Web Security Deployment Recommendations > Additional reporting considerations
|
1.
|
Launch SQL Server Configuration Manager (for example, Start > All Programs > Microsoft SQL Server 2008 > Configuration Tools > SQL Server Configuration Manager).
|
2.
|
Right-click the SQL Native Client x.x Configuration entry used in your SQL Server installation, then select Properties.
|
|
Force Protocol Encryption: The default setting (No) means that encrypted connections are accepted but not required. This setting is typically best for use with Websense security solutions.
|
|
Trust Server Certificate: The default setting (No) means that only certificates issued by a Certificate Authority (CA) are accepted for encrypting connections to the database. This requires that a CA-signed certificate be deployed to the SQL Server, Log Server, and TRITON management server machines before Websense components can use a secure connection to connect to the database.
|
|
|
BCP (Bulk Copy Program) inserts records into the Log Database in groups called batches. This option is recommended because it offers better efficiency than ODBC insertion.
|
|
Microsoft SQL Server 2008 Native Client is installed by the TRITON Unified Installer, when you install Web Security Log Server on the machine.
|
|
Microsoft SQL Server 2008 Command Line Utilities are available as a free download from Microsoft:
|
1.
|
Locate the bcp.exe file installed with the SQL Server 2008 Command Line Utilities and make a note of the path to the file. The default location is:
|
2.
|
Navigate to the Websense bin directory (C:\Program Files or Program Files (x86)\Websense\Web Security\bin\) and open LogServer.ini in a text editor.
|
3.
|
Locate the BCPExePath parameter, and set its value to the path noted in step 1. For example:
|
4.
|
Save and close the LogServer.ini file.
|
5.
|
Use the Windows Services dialog box (Start > Administrative Tools > Services) to restart the Websense Log Server service.
|
6.
|
Use the Settings > Reporting > Log Server page in TRITON - Web Security to configure Log Server to use BCP for log record insertion.
|
1.
|
b.
|
Right-click the new folder and select Properties. On the Sharing tab, select Share this folder and provide the information requested.
|
b.
|
Open Windows Explorer and go to Tools > Map Network Drive.
|
1.
|
2.
|
Navigate to the Websense bin directory (C:\Program Files or Program Files (x86)\Websense\Web Security\bin, by default) and open the LogServer.ini file in a text editor.
|
|
Set the Active parameter to true to configure the central Log Server to process cache files from remote Log Server instances.
|
|
Optionally, edit the TimeInterval value to determine how frequently (in seconds) the central Log Server checks the cache directory for new files to process.
|
|
Set the FilePath parameter to the shared directory you created in Part 1 of this procedure (in the example above, the value is C:\Program Files (x86)\Websense\Web Security\bin\logscache\).
|
4.
|
Next, search for [Visits] section of the file to change the UsingVisits parameter to false. (This can also be configured via the Settings > Reporting > Log Server page in TRITON - Web Security.) The section looks like this:
|
6.
|
a.
|
b.
|
d.
|
When you are finished, click OK to return to the main Services window.
|
7.
|
1.
|
Go to a remote Log Server machine and use the Windows Services dialog box to stop the Websense Log Server service.
|
2.
|
Navigate to the Websense bin directory, then open the LogServer.ini file for that instance in a text editor.
|
|
Set the Active parameter to true to configure the remote Log Server to place cache files in the "CacheFileProcessingPath" directory and forward them to the central Log Server.
|
|
Optionally, change the TimeInterval value to determine how often (in seconds) the remote Log Server closes the current cache file and creates a new one.
|
|
You can also edit the MinFileSize and MaxFileSize (in bytes) for each cache file. The default minimum is 1 MB; the default maximum is 5 MB.
|
|
Set CacheFileProcessingPath to a local directory on the remote Log Server machine. Cache files are created on the local machine before being sent to the mapped drive on for processing by the central Log Server.
|
|
Set CacheFileOutputPath to the UNC file path of the shared folder on the central Log Server machine.
|
4.
|
If you want to record visits (rather than hits), and have turned off visits processing for the central Log Server service, make sure visits are enabled in the [Visits] section of the INI file for the remote Log Server instance.
|
6.
|
a.
|
b.
|
d.
|
When you are finished, click OK to return to the main Services window.
|
7.
|
Web Security Deployment Recommendations > Additional reporting considerations
|