Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Working With Web DLP > Registering and configuring TRITON AP-DATA
Registering and configuring TRITON AP-DATA
Help | Content Gateway | Version 8.1.x
Related topics:
 
For an introduction to TRITON AP-DATA, see Working With Web DLP.
Registration and configuration summary:
*
Threat dashboard forensics data is collected automatically.
If registration fails, an alarm displays.
 
Note 
*
Registration with off-box TRITON Management Server is automatic after Configure > My Proxy > Basic > Web DLP > Integrated on-box is enabled and Content Gateway is restarted.
Content Gateway queries TRITON Manager for the presence of TRITON AP-DATA.
 
Important 
Registration is tested and retried, if needed, every time Content Gateway is started.
If automatic registration fails, an alarm displays.
 
Important 
*
Web DLP policies are configured in the System Modules section of the DATA module in TRITON Manager. You must deploy the policies to put them into effect. See TRITON AP-DATA Help for details.
*
View registration status in the Content Gateway manager on the Monitor > Summary page by clicking More Detail and checking the list at the bottom of the Subscription Details section.
*
Registration and configuration details
If you are deploying TRITON AP-WEB without the Web DLP module, registration with the Forensics Repository is automatic. There is no additional configuration.
If you are deploying TRITON AP-WEB with Web DLP, you must enable Web DLP in the Content Gateway manager:
*
Go to Configure > My Proxy > Basic and enable Web DLP > Integrated on-box. If this option is not enabled, registration is with the Forensics Repository only.
 
Important 
Before enabling Web DLP > Integrated on-box, ensure that the TRITON management server is running and accessible, and that its system clock is synchronized with the Content Gateway server.
After Web DLP > Integrated on-box is enabled, registration with the DATA module of the TRITON Manager is automatic and is performed, if needed, every time that Content Gateway starts. To perform registration, Content Gateway queries the Websense Policy Broker for needed information, including IP address and cluster ID.
Registration status can be viewed in the Content Gateway manager on the Monitor > Summary page by clicking More Detail and reviewing the list at the bottom of the Subscription Details section.
Once registered, Content Gateway uses the Web DLP policy engine for malware detection. Go to the DATA module of the TRITON Manager to configure and deploy Web DLP policies.
If automatic registration fails, an alarm displays.
Manual registration
After Web DLP > Integrated on-box is enabled and Content Gateway has been restarted, you can attempt a manual registration by going to Configure > Security > Web DLP (see below).
Restarting Content Gateway always checks the registration status and initiates an auto-registration attempt, if needed.
Registration success and failure information is logged in: /opt/WCG/logs/dss_registration.log
 
Important 
If Content Gateway is not located on a V-Series appliance, registration requires that the Content Gateway host system have an IPv4 address assigned to the eth0 network interface. After registration, the IP address may move to another network interface on the system; however, that IP address is used for Web DLP policy configuration and deployment and must be available as long as the two modules are registered.
Manual registration with TRITON management server:
1.
2.
Ensure that Web DLP > Integrated on-box is enabled. In the Content Gateway manager select Configure > Basic > General. In the list of Features, under Networking locate Web DLP, select On, then select Integrated on-box, and then click Apply.
3.
Next to Integrated on-box, click the Not registered link. This opens the Configure > Security > Web DLP registration screen.
4.
5.
6.
Click Register. If registration is successful, a message confirms the result and prompts you to restart Content Gateway.
If registration fails, an error message indicates the cause of failure. Correct the problem and perform the registration process again.
Configuration options
When registration is successful, on the Configure > Security > Web DLP page set the following options:
1.
Analyze FTP Uploads: Select this option to send FTP uploads to TRITON AP-DATA for analysis and policy enforcement.
2.
Analyze HTTPS Content: Select this option to send decrypted HTTPS posts to TRITON AP-DATA for analysis and policy enforcement. The HTTPS protocol option must be enabled on Content Gateway.
 
Note 
3.
Click Apply to save your settings and then restart Content Gateway.
4.
TRITON AP-DATA and Content Gateway communicate over several ports. If IPTables are configured on the Content Gateway host system, these ports must be open in IPTables. See these Technical Library articles: TRITON Ports and Configuring IPTables for Websense Content Gateway.
 
Note 

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Working With Web DLP > Registering and configuring TRITON AP-DATA
Copyright 2016 Forcepoint LLC. All rights reserved.