Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page
Web Protection Frequently Asked Questions : How do I know which policy is being applied to a client's requests?
How do I know which policy is being applied to a client's requests?
51392 | Web Protection FAQ | TRITON AP-WEB and Web Filter & Security | 12-Oct-2015
When multiple exceptions or policies might apply to a client's request, Websense software uses the rules described in How is a policy or exception assigned to a request? to determine which to apply.
If you aren't sure which exception or policy is currently being applied to requests from a specific client, you can use the Check Policy tool to find out.
1.
Log on to the Web module of the TRITON Manager.
2.
Click Check Policy in the Toolbox in the right navigation pane.
3.
To identify a client, enter one of the following:
*
A fully qualified user name
If your organization uses an LDAP-based directory service, you can also click Find User to search the directory.
*
An IP address
4.
Click Go.
The tool displays the name of one or more policies. The tool returns multiple policies when all of the following are true:
*
The user belongs to multiple groups or OUs
*
Different policies are assigned to each group or OU
*
No policy is assigned specifically to the user
This can also occur when an IP address is included in more than one network range.
If the Check Policy tool returns an unexpected result, and client requests are being blocked, you can use information provided in a block page to determine what policy is being applied and how the user has been identified.
If you use either the default block page or a custom block page that includes the More Information option, you can find out which policy was applied to a request, and get category and client information.
1.
Have the user browse to a blocked URL.
2.
Click the More Information link or button.
3.
When the category information displays at the top of the block page, right-click within the section containing the category information and select View Source (Internet Explorer) or This Frame > View Frame Source (Mozilla Firefox).
4.
Scroll down to the bottom of the HTML output. The information includes:
*
User name and IP address
Use this information to verify the user was identified correctly.
*
The policy that was applied
*
The delegated administration role associated with the policy
*
How the URL was assigned to a category
If a customized block page does not contain the More Information option, you can still generate a blocked request, then change the block URL to retrieve the additional information. The block page URL looks something like this:
http://<ipaddress>:15871/cgi-bin/blockpage.cgi?ws-session=.....
Replace blockpage with moreBlockInfo as follows
http://<ipaddress>:15871/cgi-bin/moreBlockInfo.cgi?ws-session=.....
Follow steps 3 and 4 in the procedure above to find user and policy information.
If the user is not correctly identified and there is no policy assigned to the user's IP address, the Default policy is used.
If the user is not being correctly identified, verify the directory path for the user or group object, especially if modifications have recently been made to directory service settings:
1.
In the Web module of the TRITON console, go to Main > Policy Management > Clients page.
2.
Expand the Directory tree and verify that the LDAP path displayed matches what is currently configured on the Settings > General > Directory Service page.
3.
If necessary, delete, re-add, and save the user or group objects. When re-adding clients, make sure to assign them the correct policy.

Go to the table of contents Go to the previous page Go to the next page
Web Protection Frequently Asked Questions : How do I know which policy is being applied to a client's requests?
Copyright 2016 Forcepoint LLC. All rights reserved.