This section contains information and instructions for a software-based deployment of Websense® Web Security Gateway. In this deployment scenario, all Websense components are installed on servers in your network. Components are typically distributed across several machines. For information about a Websense-appliance-based deployment, see
Web Security Gateway (appliance-based).
Websense Web Security Gateway software consists of components that work together to monitor Internet requests, log activity, apply Internet usage filters, and report on activity. Websense software is highly-distributable, providing the flexibility to scale a deployment to suit your needs. Components can be installed together on one machine for smaller organizations; or they can be distributed across mutliple machines, and multiple sites, to create a high-performing deployment for larger organizations. The appropriate deployment is determined by network size and configuration, Internet request volume, hardware performance, and filtering needs.
The following illustration is a high-level diagram of a basic software-based deployment of Web Security Gateway. Note that this illustration is intended to show the general distribution of components and does not include network details (such as segmenting, internal firewalls, routing, switching, and so forth).
Microsoft SQL Server is used to store Websense data (including log and reporting data). SQL Server must be obtained separately; it is not included as part of a Websense subscription. When installing Websense components, SQL Server must be installed and running, typically on its own machine as shown above. SQL Server Express (installed using the Websense installer) may be used in place of SQL Server. However, it is a best practice to use SQL Server Express only in non-production or evaluation environments.
TRITON management server is the term used to refer to the machine on which
TRITON Unified Security Center is installed. This machine is used to manage your Websense deployment. It includes TRITON™ Infrastructure and any or all of the TRITON Unified Security Center modules (Web Security, Data Security, and Email Security). Additional components may also be installed on this machine. For example, Web Security Log Server and Real-Time Monitor (note that these components may be installed on another machine; they are not required to be located on the TRITON management server).
Websense filtering components may be installed on the same machine or distributed across several machines. Additionally, you can install multiple instances (on different machines) of certain components to scale to your organization's needs.
Websense Content Gateway is a Web proxy that passes HTTP, HTTPS, FTP over HTTP, and native FTP traffic to Websense software for filtering. Content Gateway Manager—the Web-browser-based management UI for Content Gateway—runs on the Content Gateway machine, but is typically accessed from within TRITON Unified Security Center.
Websense Remote Filtering Server is typically installed on its own machine in the network DMZ. Remote Filtering Server is used, in conjunction with
Remote Filtering Client, to filter off-site users that are outside the corporate network (e.g., traveling personnel or telecommuters).
Important: Be sure to install
Policy Broker and
Policy Server before creating a TRITON management server (in the next step).
Important: When following the instructions under
Creating a TRITON Management Server, choose to install only the Web Security module of the TRITON Unified Security Center. When you reach the
Installation Type screen of the Websense installer, select only
Web Security (under TRITON Unified Security Center).
You can choose to install the other modules of the TRITON Unified Security Center. However, they will be enabled only if the subscription key you enter includes those features.