Microsoft ISA Server or Forefront TMG IntegrationThis section of the Websense Technical Library provides information specific to integrating Websense Web Filter or Web Security with Microsoft® Internet Security and Acceleration (ISA) Server and Forefront™ Threat Management Gateway (TMG). Refer to Web Filter or Web Security (software-based) as your primary source of installation instructions. Only additional or alternate steps required to integrate Web Filter or Web Security with ISA/TMG are provided here.
NotesIn these instructions, "ISA/TMG" refers to ISA Server and Forefront TMG collectively. When instructions or information differ for the two products, they are referred to specifically as "ISA Server" or "Forefront TMG".An integration with ISA/TMG affects the following Websense components:
Websense ISAPI Filter plug-in: This additional Websense component is installed on the machine running ISA/TMG. The ISAPI Filter plug-in configures ISA/TMG to communicate with Websense Filtering Service.
Websense Filtering Service: Interacts with ISA/TMG and Websense Network Agent to filter Internet requests. Filtering Service either permits the Internet request or sends an appropriate block message to the user.After the Filtering Service is installed, the ISAPI Filter plug-in must be installed on every ISA/TMG machine in your network.
Websense Network Agent: Internet protocols that are not managed by ISA/TMG are managed by Network Agent.
If ISA/TMG is used only as a proxy server and not firewall, Network Agent may be installed on the ISA/TMG machine.
Transparent identification agents: Generally, ISA/TMG provides user authentication information for Web Filter or Web Security. If ISA/TMG is not configured to provide user information to Web Filter or Web Security, install the appropriate Websense transparent identification agent. See theTransparent Identification of Users technical paper for more information about these agents.If your environment includes an array of ISA/TMG machines, it is a best practice to install Web Filter or Web Security on a machine outside the array.