Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuration > Configuring Web components > What is a policy source?
What is a policy source?
Help | V-Series Appliance | Version 8.0.x
Every TRITON AP-WEB deployment must include a policy source. This is an appliance or other server that hosts these components: Websense Policy Broker and the Policy Database it creates, plus an instance of Policy Server. All other Websense appliances and other Websense servers point to this machine and receive regular updates from it. This appliance (or other server) is called the policy source.
Websense Policy Broker is the component that controls access to global configuration information and policy data consumed by other components. Policy Broker can be deployed in a standalone configuration or in a replicated configuration.
*
In a standalone configuration, there is one Policy Broker for the entire deployment. All Policy Servers connect to the same Policy Broker.
In a standalone deployment, Policy Broker can reside on a Windows or Linux server, or a Websense appliance.
*
In a replicated configuration, there is one primary Policy Broker, to which configuration and policy changes are saved, and one or more replica instances, each with its own read-only copy of the configuration and policy data. Each Policy Server can be configured to determine whether it attempts to connect to the primary Policy Broker or a replica instance at startup.
In a replicated configuration, Policy Broker cannot reside on a Websense appliance. Both the primary and replica instances must be hosted by a Windows or Linux server.
When Policy Broker replication is enabled, if the primary Policy Broker machine fails, all components connect to a replica Policy Broker instance and continue to run normally, using the read-only configuration and policy data stored by the replica.
*
When a TRITON AP-WEB only appliance is configured as a policy source, all available Web components may run on that appliance, including.
*
Filtering Service
*
Policy Database
*
Policy Broker
*
Policy Server
*
User Service
*
Directory Agent (required for hybrid service)
*
State Server (optional; disabled by default)
*
Multiplexer (disabled by default; unavailable when the appliance is Filtering only)
*
Usage Monitor
*
Control Service
*
Content Gateway module
*
Network Agent module (optional)
Windows-only services, like Log Server, TRITON Manager, and optional services, like transparent identification agents, must run on other machines.
*
A non-appliance policy source is a server hosting Policy Broker. The Policy Database is automatically created and run on the Policy Broker machine. This machine typically also includes a Policy Server instance, and may include additional Websense software components.
The Policy Database holds all security policies (including client definitions, filters, and filter components) for all appliances and all domains in the network. It also holds global configuration information that applies to the entire deployment.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuration > Configuring Web components > What is a policy source?
Copyright 2016 Forcepoint LLC. All rights reserved.