the key features of Websense Web Security Gateway Anywhere is that it includes Websense data security technologies to prevent data loss over the Web.

This means that you can protect whatever data you deem vital from leaving your organization by the Web—this includes HTTP, HTTPS, FTP, and FTP-over-HTTP.

For example, you may want to prevent employees from sending customer information to an FTP site where it can be retrieved by unauthorized users. Or you may be required to prevent social security numbers or credit card numbers from moving around your enterprise, even over secure HTTP. (Data compliance is a growing concern among enterprises across industries.)

Websense Web Security Gateway Anywhere provides such data loss prevention (DLP) capabilities. Depending on your needs, you can monitor or block the unwanted transmission of vital data, and you can send notifications and alerts when policy breaches occur.

Click View Complete Document for more.

Network Agent Quick Start

Version 7.5

Websense Network Agent monitors Internet traffic for all or specified machines in a network.

* When you install Websense Web security solutions in standalone mode, Network Agent is used to filter both HTTP and non-HTTP traffic.
* When you integrate Websense Web security solutions with a firewall, proxy, or caching product, the integrated product passes HTTP and HTTPS content to Websense software for filtering. Traffic using other protocols can be managed by Network Agent.

Network Agent also captures bandwidth usage data for use in filtering and reporting. When Network Agent is used to filter non-HTTP protocols, it can detect malicious peer-to-peer applications and spyware, even when they tunnel over ports commonly used for legitimate Internet communication. In addition, Network Agent can filter requests for Internet applications used for instant messaging, streaming media, file sharing, proxy avoidance, Internet mail, and other network or database operations.

This Quick Start introduces Websense Network Agent and summarizes the steps needed to successfully deploy the component in your network.

Click View Complete Document for more.

Deployment and Installation Center

Version 7.6

Find deployment planning, installation, and upgrade information and instructions for the following Websense Web Security solutions:

• * Web Filter v7.6
• * Web Security v7.6
• * Web Security Gateway v7.6
• * Web Security Gateway Anywhere v7.6

Deployment scenarios are offered for both appliance and software-based deployments.

If you are planning a deployment, it is recommended you start at the main topic for your deployment scenario. On the main page for a scenario, you can access deployment guidelines, installation instructions, and initial configuration instructions for that scenario.

Click View Complete Document for more

Upgrade Center

Websense Security Solutions, v7.6

Use the Upgrade Center to find information to help you create an upgrade plan, prepare your environment for upgrade, and carry out a successful upgrade. The Upgrade Center provides information for upgrading:

• * Web Security software, v7.x
• * V-Series appliances
• * Data Security software, v7.x
• * Older versions of Websense software

Click View Complete Document for more.

Chaining Hybrid Web Filtering with ISA/TMG

Version 7.6

A Microsoft® Internet Security and Acceleration (ISA) Server or Forefront™ Threat Management Gateway (TMG) server can be deployed as a downstream proxy with hybrid filtering as supplied with Websense Web Security Gateway Anywhere. You can configure proxy chaining in the following ways:

* Basic chaining
* NTLM pass-through
* X-Authenticated-User

Click View Complete Document for more.

Chaining Hybrid Web Filtering with BlueCoat ProxySG

Version 7.6

Blue Coat ProxySG can be deployed as a downstream proxy with hybrid filtering as supplied with Websense Web Security Gateway Anywhere. You can configure proxy chaining in the following ways:

* Basic chaining
* NTLM pass-through
*X-Authenticated-User

Click View Complete Document for more.

Chaining Hybrid Web Filtering with Squid Proxy

Version 7.6

Websense Web Security Gateway Anywhere supports the configuration of a chained Squid open source downstream proxy, in the following cases:

* Basic chaining
* For policies where NTLM is enabled and end users are asked to authenticate for hybrid filtering

The Squid proxy must be version 3.1.5 or later

Click View Complete Document for more.

How do I get the patch files?

Go to MyWebsense.com and log in.

Then choose the Downloads tab, and Websense Web Security Gateway.

Data Security Integration

Websense Content Gateway v7.5.5 is compatible with all v7.5 versions of the Data Security Management Server, including v7.5.3 and later, but Websense recommends that customers upgrade to Data Security v7.5.3 prior to upgrading to Content Gateway v7.5.5.

Websense Content Gateway v7.5.5 can now be integrated with Policy Engine v7.5.9 or later.

The installer for Websense Content Gateway handles software only version upgrades. You can:

- Upgrade an installed v7.5.x proxy with a different v7.5.x version.

- Re-install a v7.5.x proxy

Installation Organizer

Version 7.5

An installation organizer is a checklist to help you gather hardware, network, and deployment information necessary to install a product. This document contains several organizers to help you prepare to install and configure all Websense Web security solutions: Websense Web Filter, Web Security, Web Security Gateway, or Web Security Gateway Anywere. Complete only the organizers that apply.

WARNING: There are items in this document involving user account passwords. If you note passwords here, you must keep this document secure. Alternatively, consider not writing passwords in this document. Instead, write down only domain/user names and simply have the passwords ready when needed during the installation process.

Use this completed organizer as an aid while following instructions in the Websense Web Security Gateway Anywhere Getting Started Guide, Websense Web Security/Websense Web Filter Installation Guide, and Websense Content Gateway Installation Guide. Do not use this organizer in place of the instructions in these guides.

Click View Complete Document for more.

Getting Started Guide

Web Security Gateway Anywhere, Version 7.5

Websense® Web Security Gateway Anywhere™ is a Web security solution designed for distributed enterprises with one or more branch offices and multiple remote users.

Web Security Gateway Anywhere offers an alternative to pure service- or appliance-based solutions. Rather than choosing between an in-the-cloud or on-premises Web filtering solution for your entire enterprise, you can deploy a blended solution that encompasses the best of both worlds, and you can manage it from a single user interface—the TRITON™ Unified Security Center.

Unlike alternate approaches, hybrid filtering gives you the flexibility to choose the platform or mix of platforms that best meets your operational requirements without incurring the cost of managing multiple systems.

In addition, Web Security Gateway Anywhere protects you from data loss over the Web, providing security for outbound content as well. You identify sensitive data and define whether you want to audit or block attempts to post it to HTTP, HTTPS, FTP, or FTP-over-HTTP channels.

Click View Complete Document for more.

Installing Software

Web Security Gateway Anywhere, v7.5

If you purchase Websense Web Security Gateway Anywhere as software, you must install each of the primary modules. This document is your installation outline. For ease of reference, installation tasks have been broken down into 3 main areas:

1. Installing Websense Web Security
2. Installing Websense Content Gateway
3. Installing Websense Data Security

Deployment options

In Web Security Gateway Anywhere, a typical installation contains:

1. Websense Web Security filtering components on a Windows or Linux machine.
2. TRITON - Web Security and Data Security Management Server on a Windows machine in 2 virtual machines.
3. ...

Click View Complete Document for more.

Installation Guide

Version 7.5

Installation and setup information in this guide applies to both Websense Web Security and Websense Web Filter.

Instructions are included for downloading and extracting installation files, and starting and running the installer.

This guide also includes instructions for:

* Installing individual components
* Configuring Stealth Mode
* Planning for Reporting
* Troubleshooting

Websense software can be integrated with your firewall, proxy server, caching application, or network appliance (such third-party products are referred to as integration products). Or it can run without an integration (referred to as a stand-alone installation or deployment).

Click View Complete Document for more.

Websense Content Gateway, v7.5

Installation Guide

Prerequisites and Preparation

Before you install Content Gateway, consider:

System security. Your network can carry sensitive data. SSL Manager lets you have data decrypted and then re-encrypted on the way to its destination. Consider locking down your system as much as possible to prevent others from seeing your data.

Network configuration. Content Gateway can run as an explicit proxy (where browsers point to Content Gateway), or a transparent proxy (where traffic is redirected through a WCCP-enabled router or a Layer 4 switch in your network and the ARM, Adaptive Redirection Module, feature of Content Gateway).

Content Gateway can proxy HTTP, HTTPS, FTP, and other protocols. To transparently proxy protocols other than HTTP through a WCCP-enabled router, the router must use WCCP v2, which supports redirection of multiple protocols.

System requirements. Ensure that your system meets the minimum requirements listed in the System requirements section.

Click View Complete Document for more.

Web Security Component Default Ports

Versions 7.5 and 7.6

This paper identifies the default ports used by Websense Web Security components, including Content Gateway and the interoperability components used to communicate with Websense Data Security and, in Websense Web Security Gateway Anywhere deployments, the hybrid service.

In most cases, the default ports, which are assigned automatically during installation, never need to be changed. If you do need to change a port:

* Use the Log Server Configuration utility to change the Log Server port.
* Use TRITON - Web Security to configure communication with Log Server if the port has changed, and to change port information for transparent identification agents (DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent).

If you need to change ports for other services, this can be done in the initialization (INI) file for the component. Given dependencies between components, the change may need to be made in multiple files. ...

Click View Complete Document for more.

Upgrading Websense Web Security or Web Filter

Version 7.5

An upgrade is performed by running the Websense Web Security/Websense Web Filter 7.5 installer (Websense installer) on a machine with previous-version Websense components installed. The installer detects the presence of the components and upgrades them (with the exception of Remote Filtering Client) to the current version. For instructions on upgrading Remote Filtering Client, see the Remote Filtering Software technical paper.

Versions 7.x of Websense Web Security or Websense Web Filter may be directly upgraded to version 7.5.

New features for version 7.5 are described in the Release Notes for Websense Web Security and Websense Web Filter, Version 7.5. Information specific to this release is also available in the Upgrading User Quick Start tutorial, accessible from within TRITON - Web Security (which replaces Websense Manager) once it is installed.

This supplement provides an overview of the upgrade process.

Click View Complete Document for more.

TRITON Unified Security Center Help

Version 7.6

The TRITON Unified Security Center is a single, browser-based console that provides a central, graphical interface to the general configuration, policy management, and reporting functions of your Websense software.

From the TRITON console, you can access some or all of the following modules, depending on your subscription:

• * TRITON - Web Security works in conjunction with integration devices (including proxy servers, firewalls, routers, and caching appliances) and enables you to develop, monitor, and enforce Internet access policies
• * TRITON - Data Security protects organizations from information leaks and data loss both at the perimeter and inside the organization
• * TRITON - Email Security protects your organization against the threats of malware, spam, and other unwanted content in email traffic

Click View Complete Document for more.

TRITON - Web Security Help

Version 7.6

This guide provides detailed instructions for using TRITON - Web Security to configure your Websense software, create Internet filtering policies, manage clients, run reports, and more. It also includes contextual and troubleshooting information to help you verify and optimize your deployment. Topics include:

Click View Complete Document for more.

Content Gateway Help

Version 7.6

Websense Content Gateway is the Web proxy component of the Websense Web Security Gateway and Websense Web Security Gateway Anywhere solutions.

Content Gateway is a configurable, high-performance Web proxy that works in combination with Websense Web Security to protect users and networks from malicious and unwanted content by performing advanced content analysis precisely when it is needed—as the content flows through the proxy—using the results of analysis to apply appropriate Web Security policy. This on-demand analysis protects users and networks at the same time that it makes dynamic, Web 2.0 sites safe for your organization and users.

The precise application of content analysis is configured by the administrator for each Web Security Gateway deployment.

Web proxy cache: Content Gateway can also be configured to function as a high-performance Web proxy cache that improves network efficiency and performance by caching frequently accessed information at the edge of the network. This brings content physically closer to end users for faster delivery and reduced bandwidth usage.

Click View Complete Document for more.

TRITON - Data Security Help

Version 7.6

Websense® Data Security protects organizations from information leaks and data loss both at the perimeter and inside the organization.

Websense Data Security can operate alone in the network, or be paired with Websense Web and email security solutions (on-premises or in the cloud), to provide a well-rounded Essential Information Protection solution for your organization.

Websense Data Security protects organizations from data loss by:

* Discovering the location of sensitive data inside the network
* Monitoring data as it travels inside or outside the organization
* Protecting data while it is being manipulated in office applications, with policy-based controls that align with business processes

The 2 main components of Websense Data Security are:

* The Data Security Management Server
* The Data Security Protector

Click View Complete Document for more.

Web Security Component Default Ports

Versions 7.5 and 7.6

This paper identifies the default ports used by Websense Web Security components, including Content Gateway and the interoperability components used to communicate with Websense Data Security and, in Websense Web Security Gateway Anywhere deployments, the hybrid service.

In most cases, the default ports, which are assigned automatically during installation, never need to be changed. If you do need to change a port:

* Use the Log Server Configuration utility to change the Log Server port.
* Use TRITON - Web Security to configure communication with Log Server if the port has changed, and to change port information for transparent identification agents (DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent).

If you need to change ports for other services, this can be done in the initialization (INI) file for the component. Given dependencies between components, the change may need to be made in multiple files. ...

Click View Complete Document for more.

Network Agent Quick Start

Versions 7.5 and 7.6

Websense Network Agent monitors Internet traffic for all or specified machines in a network.

* When you install Websense Web security solutions in standalone mode, Network Agent is used to filter both HTTP and non-HTTP traffic.
* When you integrate Websense Web security solutions with a firewall, proxy, or caching product, the integrated product passes HTTP and HTTPS content to Websense software for filtering. Traffic using other protocols can be managed by Network Agent.

Network Agent also captures bandwidth usage data for use in filtering and reporting. When Network Agent is used to filter non-HTTP protocols, it can detect malicious peer-to-peer applications and spyware, even when they tunnel over ports commonly used for legitimate Internet communication. In addition, Network Agent can filter requests for Internet applications used for instant messaging, streaming media, file sharing, proxy avoidance, Internet mail, and other network or database operations.

This Quick Start introduces Websense Network Agent and summarizes the steps needed to successfully deploy the component in your network.

Click View Complete Document for more.

New User Quick Start

Websense Web Security Solutions, v7.6

Use this Quick Start tutorial to learn the basics of filtering and reporting with Websense Web Security and Websense Web Filter. The tutorial is made up of a series of short lessons, divided into 4 sections:

* Initial Setup
* Navigation Tips
* Websense Filtering
* Reporting

Each lesson requires between 5 and 10 minutes to complete.

Click View Complete Document for more.

Upgrading User Quick Start

Websense Web Security Solutions, v7.6

This Quick Start tutorial provides an overview of what has changed in Websense Web Security since previous versions, including changes to terms and concepts. The tutorial also includes:

• * Platform information and tips pertinent to all upgrade environments.
• * An overview of features introduced in:
    - v7.0
    - v7.1
    - v7.5
    - v7.6
• * An orientation to help you find features and functions that have moved.
• * Short instructions for performing common tasks.

Click View Complete Document for more.

Configuring hybrid filtering

Version 7.6

To use hybrid filtering:
* Activate your hybrid filtering account
* Define the locations filtered by hybrid filtering
* Specify sites not filtered by hybrid filtering (if any)
* Configure user access to hybrid filtering
* Identify hybrid filtering users
* Send user and group data to the hybrid service

In order to ensure that the hybrid service has current policy, user, and group information, and that the on-premises reporting software has data from users filtered by the hybrid service, you can schedule communication with the hybrid service.

Click View Complete Document for more.

Delegated Administration Quick Start

Version 7.6

Delegated administration is a powerful tool for distributing filtering and reporting responsibilities across an organization.

A Global Security Administrator creates accounts and grants them access to one or more TRITON console modules.

Within TRITON - Web Security, Super Administrators can then grant policy management privileges, reporting rights, or both to delegated administrators, who can then manage or report on Internet usage for specific clients (users, groups, computers, or networks). Super Administrators can also:

• * Create a set of master filtering restrictions that limit the filtering access that delegated administrators can provide.
• * Send copies of policies and filters that they have created to delegated administrators, who can use these policies as templates for creating policies and filters to apply to their clients.

Click View Complete Document for more.

Transparent Identification of Users

Versions 7.5 and 7.6

Websense Web Security solutions let you define custom filtering policies for different individuals or groups within your organization.

* In any environment, you can assign policies to individual computers (identified by IP address), or networks (groups of contiguous IP addresses).

* If your environment includes a supported directory service, you can configure Websense software to also filter directory clients: users, groups, and domains (organizational units).

To apply policies to users, groups, and other directory clients, Websense software must be able to identify the user making a request, given the originating IP address. Any of 4 methods can be used to identify users...

Click View Complete Document for more.

Identification of hybrid filtering users

Version 7.6

To ensure that the appropriate per-user or per-group policy is applied to hybrid filtering users, whether from a filtered location or when off-site, Websense Web Security Gateway Anywhere provides options for identifying hybrid filtering users transparently.

Websense Web Endpoint is installed on client machines to provide transparent authentication, enforce use of hybrid filtering, and pass authentication details to the hybrid service.

Websense Authentication Service provides clientless transparent authentication via a gateway hosted on your network.

If you do not deploy either Web Endpoint or Authentication Service, the hybrid service can identify users transparently or manually when they connect to hybrid filtering.

Click View Complete Document for more.

Websense Authentication Service Installation and Configuration Guide

Version 7.6

This document outlines the procedure for installing and configuring Websense Authentication Service and the procedure to follow to configure Websense Web Security Gateway Anywhere. Authentication Service is the interface between the Websense proxy server and the Microsoft Active Directory or LDAP services used on-premises at your location.

Authentication Service facilitates username/password validation using your on-premises Active Directory/LDAP server.  Authentication Service is installed as a virtual appliance and communicates with your local directory using LDAP over SSL.  It can operate in the DMZ or inside the local area network (LAN), or both, based on the mode(s) of operation.

Click View Complete Document for more.

Remote Filtering Software

Version 7.6

Deploy Websense remote filtering software to filter Internet requests from machines outside the network. By default, remote filtering software monitors HTTP, HTTPS, and FTP traffic.

Remote filtering software is an optional feature, available to Websense Web Filter, Websense Web Security, Websense Web Security Gateway, and Websense Web Security Gateway Anywhere customers.

NOTE: In Websense Web Security Gateway Anywhere deployments, hybrid (in-the-cloud) filtering can also be used to filter Internet requests from users outside the network.

Remote filtering software includes the following components:

* Remote Filtering Client is installed on each machine that will be filtered when used outside the network. This client is configured to communicate with the Remote Filtering Server.
* Remote Filtering Server resides inside your firewall, and acts as a proxy to Websense Filtering Service.

Click View Complete Document for more.

 SSL Manager Certificate Verification

 Version 7.6.2

The Websense® Web Security Gateway proxy component – Content Gateway – includes a feature called SSL Manager. SSL Manager oversees SSL and TLS (HTTPS) connections, decryption, analysis of content, and re-encryption.

This article describes the most effective use of the Certificate Verification Engine, a sub-component of SSL Manager. The Certificate Verification Engine ensures that only those connections that comply with your organization’s IT security requirements for certificate verification are allowed.

Click View Complete Document for more.

Tunneled Protocol Detection

Websense Content Gateway v7.6

Tunneled protocol detection analyzes traffic to discover protocols that are tunneled over HTTP and HTTPS. Traffic that is allowed to tunnel over specific ports is also scanned. Such traffic is reported to Websense Web filtering for protocol policy enforcement. When tunneled protocol detection is enabled, scanning is performed on both inbound and outbound traffic, regardless of other scanning settings.

HTTP tunneling occurs when applications that use custom protocols for communication are wrapped in HTTP (meaning that standard HTTP request/response formatting is present) in order to use the ports designated for HTTP/HTTPS traffic. These ports are open to allow traffic to and from the Web. HTTP tunneling allows these applications to bypass firewalls and proxies, leaving a system vulnerable.

The tunneled protocol detection feature scans HTTP and HTTPS traffic and, when it detects a protocol, forwards it to Websense Web filtering for policy enforcement. At this point, a protocol is blocked or allowed based on policy definitions. This feature can be used to block protocols used for instant messaging, peer-to-peer applications, and proxy avoidance.

Frequently Asked Questions

Content Gateway version 7.6

A collection of articles that answer common configuration and maintenance questions, including:

• * How do I configure IPTables to harden the Content Gateway host system?
• * How do I ensure that Content Gateway is properly identified in the network?
• * Which Web browsers provide the best user experience with Content Gateway?
• * How do I backup and restore the SSL Incident List?

Click View Complete Document for more.

Using SNMP with Websense Content Gateway

Version 7.6

This article describes how to use Net-SNMP with software installations of Content Gateway (not V-Series appliances) to monitor Content Gateway processes. It assumes that the reader is familiar with SNMP.

For information about using SNMP with V-Series appliances, see V-Series Appliance Manager Help.

If you are not familiar with SNMP, an introductory article can be found in Wikipedia.

An essential resource and the location of Net-SNMP software is www.net-snmp.org

For documentation, go to: http://net-snmp.sourceforge.net/docs/man/

To use SNMP with Content Gateway you must:

• * Install Net-SNMP RPMs
• * Configure snmpd.conf to monitor Content Gateway processes and send traps to the SNMP Manager
• * Verify the configuration

Security Information Event Management(SIEM)

Alert messages keep your system administrator informed about significant events in your Websense system and in your network as they happen. Unlike reporting, which tracks trends over time, alerting provides a quick look at events that determine the health of your Websense software, or hardware and software in the case of the Websense V-Series appliance, and the security of your network.

Although Websense software can issue alerts in multiple formats, this paper focuses on alerts that use SNMP trap data. Websense products can issue alerts using SNMP trap data when integrated with a supported Security Information Event Management (SIEM) system. SNMP alerting is available for the following Websense products:

* Websense Web Filter and Web Security
* Websense Web Security Gateway and Gateway Anywhere
* Websense V-Series appliance

Click View Complete Document for more. 

Web Security FAQs

Version 7.6

This paper covers the following frequently asked questions:

• - How does Websense Web Security decide which policy to apply to a request?
• - How do keyword searches work?
• - Can I exclude specific traffic from logging?
• - How do I set up a filtering blacklist?
• - How do I set up a filtering whitelist?

Click View Complete Document for more.

Backup and Restore FAQ

Websense TRITON Enterprise, v7.6

You can back up the components of your Websense TRITON installation's settings and system data, and revert to a previous configuration if required. Data saved by the backup process can also be used to import Websense configuration information after an upgrade, and to transfer configuration settings to a different machine or V-Series appliance.

When backing up a TRITON Management Server, note that there are separate backup processes for the TRITON infrastructure and for each TRITON module. As a best practice, synchronize the backup of your TRITON modules with the TRITON infrastructure backup.

• - How do I back up and restore the TRITON infrastructure?
• - How do I back up and restore V-Series appliances?
• - How do I back up and restore Web Security software?
• - How do I back up and restore Websense Content Gateway?
• - How do I back up and restore Data Security software?
• - How do I back up and restore Email Security off-appliance components?
• - Important tips for backing up or restoring both Web Security and the TRITON console
• - How do I back up or restore multiple Web Security Gateway appliances?

Click View Complete Document for more.

If you try to install Web Endpoint on a machine where Data Endpoint is already installed, the installation process will not work. To deploy both endpoints on a single machine, first uninstall the Data Endpoint, then follow the instructions below to create a joint deployment package.

Note: The Web and Data Endpoints can only be deployed together on Windows operating systems.

Click View Complete Document for more.

PAC File Best Practices with Web Security Gateway and Web Security Gateway Anywhere

For all 7.x versions.

This article examines Proxy Auto-Configuration (PAC) files and their use and best practices with Websense® Web Security Gateway and Web Security Gateway Anywhere (hybrid Web filtering).

Topics include:

*   What is a PAC file?
*  How is a PAC file consumed?
*  Using a PAC file with Web Security Gateway
*  Using a PAC file with Web Security Gateway Anywhere
*  Sample PAC file
*  PAC file best practices

Click View Complete Document for more.

TRITON - Web Security Help

Version 7.5

This document provides detailed instructions for using TRITON - Web Security to configure your Websense software, create Internet filtering policies, manage clients, run reports, and more. It also includes contextual and troubleshooting information to help you verify and optimize your deployment. Topics include:

Click View Complete Document for more.

Configuring the Web Security Module

Web Security Gateway Anywhere, v7.5

Perform basic configuration of the Web Security module so you can begin to use the hybrid filtering and Web DLP features.

The sections that follow guide you through the basic steps required to initialize the on-premises and hybrid filtering components of Websense Web Security Gateway Anywhere. Follow these steps to:

* Enter your subscription key and download the Websense Master Database
* Activate hybrid filtering
* Configure basic filtering account behaviors
* Enable communication between Web security components and your directory service
* Adapt the Default filtering policy for your organization

Click View Complete Document for more.

New User Quick Start

Websense Web Security, v7.5

Use this Quick Start tutorial to learn the basics of filtering and reporting with Websense Web Security and Websense Web Filter. The tutorial is made up of a series of short lessons, divided into 4 sections:

* Initial Setup
* Navigation Tips
* Websense Filtering
* Reporting

Each lesson requires between 5 and 10 minutes to complete.

Click View Complete Document for more.

Getting Started

After installing Websense Content Gateway on your host system or on the nodes of your Content Gateway cluster, Content Gateway is ready for use.

Refer to the following procedures to get started:

Starting Content Gateway Manager

Content Gateway Manager is the management user interface to Websense Content Gateway. Content Gateway Manager is supported on Microsoft Internet Explorer 7 and later, and on Firefox 3.0.x - 3.5.x. Use of another browser version may result in unexpected behavior.

Java and JavaScript must be enabled in your browser. See your browser documentation for information on enabling Java and JavaScript.

Configuring the Content Gateway Module

Web Security Gateway Anywhere, v7.5

This section describes how to set up the Content Gateway module in its minimum configuration so that you can quickly begin to protect your organization with Web Security Gateway Anywhere.

Follow these steps to:

* Log on
* Enter your subscription key
* Enable proxy features
* Configure protocols

Click View Complete Document for more.

TRITON - Data Secuity Help

Version 7.5

Websense® Data Security protects organizations from information leaks and data loss both at the perimeter and inside the organization.

Websense Data Security can operate alone in the network, or be paired with Websense Web and email security solutions (on-premises or in the cloud), to provide a well-rounded Essential Information Protection solution for your organization.

Websense Data Security protects organizations from data loss by:

* Discovering the location of sensitive data inside the network
* Monitoring data as it travels inside or outside the organization
* Protecting data while it is being manipulated in office applications, with policy-based controls that align with business processes

The 2 main components of Websense Data Security are:

* The Data Security Management Server
* The Data Security Protector

Click View Complete Document for more.

Configuring the Data Security Module

Web Security Gateway Anywhere, v7.5

This document describes the minimum steps required to set up the Data Security module for the Web DLP feature.

* Logging on
* Deploying the Content Gateway module
* Verifying linking
* Creating an administrator account
* Creating data security policies

Click View Complete Document for more.

Hybrid Web Tips

Version 7.5

Topic 45011 / Updated: 17-June-2010

This document covers the following topics:

Setting up hybrid filtering for branch offices
What is a PAC file?
Filtering users outside your network
Synchronizing user and group data with the hybrid service

Click View Complete Document for more

Web Data Loss Prevention (DLP)

Version 7.5

Topic 45016 / Updated: 17-June-2010

This document covers the following topics:

What is Web DLP?
Registering the proxy with the Data Security module
What's the difference between linking and the Linking Service?

Click View Complete Document for more.

Websense Web Security SSL Certificates

Version 7.5

Topic 50140

The topics in this paper provide an overview of how Websense software uses SSL certificates to secure communications, as well as instructions for creating custom certificates. The paper also offers instructions for administrators and end users who receive a browser certificate error. Topics include:

* TRITON - Web Security SSL certificates
* SSL certificates for secure manual authentication
* Generating self-signed SSL certificates
* Working with a Certificate Authority
* Accepting a security certificate

Click View Complete Document for more.

Registering with the Data Security Management Server

Web Security Gateway Anywhere, v7.5

To enable data loss prevention over Web channels, you must connect the Content Gateway module of your Web security solution to the Data Security Management Server.

1. Ensure that Content Gateway and Data Security Management Server systems are running and accessible, and that their system clocks are approximately synchronized.

2. Ensure the Content Gateway machine has a fully qualified domain name (FQDN) that is unique in your network. Host name alone is not sufficient.

3. If Content Gateway is deployed as a transparent proxy, ensure that traffic to and from the communication interface ("C" on a V-Series appliance) is not subject to transparent routing. If it is, the registration process will be intercepted by the transparent routing and will not complete properly.

(more...)

Click View Complete Document for more.

Filtering users outside your network

(Web Security Gateway Anywhere 7.5)

Topic 45014 / Updated: 17-June-2010

Problem description

I have users who frequently work outside of the network, whether travelling or telecommuting. How can I protect these users' machines from Web threats?

Resolution

In addition to filtering users inside your organization's network, Websense Web security solutions provide options for filtering users when they are outside the network:

* Hybrid filtering: If you have Websense Security Gateway Anywhere, you can use hybrid filtering to monitor Internet activity for users outside the network, regardless of how they are filtered when they are in the network. Hybrid filtering regulates activity through browser settings (a PAC file).

Hybrid filtering is available only with Websense Web Security Gateway Anywhere.

* Remote filtering software: You can install remote filtering software to monitor Internet activity for users outside the network. Remote filtering software deployment requires installation of Remote Filtering Client on each client machine. Remote Filtering Client is protected so that it cannot easily be removed by the end-user.

Remote Filtering Client is included with Websense Web Security Gateway Anywhere subscriptions, and is available as an option for Websense Web Filter, Websense Web Security, and Websense Web Security Gateway customers.

These methods can be used, for example, to filter users who work from home, users who travel using company laptops, or students who use institutional laptops on and off campus.

Click View Complete Document for more.

Network Agent Quick Start

Version 7.5

Websense Network Agent monitors Internet traffic for all or specified machines in a network.

* When you install Websense Web security solutions in standalone mode, Network Agent is used to filter both HTTP and non-HTTP traffic.
* When you integrate Websense Web security solutions with a firewall, proxy, or caching product, the integrated product passes HTTP and HTTPS content to Websense software for filtering. Traffic using other protocols can be managed by Network Agent.

Network Agent also captures bandwidth usage data for use in filtering and reporting. When Network Agent is used to filter non-HTTP protocols, it can detect malicious peer-to-peer applications and spyware, even when they tunnel over ports commonly used for legitimate Internet communication. In addition, Network Agent can filter requests for Internet applications used for instant messaging, streaming media, file sharing, proxy avoidance, Internet mail, and other network or database operations.

This Quick Start introduces Websense Network Agent and summarizes the steps needed to successfully deploy the component in your network.

Click View Complete Document for more.

Transparent Identification of Users

Versions 7.5 and 7.6

Websense Web Security solutions let you define custom filtering policies for different individuals or groups within your organization.

* In any environment, you can assign policies to individual computers (identified by IP address), or networks (groups of contiguous IP addresses).

* If your environment includes a supported directory service, you can configure Websense software to also filter directory clients: users, groups, and domains (organizational units).

To apply policies to users, groups, and other directory clients, Websense software must be able to identify the user making a request, given the originating IP address. Any of 4 methods can be used to identify users...

Click View Complete Document for more.

Frequently Asked Questions

Content Gateway version 7.5

A collection of articles that answer common configuration and maintenance questions, including:

*  How do I configure IPTables to harden the Content Gateway host system?
*  How do I ensure that Content Gateway is properly identified in the network?
*  Which Web browsers provide the best user experience with Content Gateway?
*  How do I backup and restore the SSL Incident List?

Click View Complete Document for more.

Websense Content Gateway: Tunneled Protocol Detection

Tunneled protocol detection analyzes traffic to discover protocols that are tunneled over HTTP and HTTPS. Traffic that is allowed to tunnel over specific ports is also scanned. Such traffic is reported to Websense Web filtering for protocol policy enforcement. When tunneled protocol detection is enabled, scanning is performed on both inbound and outbound traffic, regardless of other scanning settings.

HTTP tunneling occurs when applications that use custom protocols for communication are wrapped in HTTP (meaning that standard HTTP request/response formatting is present) in order to use the ports designated for HTTP/HTTPS traffic. These ports are open to allow traffic to and from the Web. HTTP tunneling allows these applications to bypass firewalls and proxies, leaving a system vulnerable.

The tunneled protocol detection feature scans HTTP and HTTPS traffic and, when it detects a protocol, forwards it to Websense Web filtering for policy enforcement. At this point, a protocol is blocked or allowed based on policy definitions. This feature can be used to block protocols used for instant messaging, peer-to-peer applications, and proxy avoidance.

Using SNMP with Content Gateway

This article describes how to use Net-SNMP with software installations of Content Gateway (not V-Series appliances) to monitor Content Gateway processes. It assumes that the reader is familiar with SNMP.

For information about using SNMP with V-Series appliances, please contact Websense Technical Support.

If you are not familiar with SNMP, an introductory article can be found in Wikipedia.

An essential resource and the location of Net-SNMP software
is www.net-snmp.org.

For documentation, go to: http://net-snmp.sourceforge.net/docs/man/.

To use SNMP with Content Gateway you must:

*  Install Net-SNMP RPMs
*  Configure snmpd.conf to monitor Content Gateway processes
    and send traps to the SNMP Manager
*  Verify the configuration

Delegated Administration Quick Start

Version 7.5

Delegated administration is a powerful tool for distributing filtering and reporting responsibilities across an organization.

One or more Super Administrators can grant policy management privileges, reporting rights, or both to delegated administrators, who can then manage or report on Internet usage for specific clients (users, groups, computers, or networks). Super Administrators can also:

* Create a set of master filtering restrictions that limit the filtering access that delegated administrators can provide.
* Send copies of policies and filters that they have created to delegated administrators, who can use these policies as templates for creating policies and filters to apply to their clients.

All of this is accomplished through the use of roles, which group related clients with the administrators responsible for managing and reporting on their Internet usage. For example, a school district might create Staff, Teachers, and Elementary Students roles, and then assign one or more administrators to each.

Click View Complete Document for more.

Remote Filtering Software

Version 7.5

Deploy Websense remote filtering software to filter Internet requests from machines outside the network. By default, remote filtering software monitors HTTP, HTTPS, and FTP traffic.

Remote filtering software is an optional feature, available to Websense Web Filter, Websense Web Security, Websense Web Security Gateway, and Websense Web Security Gateway Anywhere customers.

NOTE: In Websense Web Security Gateway Anywhere deployments, hybrid (in-the-cloud) filtering can also be used to filter Internet requests from users outside the network.

Remote filtering software includes the following components:

* Remote Filtering Client is installed on each machine that will be filtered when used outside the network. This client is configured to communicate with the Remote Filtering Server.
* Remote Filtering Server resides inside your firewall, and acts as a proxy to Websense Filtering Service.

Click View Complete Document for more.

Web Security Component Default Ports

Versions 7.5 and 7.6

This paper identifies the default ports used by Websense Web Security components, including Content Gateway and the interoperability components used to communicate with Websense Data Security and, in Websense Web Security Gateway Anywhere deployments, the hybrid service.

In most cases, the default ports, which are assigned automatically during installation, never need to be changed. If you do need to change a port:

* Use the Log Server Configuration utility to change the Log Server port.
* Use TRITON - Web Security to configure communication with Log Server if the port has changed, and to change port information for transparent identification agents (DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent).

If you need to change ports for other services, this can be done in the initialization (INI) file for the component. Given dependencies between components, the change may need to be made in multiple files. ...

Click View Complete Document for more.

PAC File Best Practices with Web Security Gateway and Web Security Gateway Anywhere

For all 7.x versions.

This article examines Proxy Auto-Configuration (PAC) files and their use and best practices with Websense® Web Security Gateway and Web Security Gateway Anywhere (hybrid Web filtering).

Topics include:

*   What is a PAC file?
*  How is a PAC file consumed?
*  Using a PAC file with Web Security Gateway
*  Using a PAC file with Web Security Gateway Anywhere
*  Sample PAC file
*  PAC file best practices

Click View Complete Document for more.

Investigative Reports

Version 7.6

Investigative reports let you browse through log data interactively. The main page shows a summary-level bar chart of activity by risk class. Click the different elements on the page to update the chart or get a different view of the data.

Use the Reporting > Investigative Reports page to analyze Internet filtering activity in an interactive way. Initially, the main Investigative Reports page shows a summary report of activity by risk class.

Work in the summary report view by clicking the available links and elements to explore areas of interest and gain general insight into your organization's Internet usage. Multi-level summary reports and flexible detail reports let you analyze the information from different perspectives.

Click View Complete Document for more.

Presentation Reports

Version 7.6

Presentation reports offer a list of predefined report templates and custom reports. Some output tabular reports; some combine a bar chart and a table. Copy any report template and apply your own report filter to create a custom report.

Use the Reporting > Presentation Reports page to generate template-based charts and tabular reports in HTML, PDF, or Microsoft Excel (XLS) format.

Available predefined and custom reports are found in the Report Catalog, which organizes them into related groups. The groups that appear are based on your subscription type. Some groups (like Real Time Security Threats and Scanning Activity) require a Websense Web Security Gateway or Gateway Anywhere subscription.

Click View Complete Document for more.

Real-Time Monitor

Version 7.6

Real-Time Monitor provides insight into current Internet filtering activity in your network, showing the URLs being requested and the action applied to each request. In Websense Web Security Gateway and Web Security Gateway Anywhere deployments, the monitor also shows which sites were scanned by Content Gateway. If a site is dynamically recategorized based on scanning results, both the original category and current category are shown.

Use the Reporting > Real-Time Monitor page to review current Internet filtering activity in your network.

Click View Complete Document for more.

Web Security Log Server Configuration Help

Version 7.6

Websense Log Server is the Web Security component that receives log records from Filtering Service and processes them into the Log Database.

During installation, you configure certain aspects of Log Server operation, including how Log Server interacts with Websense filtering components.The Log Server Configuration utility lets you change these settings when needed, and configure other details about Log Server operation. This utility is installed on the same machine as Log Server.

Click View Complete Document for more.

Use Reports to Evaluate Filtering

Version 7.5

TRITON - Web Security provides several reporting tools for use in evaluating the effectiveness of your filtering policies. (Log Server, a Windows-only component, must be installed to enable reporting.)

* The Today page appears first when you open TRITON - Web Security. It shows the operating status of Websense software, and can display charts of filtering activities in the network since midnight.
* The History page shows charts of filtering activities in the network for up to 30 days, depending on the amount of information in the Log Database. These charts do not include today's activities.
* Presentation reports and Investigative reports offer many options for creating and customizing reports. See Reporting overview for more information.

Click View Complete Document for more.

Data Security: Viewing Incidents and Reports

Version 7.5

To view incidents and reports on incidents, select Main > Incidents & Reports > Data Usage or Data Discovery. Here you can view an incident list and details for individual incidents or you can choose from a catalog of reports. Several built-in reports are provided. The ones you've viewed most recently are displayed on the main Incidents & Reports page in a section called Recent Reports. The order of these reports changes with use.

Click View Complete Document for more.

Investigative Reporting Quick Start

Websense Web Security, v7.5

Learn how to use investigative reports to analyze Internet filtering activity and find the information that you need.

The quick start provides an overview of the default information displayed when you open the Investigative Reports page, and then shows you how to navigate to the information you need.

* If the high-level summary shows areas of potential concern, Drill down to find details.
* Use standard reports to get a targeted view of Internet filtering activity.
* Customize summary reports or Customize detail reports to create a report that better reflects your needs.
* For quick reference explaining the types of data that can be included in an investigative reports, see What information can I see in a report?
* Create Favorite reports to minimize the work required to get to the data you need, and optionally schedule them to run at regular intervals.

Click View Complete Document for more.

Presentation Reports

Version 7.5

Use the Reporting > Presentation Reports page to generate charts and tabular reports based on templates from the Report Catalog.

The Report Catalog organizes a list of pre-defined report templates and custom reports into groups.

* Expand a group to see its corresponding templates and custom reports.
* Click on a template or report title to see a brief description of what it includes.

The number of groups in the Report Catalog depends on your subscription type. Some groups (like Real Time Security Threats and Scanning Activity) appear only with a Websense Web Security Gateway or Web Security Gateway Anywhere subscription.

Click View Complete Document for more.

Reporting Administration

Version 7.5

This document covers:

* Planning your configuration
* Managing access to reporting tools
* Basic configuration
* Log Server Configuration utility
* Administering the Log Database
* Configuring investigative reports
* Self-reporting

Click View Complete Document for more.

Log Server Configuration Utility

Version 7.5

Websense Log Server is the component that receives log records from Filtering Service and processes them into the Log Database.

During installation, you configure certain aspects of Log Server operation, including how Log Server interacts with Websense filtering components.The Log Server Configuration utility lets you change these settings when needed, and configure other details about Log Server operation. This utility is installed on the same machine as Log Server.

Click View Complete Document for more.

Internet activity log records

Version 7.5

Topic 50102 / Updated: 24-Jun-2010

A command-line utility called TestLogServer is included as part of your Websense Web Security installation. This utility displays log traffic sent from Websense Filtering Service to Websense Log Server.

Use TestLogServer to verify that logging data is being sent to Log Server as expected, and to diagnose problems with:

* Filtering and policy application
* Authentication
* Logging
* URL categorization and protocol identification

Click View Complete Document for more.

Web Security Gateway Anywhere Tips

Version 7.6

A collection of useful tips for managing hybrid Web filtering, including proxy chaining instructions for common downstream proxy servers, log download information, and backup and restore of customized hybrid features.

Click View Complete Document for more.

Troubleshooting Resources

Websense Web Security, Version 7.6

Use this document to find solutions to common issues before contacting Technical Support.

Troubleshooting instructions are grouped into the following sections:

* Installation and subscription issues
* Master Database issues
* Filtering issues
* Network Agent issues
* User configuration and identification issues
* Block message issues
* Log, status message, and alert issues
* Policy Server and Policy Database issues
* Delegated administration issues
* Log Server and Log Database issues
* Investigative report and presentation report issues
* Other reporting issues
* Interoperability issues
* Troubleshooting tips and tools

Click View Complete Document for more.

Troubleshooting Tips

Content Gateway, Version 7.6

A collection of troubleshooting tips on common proxy issues, including:

• * Dropped HTTPS connections
• * Sites that have difficulty transiting the proxy
• * Sites that host applications that don’t handle NTLM authentication
• * How to handle restricted users who fail to authenticate with NTLM

Click View Complete Document for more.

Troubleshooting Resources

Websense Web Security, Version 7.5

Use this document to find solutions to common issues before contacting Technical Support.

Troubleshooting instructions are grouped into the following sections:

* Installation and subscription issues
* Master Database issues
* Filtering issues
* Network Agent issues
* User identification issues
* Block message issues
* Log, status message, and alert issues
* Policy Server and Policy Database issues
* Delegated administration issues
* Reporting issues
* Interoperability issues
* Troubleshooting tools

Click View Complete Document for more.

Troubleshooting Content Gateway

Version 7.5

A collection of articles on common proxy issues, including:
*  Dropped HTTPS connections
*  Sites that have difficulty transiting the proxy
   -  Citrix collaboration products
   -  WebEx
   -  Firefox Update
   -  Pandora.com
   -  Real Networks Real Player
*  Sites that host applications that don’t handle NTLM authentication
*  Restricted users fail to authenticate with NTLM

Click View Complete Document for more.

Web Security Gateway Anywhere Troubleshooting

Version 7.5

Includes troubleshooting tips that are specific to Websense Web Security Gateway Anywhere configurations relating to hybrid filtering and Web DLP.

* Cannot register the Content Gateway with Data Security
* Linking has not been configured
* Linking Service information is not shown in TRITON - Data Security
* Websense Linking Service stopped responding
* Unable to connect to TRITON - Data Security
* Administrator unable to access TRITON - Data Security
* Unsupported Data Security Management Server version
* Sync Service is not available
* Directory Agent is not running
* Directory Agent cannot connect to the domain controller
* Directory Agent does not support this directory service
* Alerts were received from the hybrid service
* Unable to connect to hybrid service
* Missing key hybrid configuration information
* Hybrid filtering data does not appear in reports

Click View Complete Document for more.

Component statistics and diagnostics

Version 7.5

Topic 50101 / Updated: 24-Jun-2010

A command-line utility called ConsoleClient is included as part of your Websense software installation. This utility can be used to retrieve statistics and diagnostic information from Websense Web Security / Websense Web Filter components.

Use ConsoleClient to:

* Review user name to IP address resolution maps to troubleshoot user identification issues.
* Review requests sent to Filtering Service to make sure that requests are being passed properly by Network Agent, Content Gateway, or a third-party integration product.
* Collect Network Agent diagnostic data.

Click View Complete Document for more.

URL categories and filtering status

Version 7.5

Topic 50100 / Updated: 24-Jun-2010

A command-line utility called WebsensePing is included as part of your Websense software installation. This utility can be used to mock a request from the firewall to Filtering Service to review how Websense software resolves URLs without proxy or firewall involvement. Because WebsensePing does not rely on data passed from other network applications or services, it can test internal Websense processes.

WebsensePing can be used to:

* Check Filtering Service status, responsiveness, and subscription count
* Find the category for a URL or all categories for an IP address
* See how a URL is filtered for a client (user or IP address)

Click View Complete Document for more.

Internet activity log records

Version 7.5

Topic 50102 / Updated: 24-Jun-2010

A command-line utility called TestLogServer is included as part of your Websense Web Security installation. This utility displays log traffic sent from Websense Filtering Service to Websense Log Server.

Use TestLogServer to verify that logging data is being sent to Log Server as expected, and to diagnose problems with:

* Filtering and policy application
* Authentication
* Logging
* URL categorization and protocol identification

Click View Complete Document for more.

DC Agent Troubleshooting

Version 7.5

Overview

If you are using DC Agent for transparent identification, but it doesn't seem like user and group clients are being filtered properly, use this series of topics to help identify and resolve the problem.

This troubleshooting series includes 5 topics:

* 50200: Using DC Agent (overview)
* 50201: DC Agent troubleshooting (general)
* 50202: DC Agent installation errors
* 50203: DC Agent errors (post-installation)
* 50204: DC Agent doesn't see some or all users

Click View Complete Document for more.