Initial configuration for web protection solutions

Deployment and Installation Center | Web Protection Solutions | v8.0.x

In this topic:

Getting started with web protection solutions

Additional tips for working with web protection solutions

Identifying Filtering Service by IP address

Getting started with web protection solutions

After entering your TRITON AP-WEB or Web Filter & Security subscription key (see Initial Configuration for All Websense Modules), use the Initial Setup Checklist to complete basic setup tasks.

If you have TRITON AP-WEB, also see Content Gateway initial configuration.

If you have the Web DLP Module also see Additional configuration for the Web DLP Module.

Next, you can:

Configure transparent user identification on the Settings > General > User Identification page.

If you installed Logon Agent, you must create and deploy a client logon script in addition to configuring Logon Agent in the Web module of the TRITON Manager. See the Using Logon Agent for Transparent User Identification technical paper for instructions.

If you were unable to grant User Service, DC Agent, or Logon Agent administrator privileges during installation, see Changing DC Agent, Logon Agent, and User Service permissions in Administrator Help for your product.

Enable email or SNMP alerting on the Settings > Alerts > Enable Alerts page.

Customize reporting behavior. See Reporting Administration in the Administrator Help.

Additional tips for working with web protection solutions

All Websense tools and utilities installed on Windows Server platforms (such as wsbackup.exe and websenseping.exe), as well as text editors used to modify Websense configuration files (such as websense.ini), must be run as the local administrator. Otherwise, you may be prevented from running the tool or the changes you make may not be implemented.

Navigate to the Websense bin directory (C:\Program Files or Program Files (x86)\Websense\Web Security\bin\).

Right-click the relevant executable file, and then click Properties. Following is a list of files for which this should be done.

In the Compatibility tab, under Privilege Level, select Run this program as an administrator. Then, click OK.

Identifying Filtering Service by IP address

When Websense software blocks an Internet request, the browser is redirected to a block page hosted by Filtering Service. The block page URL takes the form:

http://<FilteringServiceNameorIPAddress>:<MessagePort>/cgi-bin/blockpage.cgi?ws-session=#########

If Filtering Service is installed on a machine with multiple NICs, and Filtering Service is identified by machine hostname rather than IP address, users could receive a blank page rather than a block page.

If you have an internal domain name server (DNS), enter the Filtering Service machine's IP address as a resource record in your DNS. See your DNS documentation for instructions.

If you do not have an internal DNS:

On the Filtering Service machine, go to the Websense bin directory (by default, C:\Program Files\Websense\bin or opt/Websense/bin).

Make a backup copy of eimserver.ini in another directory.

Open the original eimserver.ini file in a text editor.

In the [WebsenseServer] section, enter the following command:

BlockMsgServerName=<IP address>

Here, <IP address> is the IP address of the Filtering Service machine.


	Important Do not use the loopback address (127.0.0.1).

Save the file.

Restart Websense Filtering Service.

Windows: Use the Windows Services tool (Start > Administrative Tools > Services or Server Manager > Tools > Services) to restart Websense Filtering Service.

Linux: Use the /opt/Websense/WebsenseDaemonControl command to restart Filtering Service.