Websense Web Security Gateway


Planning

v7.8

  • TRITON Unified Security Center Release Notes

    Release Notes

    TRITON Unified Security Center, v7.8

    Use the Release Notes to find information about what’s new and improved in Websense TRITON Unified Security Center Version 7.8, including:

    * Deployment 
    * Two-factor authentication for TRITON administrators using RSA SecurID 
    * The TRITON Management Server 
    * Supported browsers for servers 
    * The TRITON database 
    * Supported directory services

    Click View Complete Document for more.

  • v7.8.2 Web Security Release Notes

    Release Notes

    Websense Web Security Solutions, v7.8.2

    Provides an overview of new and changed features in version 7.8.2 Websense Web Security solutions, including:

    • Directory Agent option now allows hybrid exclusions for all users in selected groups, regardless of context.
    • Content Gateway log data can now be processed using a remote Log Server in distributed logging environments.
    • Policy Broker replication now includes pre-check steps to guide setup.
    • Manual authentication now works with UTF-8 encoded user names and passwords from different browsers.
    • Improvements have been made in the time needed for the display and search of client information.
    • New messages are now available for Test Connection on the Directory Services page.

    Click View Complete Document for more.

  • v7.8.2 Content Gateway Release Notes

    Release Notes

    Websense Content Gateway, v7.8.2

    For version 7.8.2, focus was placed on the stability and performance of Content Gateway, response to customer issues, bug fixes, and compatibility with the lastest operating systems and browsers.

    Click View Complete Document for more.

  • v7.8.1 Web Security Release Notes

    Release Notes

    Websense Web Security Solutions, v7.8.1

    Provides an overview of new and changed features in version 7.8.1 Websense Web Security solutions, including:

    • ThreatScope™ cloud-based sandboxing for suspicious files
    • Deployment status viewer
    • Policy Broker replication to allow for failover
    • User Service enhancements, including new directory performance monitoring
    • Application reporting based on user agent
    • Enhanced user assistance, including interactive "Show Me How" tutorials
    • Logon application support for Mac OS X 10.8.2 and later

    Click View Complete Document for more.

  • v7.8.1 Content Gateway Release Notes

    Release Notes

    Websense Content Gateway, Version 7.8.1

    Provides an overview of new and changed features in version 7.8.1, including:

    • 64-bit Content Gateway
    • ThreatScope™ cloud-hosted sandbox
    • Re-engineered SSL support
    • User authentication feature enhancements
    • Support for range-based IP spoofing
    • Policy Broker resiliency
    • Filtering Service resiliency
    • Support for Secured by RSA® authentication
    • FIPS 140-2 enhancements
    • Support for Office 365
    • Japanese language embedded Help
    • ...more

    Click View Complete Document for more.

  • Deployment and Installation Center

    Deployment and Installation Center

    Websense TRITON Solutions, v7.8.x

    The Deployment and Installation Center includes information for Websense Web Security, Data Security, and Email Security solutions and applies to both software and V-Series Appliance-based modules and components.

    New graphical launch pages help to guide you to just the information you need.

    Use the Deployment and Installation Center to find:

    • Hardware and software requirements
    • Deployment planning guidelines
    • Installation instructions (including start-to-finish guides in PDF format)
    • Upgrade instructions (including start-to-finish guides in PDF format)
    • Initial configuration tips
    • Reference information

     

    Click View Complete Document for more.

v7.7.3

  • Web Security Release Notes

    Release Notes

    Websense Web Security, version 7.7.3

    Provides an overview of new and updated features and product corrections in version 7.7.3 of Websense Web Security.

    Click View Complete Document for more.

  • Content Gateway Release Notes

    Release Notes

    Websense Content Gateway, version 7.7.3

    Provides an overview of new and changed features in version 7.7.3 of Websense Content Gateway, including:

    * Support for Red Hat Enterprise Linux 6, Update 3
    * User authentication enhancements
      -- User-Agent specifier in Multiple Realm Authentication rules 
      -- Cookie Mode specifier in Multiple Realm Authentication rules 
      -- NTLM Fail Open 
      -- Authentication statistics for top User-Agents and IP addresses 
      -- IWA domain controller information 
      -- SAMBA engine update and optimization
    * SSL Enhancements 
      -- SSL certificate verification engine (CVE) 
      -- Tunnel Unknown Protocol 
      -- SSL resource conservation 
      -- SSL Manager pages available when HTTPS is not enabled
    * Proxy Health Check URLs to Assist Load Balancers
    * WCCP service group configuration
    * Japanese language documentation

    Click View Complete Document for more.

v7.7

  • TRITON Console Release Notes

    Release Notes

    TRITON Unified Security Center, v7.7

    Use the Release Notes to find information about what’s new and improved in Websense TRITON Unified Security Center Version 7.7, including:

    * Deployment
    * Two-factor authentication for TRITON administrators
    * Using a non-standard port for the reporting database
    * Using an existing encrypted connection with the reporting database
    * The TRITON Management Server
    * Supported browsers for servers
    * The TRITON database
    * Supported directory services

    Click View Complete Document for more.

  • Web Security Release Notes

    Release Notes

    Websense Web Security Solutions, v7.7

    Provides an overview of new and changed features in version 7.7 Websense Web Security solutions, including:

    • * The Web Security Dashboard
    • * Advanced persistent threat detection
    • * Exceptions: URL black and white lists
    • * Presentation report templates for trend and top N reports
    • * True file type detection
    • * Centralized Log Server configuration
    • * Enhanced Log Database configuration
    • * Extended support for non-standard SQL Server ports
    • * Enhanced DC Agent configuration
    • * Support for YouTube in Schools
    • * Integration with third-party SIEM products
    • * IPv6 client and URL filtering
    • * Enhanced Directory Agent configuration
    • * Hybrid user agent reporting and custom authentication

    Click View Complete Document for more.

  • Content Gateway Release Notes

    Release Notes

    Websense Content Gateway, Version7.7

    Provides an overview of new and changed features in version 7.7 of Websense Content Gateway, including:

    * Support for Red Hat Enterprise Linux 6
    * New and enhanced real-time analytics
    * SIEM integration
    * SSL Manager enhancements
    * Single sign-on and two-factor authentication
    * FIPS 140-2 mode
    * Protocol bandwidth information reported to Websense Web Security
    * Enhancements to WCCP v2 support
    * Client connection limits
    * Enhancements to Content Gateway clustering
    * User authentication support for Apple devices
    * Support for sites that use a custom header (Google Apps for Business, YouTube for Schools)
    * Integrated SOCKS server on V-Series appliances
    * Support for IPv6
    * ...and more

    Click View Complete Document for more.

  • Deployment and Installation Center

    Deployment and Installation Center

    Websense TRITON Solutions, v7.7

    The Deployment and Installation Center includes information for Websense Web Security, Data Security, and Email Security solutions and applies to both software and V-Series Appliance-based modules and components.

    Use the Deployment and Installation Center to find:

    * Hardware and software requirements
    * Deployment planning guidelines
    * Installation instructions
    * Upgrade instructions
    * Initial configuration tips
    * Reference information

    Click View Complete Document for more.

  • Web Security Component Ports

    Web Security Component Default Ports

    Versions 7.5 - 7.8

    This paper identifies the default ports used by Websense Web Security components, including Content Gateway and the interoperability components used to communicate with Websense Data Security and, in Websense Web Security Gateway Anywhere deployments, the hybrid service.

    In most cases, the default ports, which are assigned automatically during installation, never need to be changed. If you do need to change a port:

    • Use the Log Server Configuration utility (v7.5 or v7.6) or Settings > Reporting > Log Server page (v7.7 and later) to change the Log Server port.

    • Use the Web Security manager to configure communication with Log Server if the port has changed, and to change port information for transparent identification agents (DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent).

    If you need to change ports for other services, this can be done in the initialization (INI) file for the component. Given dependencies between components, the change may need to be made in multiple files.

    Click View Complete Document for more.

v7.6.7

  • Release Notes

    v7.6.7 Release Notes

    Version 7.6.7 is an important maintenance release that includes corrections for customer issues.

    - New in this version
    - Resolved and known issues

v7.6.5

  • Web Security Gateway Release Notes

    v7.6.5 Release Notes

    Version 7.6.5 is an important maintenance release that includes corrections for customer issues.

    - New in this version
    - Resolved and known issues

  • Upgrade Instructions

    Version 7.6.5

    Find deployment planning, installation, and upgrade information and instructions for the following Websense Web Security solutions:

    * Web Filter v7.6.5
    * Web Security v7.6.5
    * Web Security Gateway v7.6.5

    * Web Security Gateway Anywhere v7.6.5

    Deployment scenarios are offered for both appliance and software-based deployments.

    If you are planning a deployment, it is recommended you start at the main topic for your deployment scenario. On the main page for a scenario, you can access deployment guidelines, installation instructions, and initial configuration instructions for that scenario.

    Click View Complete Document for more

v7.6.2

  • Web Security Release Notes

    v7.6.2 Release Notes

    Version 7.6.2 is an important maintenance release that includes corrections for customer issues.

    - Compatibility with V-Series v7.6.x
    - New in this version
    - Resolved and known issues

  • Content Gateway Release Notes

    Websense Content Gateway Release Notes v7.6.2

    Websense Content Gateway v7.6.2 is a maintenance release that corrects several known issues making Content Gateway a more stable component in the Web Security Gateway solution.

    - How do I get the patch files?
    - Data Security integration
    - Known and resolved issues

  • Deployment and Installation Center

    Version 7.6.2

    Find deployment planning, installation, and upgrade information and instructions for the following Websense Web Security solutions:

    * Web Filter v7.6.2
    * Web Security v7.6.2
    * Web Security Gateway v7.6.2
    * Web Security Gateway Anywhere v7.6.2

    Deployment scenarios are offered for both appliance and software-based deployments.

    If you are planning a deployment, it is recommended you start at the main topic for your deployment scenario. On the main page for a scenario, you can access deployment guidelines, installation instructions, and initial configuration instructions for that scenario.

    Click View Complete Document for more

  • TRITON Unified Security Center Release Notes

    TRITON Unified Security Center Release Notes

    Version 7.6.2

    Version 7.6.2 is a maintenance release of Websense TRITON Enterprise. It offers a number of enhancements to the 7.6 release.

    If you are upgrading from version 7.6, upgrade instructions are available in the Websense Technical Library.

    Click View Complete Document for more.

v7.6

  • TRITON Console Release Notes

    Release Notes

    TRITON Unified Security Center, v7.6

    Version 7.6 is a major release of Websense TRITON Enterprise with the introduction of Websense Email Security Gateway and Email Security Gateway Anywhere. It offers enhanced integration across the Websense product line and a significantly improved unified management experience.

    Simplified deployment

    It is faster and easier to deploy Websense TRITON Enterprise and the modules in your subscription in this version. The installation is performed using a single installer for the TRITON infrastructure and reporting database. From this installer you can launch the installation of the individual TRITON modules as required.

    An upgrade process is available for Web Security and Data Security version 7.1 and 7.5 users

    Click View Complete Document for more.

  • Web Security Release Notes

    Release Notes

    Websense Web Security Solutions, v7.6

    Provides an overview of new and changed features in Websense Web Security version 7.6, including changes to:

    • * Installation
    • * TRITON Unified Security Center
    • * Reporting (including the introduction of Real-Time Monitor
    • * Delegated administration and reporting
    • * Block pages
    • * Remote Filtering Client
    • * Network Agent (introducing IPv6 filtering)
    • * Health Alerts
    • * Hybrid filtering configuration (including block page customization)
    • * Content Gateway access and alerting
    • * International Domain Name (IDN) support

    Click View Complete Document for more.

  • Content Gateway Release Notes

    Release Notes

    Websense Content Gateway, v7.6

    Provides an overview to new and changed features in Websense Content Gateway, v7.6, including changes to:

    • * Integration with TRITON - Web Security
    • * Integrated Windows Authentication
    • * Multiple Realm Authentication
    • * Multiple ports in explicit deployments
    • * HTTPS URL filtering when not decrypting in transparent proxy deployments
    • * SSL Manager configuration clustering
    • * FTP filtering and scanning
    • * Support for Skype with explicit proxy deployments
    • * Multiple ICAP servers
    • * New performance graphs

    Click View Complete Document for more.

  • Deployment and Installation Center

    Deployment and Installation Center

    Version 7.6

    Find deployment planning, installation, and upgrade information and instructions for the following Websense Web Security solutions:

    • * Web Filter v7.6
    • * Web Security v7.6
    • * Web Security Gateway v7.6
    • * Web Security Gateway Anywhere v7.6

    Deployment scenarios are offered for both appliance and software-based deployments.

    If you are planning a deployment, it is recommended you start at the main topic for your deployment scenario. On the main page for a scenario, you can access deployment guidelines, installation instructions, and initial configuration instructions for that scenario.

    Click View Complete Document for more

v7.5.5

  • Websense Content Gateway Release Notes

     

    How do I get the patch files?

    Go to MyWebsense.com and log in.

    Then choose the Downloads tab, and Websense Web Security Gateway.

    Data Security Integration

    Websense Content Gateway v7.5.5 is compatible with all v7.5 versions of the Data Security Management Server, including v7.5.3 and later, but Websense recommends that customers upgrade to Data Security v7.5.3 prior to upgrading to Content Gateway v7.5.5.

    Websense Content Gateway v7.5.5 can now be integrated with Policy Engine v7.5.9 or later.

  • Websense Content Gateway v7.5.0 to v7.5.x Upgrade Procedure

    The installer for Websense Content Gateway handles software only version upgrades. You can:

    - Upgrade an installed v7.5.x proxy with a different v7.5.x version.

    - Re-install a v7.5.x proxy

     

v7.5.3

  • Websense Content Gateway Release Notes

    Release Notes

    Websense Content Gateway, v7.5.3

    Use the Release Notes to find information about what's new and improved in Websense Content Gateway Version 7.5.3.

    Sections include:

    * Resolved Issues
    * Known issues
    * Compatibility with latest release of Data Security Suite

    Click View Complete Document for more.

  • Websense Content Gateway v7.5.0 to v7.5.x Upgrade Procedure

    Upgrade Procedure

    Websense Content Gateway, v7.5.3

    The installer for Websense Content Gateway handles software only version upgrades.

    Sections include:

    * Upgrade an installed v7.5.x proxy with a different v7.5.x version
    * Re-install a v7.5.x proxy

    Click View Complete Document for more.

v7.5.2

  • Websense Content Gateway Release Notes

    Release Notes

    Websense Content Gateway, v7.5.2

    Use the Release Notes to find information about what's new and improved in Websense Content Gateway Version 7.5.2.

    Sections include:

    * New features in version 7.5.2
    * Resolved Issues
    * Known issues

    New features include:

    * ARM module now certified with RHEL 5.5
    * Port range option for tunneled ports
    * Skype support
    * Web Security Gateway Anywhere: Compatibility with latest release of Data Security Suite
    * Failover option for integrated ICAP servers

    Click View Complete Document for more.

  • Websense Content Gateway v7.5.0 to v7.5.x Upgrade Procedure

    Upgrade Procedure

    Websense Content Gateway, v7.5.2

    The installer for Websense Content Gateway handles software only version upgrades.

    Sections include:

    * Upgrade an installed v7.5.x proxy with a different v7.5.x version
    * Re-install a v7.5.x proxy

    Click View Complete Document for more.

v7.5

  • Release Notes for Websense Web Security

    Release Notes

    Websense Web Security and Websense Web Filter, v7.5

    New in this version

    Websense Web Security and Websense Web Filter version 7.5 is an English-only release.

    Installation changes

    New technologies with an updated look and feel are now used for Websense Web Security and Websense Web Filter installation. The installer now includes:

    * Built-in Help for most installation screens, accessed via a button
    * A progress checklist in the left panel
    * Some reduction in the number of screens that must be completed

    The new Websense Control Service handles component activation and configuration. It continues to run once installation is complete in order to facilitate adding or removing components.

    Click View Complete Document for more.

  • Release Notes for Content Gateway

    Release Notes

    Websense Content Gateway, v7.5

    Use the Release Notes to find information about what's new and improved in Websense Content Gateway Version 7.5.

    Sections include:

    * New features in version 7.5
    * Corrected in version 7.5
    * Operation tips
    * Known issues

    New features include:

    * Supported platforms
    * Client authentication
    * Split DNS
    * Proxy chaining
    * HTTP privacy options
    * Web Security Gateway: Scanning features
    * Web Security Gateway: SSL decryption bypass
    * Web Security Gateway Anywhere: Data Security policy engine
    * Web Security Gateway Anywhere

    Click View Complete Document for more.

  • Web Security Deployment Guide

    Deployment Guide

    Websense Web Security, Version 7.5

    Use this guide to plan your Websense software deployment before installation. The guide provides an overview of how Websense software can be deployed in a network, as well as operating system and hardware requirements.

    This guide applies to version 7.5 of Websense Web Security Gateway Anywhere, Web Security Gateway, Websense Web Security, and Websense Web Filter. The term Websense software is used to refer to all or any of these solutions. When information or instructions apply to particular solutions, they are referred to individually by name.

    Websense software consists of components that work together to monitor Internet requests, log activity, apply Internet usage filters, and report on activity. Websense software is highly-distributable, providing the flexibility to scale a deployment to suit your needs. Components can be installed together on one machine for smaller organizations; or they can be distributed across multiple machines, and multiple sites, to create a high-performing deployment for larger organizations. The appropriate deployment is determined by network size and configuration, Internet request volume, hardware performance, and filtering needs.

    This manual provides system recommendations to optimize Websense component performance. Performance can also be improved by using more powerful machines for resource-intensive components.

    Click View Complete Document for more.

  • Content Gateway Deployment Guide

    Deployment Guide

    Websense Content Gateway, v7.5

    Websense® Content Gateway is a high-performance Web proxy that provides real-time content scanning and Web site classification to protect network computers from malicious Web content while controlling employee access to dynamic, user-generated Web 2.0 content. Web content has evolved from a static information source to a sophisticated platform for 2-way communications, which can be a valuable productivity tool when adequately secured.

    The dilemma for administrators is how much access to allow. Web 2.0 sites rely primarily on HTTP/HTTPS protocols, which cannot be blocked without halting all Internet traffic. Malicious content can use this means of entry into a company network.

    The Websense Content Gateway module offers:

    * Automatic categorization of dynamic Web 2.0 sites
    * Automatic categorization of new, unclassified sites
    * HTTPS content inspection
    * Enterprise proxy caching capabilities

    Websense Content Gateway is deployed as an add-on module with Websense Web Security or Websense Web Filter. Websense Content Gateway can also be an important piece of the following Websense deployments:

    * Web Security Gateway for on premises deployments. On premises deployments may be implemented on Websense V-Series appliances or as software running on general purpose servers.
    * Hosted Web Security Gateway for software as a service (SaaS) deployments
    * Web Security Gateway Anywhere for distributed enterprises with one or more branch offices and multiple remote users

    Click View Complete Document for more.

  • Network Agent Quick Start

    Network Agent Quick Start

    Version 7.5

    Websense Network Agent monitors Internet traffic for all or specified machines in a network.

    * When you install Websense Web security solutions in standalone mode, Network Agent is used to filter both HTTP and non-HTTP traffic.
    * When you integrate Websense Web security solutions with a firewall, proxy, or caching product, the integrated product passes HTTP and HTTPS content to Websense software for filtering. Traffic using other protocols can be managed by Network Agent.

    Network Agent also captures bandwidth usage data for use in filtering and reporting. When Network Agent is used to filter non-HTTP protocols, it can detect malicious peer-to-peer applications and spyware, even when they tunnel over ports commonly used for legitimate Internet communication. In addition, Network Agent can filter requests for Internet applications used for instant messaging, streaming media, file sharing, proxy avoidance, Internet mail, and other network or database operations.

    This Quick Start introduces Websense Network Agent and summarizes the steps needed to successfully deploy the component in your network.

    Click View Complete Document for more.

v7.1.0

  • Release Notes for Websense Web Security (PDF)

    Release Notes

    Websense Web Security and Websense Web Filter, v7.1

    New in this version

    Websense Web Security and Websense Web Filter version 7.1 is an English-only release.

    Expanded plaform supprt

    Websense Web Security and Websense Web Filter version 7.1 introduces support for Microsoft Windows Server 2008 (Standard, Enterprise, and Datacenter) installed in 32-bit native mode.

    This version also introduces support for Windows Active Directory 2008.

    Websense Manager

    Save All functionality has been enhanced. To ensure that changes are properly cached (or consciously abandoned), a new feature disables the Save All and View Pending Changes buttons on some Policy Management pages until you click OK or Cancel.

    Click View Complete Document for more

  • Web Security Deployment Guide (PDF)

    Deployment Guide

    Websense Web Security, Version 7.1

    Use this guide to plan your Websense software deployment before installation. The guide provides an overview of how Websense software can be deployed in a network, as well as operating system and hardware requirements.

    This guide applies to Websense Web Security and Websense Web Filter, Version 7.1.

    Websense software consists of components that work together to monitor Internet requests, log activity, apply Internet usage filters, and report on activity. Websense components can be installed together on one machine, or distributed across multiple machines. The appropriate deployment is determined by the network size and configuration, Internet request volume, hardware available, and filtering needs. This manual provides system recommendations to optimize Websense component performance. Performance can also be improved by using more powerful machines for resource-intensive components.

    Click View Complete Document for more.

  • Deployment Supplement for Very Large Enterprise Networks (PDF)

    Very Large Enterprise Network: Deployment, 25,000+ Users

    Version 7.1

    Websense software can be deployed in different configurations, depending on the size and characteristics of the network, and the organization's filtering needs. Filtering components can be installed on a single machine, or distributed across multiple machines. See the Websense Web Security and Websense Web Filter Deployment Guide for more information about the components.

    This supplement provides system and deployment recommendations for a very large enterprise network (25,000+ users). On average, very large enterprise networks have greater than 1,250 requests per second (RPS).

    Click View Complete Document for more.

  • Deployment Supplement for Distributed Enterprise Networks (PDF)

    Deploying in a Distributed Environment

    Websense Web Security, Version 7.1

    Distributed enterprise networks have many remote locations, ranging from dozens to thousands of small offices. Typically, between 5 and 50 employees work at each remote office. Many of these offices have Internet access, but no dedicated IT staff.

    Some organizations use a decentralized network topology that provides each remote office with its own Internet connection. The challenge is to apply consistent, cost effective filtering of Internet requests across the entire organization.

    Websense filtering components can be deployed regionally and communicate over the Internet to apply uniform filtering policies to hundreds of remote offices.

    Click View Complete Document for more.

  • Deployment Supplement for Enterprise Networks (PDF)

    Enterprise Network Deployment: 10,000 – 25,000 Users

    Version 7.1

    Websense software can be deployed in different configurations, depending on the size and characteristics of the network, and the organization's filtering needs. Filtering components can be installed on a single machine, or distributed across multiple machines. See the Websense Web Security and Websense Web Filter Deployment Guide for more information about the components.

    This supplement provides system and deployment recommendations for an enterprise network (10,000 – 25,000 users). On average, enterprise networks have 500 – 1,250 requests per second (RPS).

    Click View Complete Document for more.

  • Deployment Supplement for Large Networks (PDF)

    Large Network Deployment: 2,500 – 10,000 Users

    Version 7.1

    Websense software can be deployed in different configurations, depending on the size and characteristics of the network, and the organization's filtering needs. Filtering components can be installed on a single machine, or distributed across multiple machines. See the Websense Web Security and Websense Web Filter Deployment Guide for more information about the components.

    This supplement provides system and deployment recommendations for a large network (2,500 – 10,000 users). On average, large networks have between 125 and 500 requests per second (RPS).

    Click View Complete Document for more.

  • Deployment Supplement for Medium Networks (PDF)

    Medium Network Deployment: 500 – 2,500 Users

    Version 7.1

    Websense software can be deployed in different configurations, depending on the size and characteristics of the network, and the organization's filtering needs. Filtering components can be installed on a single machine, or distributed across multiple machines. See the Websense Web Security and Websense Web Filter Deployment Guide for more information about the components.

    This supplement provides system and deployment recommendations for a medium network (500 – 2,500 users). On average, medium networks have 25 – 125 requests per second (RPS).

    Click View Complete Document for more.

  • Deployment Supplement for Small Networks (PDF)

    Small Network Deployment: 1 – 500 Users

    Version 7.1

    Websense software can be deployed in different configurations, depending on the size and characteristics of the network, and the organization's filtering needs. Filtering components can be installed on a single machine, or distributed across multiple machines. See the Websense Web Security and Websense Web Filter Deployment Guide for more information about the components.

    This supplement provides system and deployment recommendations for a small network (fewer than 500 users). On average, a small network has between 1 and 25 requests per second (RPS).

    Click View Complete Document for more.

Installation

v7.8

  • Deployment and Installation Center

    Deployment and Installation Center

    Websense TRITON Solutions, v7.8.x

    The Deployment and Installation Center includes information for Websense Web Security, Data Security, and Email Security solutions and applies to both software and V-Series Appliance-based modules and components.

    New graphical launch pages help to guide you to just the information you need.

    Use the Deployment and Installation Center to find:

    • Hardware and software requirements
    • Deployment planning guidelines
    • Installation instructions (including start-to-finish guides in PDF format)
    • Upgrade instructions (including start-to-finish guides in PDF format)
    • Initial configuration tips
    • Reference information

     

    Click View Complete Document for more.

  • Install Web Security Gateway

    Installation Instructions

    Websense TRITON Web Security Gateway, v7.8.x

    Complete, start-to-finish instructions for installing Web Security Gateway on Windows or Linux servers, or Websense appliances in PDF format.

    The document includes preparatory steps, installation, and initial configuration instructions.

    Click View Complete Document for more.

  • Upgrade Web Security Gateway

    Upgrade Instructions

    Websense TRITON Web Security Gateway

    Find instructions for upgrading Web Security Gateway server components (Windows, Linux, or appliance) from v7.7.x to v7.8.x.

    The document includes preparatory steps (including backup), upgrade, and post-upgrade configuration instructions.

    Click View Complete Document for more.

  • Web Security Component Ports

    Web Security Component Default Ports

    Versions 7.5 - 7.8

    This paper identifies the default ports used by Websense Web Security components, including Content Gateway and the interoperability components used to communicate with Websense Data Security and, in Websense Web Security Gateway Anywhere deployments, the hybrid service.

    In most cases, the default ports, which are assigned automatically during installation, never need to be changed. If you do need to change a port:

    • Use the Log Server Configuration utility (v7.5 or v7.6) or Settings > Reporting > Log Server page (v7.7 and later) to change the Log Server port.

    • Use the Web Security manager to configure communication with Log Server if the port has changed, and to change port information for transparent identification agents (DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent).

    If you need to change ports for other services, this can be done in the initialization (INI) file for the component. Given dependencies between components, the change may need to be made in multiple files.

    Click View Complete Document for more.

v7.7

  • Upgrade Center

    Upgrade Center

    Websense Security Solutions, v7.x

    Use the Upgrade Center to find information to help you create an upgrade plan, prepare your environment for upgrade, and carry out a successful upgrade. The Upgrade Center provides information for upgrading:

    • * Web Security software, v7.x
    • * V-Series appliances
    • * Data Security software, v7.x
    • * Older versions of Websense software

    Click View Complete Document for more.

  • Deployment and Installation Center

    Deployment and Installation Center

    Websense TRITON Solutions, v7.7

    The Deployment and Installation Center includes information for Websense Web Security, Data Security, and Email Security solutions and applies to both software and V-Series Appliance-based modules and components.

    Use the Deployment and Installation Center to find:

    * Hardware and software requirements
    * Deployment planning guidelines
    * Installation instructions
    * Upgrade instructions
    * Initial configuration tips
    * Reference information

    Click View Complete Document for more.

v7.6

  • Deployment and Installation Center

    Deployment and Installation Center

    Version 7.6

    Find deployment planning, installation, and upgrade information and instructions for the following Websense Web Security solutions:

    • * Web Filter v7.6
    • * Web Security v7.6
    • * Web Security Gateway v7.6
    • * Web Security Gateway Anywhere v7.6

    Deployment scenarios are offered for both appliance and software-based deployments.

    If you are planning a deployment, it is recommended you start at the main topic for your deployment scenario. On the main page for a scenario, you can access deployment guidelines, installation instructions, and initial configuration instructions for that scenario.

    Click View Complete Document for more

  • Upgrade Center

    Upgrade Center

    Websense Security Solutions, v7.x

    Use the Upgrade Center to find information to help you create an upgrade plan, prepare your environment for upgrade, and carry out a successful upgrade. The Upgrade Center provides information for upgrading:

    • * Web Security software, v7.x
    • * V-Series appliances
    • * Data Security software, v7.x
    • * Older versions of Websense software

    Click View Complete Document for more.

v7.5.5

  • Websense Content Gateway Release Notes

     

    How do I get the patch files?

    Go to MyWebsense.com and log in.

    Then choose the Downloads tab, and Websense Web Security Gateway.

    Data Security Integration

    Websense Content Gateway v7.5.5 is compatible with all v7.5 versions of the Data Security Management Server, including v7.5.3 and later, but Websense recommends that customers upgrade to Data Security v7.5.3 prior to upgrading to Content Gateway v7.5.5.

    Websense Content Gateway v7.5.5 can now be integrated with Policy Engine v7.5.9 or later.

  • Websense Content Gateway v7.5.0 to v7.5.x Upgrade Procedure

    The installer for Websense Content Gateway handles software only version upgrades. You can:

    - Upgrade an installed v7.5.x proxy with a different v7.5.x version.

    - Re-install a v7.5.x proxy

     

v7.5

  • Installation Organizer

    Installation Organizer

    Version 7.5

    An installation organizer is a checklist to help you gather hardware, network, and deployment information necessary to install a product. This document contains several organizers to help you prepare to install and configure all Websense Web security solutions: Websense Web Filter, Web Security, Web Security Gateway, or Web Security Gateway Anywere. Complete only the organizers that apply.

    WARNING: There are items in this document involving user account passwords. If you note passwords here, you must keep this document secure. Alternatively, consider not writing passwords in this document. Instead, write down only domain/user names and simply have the passwords ready when needed during the installation process.

    Use this completed organizer as an aid while following instructions in the Websense Web Security Gateway Anywhere Getting Started Guide, Websense Web Security/Websense Web Filter Installation Guide, and Websense Content Gateway Installation Guide. Do not use this organizer in place of the instructions in these guides.

    Click View Complete Document for more.

  • Web Security Installation Guide

    Installation Guide

    Version 7.5

    Installation and setup information in this guide applies to both Websense Web Security and Websense Web Filter.

    Instructions are included for downloading and extracting installation files, and starting and running the installer.

    This guide also includes instructions for:

    * Installing individual components
    * Configuring Stealth Mode
    * Planning for Reporting
    * Troubleshooting

    Websense software can be integrated with your firewall, proxy server, caching application, or network appliance (such third-party products are referred to as integration products). Or it can run without an integration (referred to as a stand-alone installation or deployment).

    Click View Complete Document for more.

  • Content Gateway Installation Guide

    Websense Content Gateway, v7.5

    Installation Guide

    Prerequisites and Preparation

    Before you install Content Gateway, consider:

    System security. Your network can carry sensitive data. SSL Manager lets you have data decrypted and then re-encrypted on the way to its destination. Consider locking down your system as much as possible to prevent others from seeing your data.

    Network configuration. Content Gateway can run as an explicit proxy (where browsers point to Content Gateway), or a transparent proxy (where traffic is redirected through a WCCP-enabled router or a Layer 4 switch in your network and the ARM, Adaptive Redirection Module, feature of Content Gateway).

    Content Gateway can proxy HTTP, HTTPS, FTP, and other protocols. To transparently proxy protocols other than HTTP through a WCCP-enabled router, the router must use WCCP v2, which supports redirection of multiple protocols.

    System requirements. Ensure that your system meets the minimum requirements listed in the System requirements section.

    Click View Complete Document for more.

  • Web Security Component Ports

    Web Security Component Default Ports

    Versions 7.5 - 7.8

    This paper identifies the default ports used by Websense Web Security components, including Content Gateway and the interoperability components used to communicate with Websense Data Security and, in Websense Web Security Gateway Anywhere deployments, the hybrid service.

    In most cases, the default ports, which are assigned automatically during installation, never need to be changed. If you do need to change a port:

    • Use the Log Server Configuration utility (v7.5 or v7.6) or Settings > Reporting > Log Server page (v7.7 and later) to change the Log Server port.

    • Use the Web Security manager to configure communication with Log Server if the port has changed, and to change port information for transparent identification agents (DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent).

    If you need to change ports for other services, this can be done in the initialization (INI) file for the component. Given dependencies between components, the change may need to be made in multiple files.

    Click View Complete Document for more.

  • Web Security Upgrade Guide

    Upgrading Websense Web Security or Web Filter

    Version 7.5

    An upgrade is performed by running the Websense Web Security/Websense Web Filter 7.5 installer (Websense installer) on a machine with previous-version Websense components installed. The installer detects the presence of the components and upgrades them (with the exception of Remote Filtering Client) to the current version. For instructions on upgrading Remote Filtering Client, see the Remote Filtering Software technical paper.

    Versions 7.x of Websense Web Security or Websense Web Filter may be directly upgraded to version 7.5.

    New features for version 7.5 are described in the Release Notes for Websense Web Security and Websense Web Filter, Version 7.5. Information specific to this release is also available in the Upgrading User Quick Start tutorial, accessible from within TRITON - Web Security (which replaces Websense Manager) once it is installed.

    This supplement provides an overview of the upgrade process.

    Click View Complete Document for more.

  • Check Point Installation Supplement

    Installation Supplement for Check Point Integrations

    Version 7.5

    This supplement to the Websense Web Security and Websense Web Filter Installation Guide provides information specific to integrating Websense software with Check Point® products. For general installation instructions, refer to the Installation Guide.

    An integration with a Check Point product works with Websense components as follows:

    * Filtering Service: Interacts with the Check Point product and Network Agent to filter Internet requests.
    * Network Agent: Manages Internet protocols that are not managed by the Check Point product.

    IMPORTANT: Do not install Network Agent on the Check Point machine.

    Click View Complete Document for more.

  • Cisco Installation Supplement

    Installation Supplement for Cisco Integrations

    Version 7.5

    This supplement to the Websense Web Security and Websense Web Filter Installation Guide provides information specific to integrating Websense software with Cisco® Adaptive Security Appliance (ASA), Cisco PIX® Firewall, Cisco IOS routers, and Cisco Content Engine. For general installation instructions, refer to the Installation Guide.

    Integrating Websense software with a Cisco product involves the following components:

    * Filtering Service: The integrated Cisco product and Network Agent work with Filtering Service to filter Internet requests. For redundancy, two or more instances of Filtering Service may be used. Only one instance will be active at any given time—referred to as the primary server. URL look-up requests will be sent only to the primary server. For more information see the configuration chapter, in this supplement, for your Cisco product. Also see Cisco documentation for detailed explanations of configuration commands.
    * Network Agent: Manages Internet protocols that are not managed by your integrated Cisco product.
    If Network Agent is installed, you must define the IP addresses of all proxy servers through which computers route their Internet requests. See Network Configuration in the TRITON - Web Security Help for instructions.

    Click View Complete Document for more.

  • Citrix Installation Supplement

    Installation Supplement for Citrix Integrations

    Version 7.5

    This supplement to the Websense Web Security and Websense Web Filter nstallation Guide provides information specific to integrating Websense software with Citrix® MetaFrame® Presentation Server, Presentation Server™, or XenApp™. For general installation instructions, refer to the Installation Guide.

    Integrating Websense software with a Citrix product involves the following components:

    * Websense Citrix Integration Service: The Integration Service must be installed on each Citrix server to allow that server to communicate with Websense Filtering Service.
    * Websense Network Agent: Manages Internet protocols that are not managed by your Citrix server integration. It can also detect HTTP network activity and instruct Filtering Service to log this information.

    Click View Complete Document for more.

  • Microsoft Installation Supplement

    Installation Supplement for Microsoft ISA Server or Forefront TMG Integrations

    Version 7.5

    This supplement to the Websense Web Security and Websense Web Filter Installation Guide provides information specific to integrating Websense software with Microsoft® Internet Security and Acceleration (ISA) Server and Forefront™ Threat Management Gateway (TMG). Refer to the Installation Guide as your primary source of installation instructions. Only additional or alternate steps required to integrate Websense software with ISA/TMG are provided here.

    An integration with ISA/TMG affects the following Websense components:

    * Websense ISAPI Filter plug-in: This additional Websense component is installed on the machine running ISA/TMG. The ISAPI Filter plug-in configures ISA/TMG to communicate with Websense Filtering Service.
    * Websense Filtering Service: Interacts with ISA/TMG and Websense Network Agent to filter Internet requests. Filtering Service either permits the Internet request or sends an appropriate block message to the user.

    Click View Complete Document for more.

  • Squid Installation Supplement

    Installation Supplement for Squid Web Proxy Cache Integrations

    Version 7.5

    This supplement provides additional information for installing and configuring Websense Web Security or Websense Web Filter with Squid Web Proxy Cache. See the Websense Web Security and Websense Web Filter Installation Guide for complete Websense software installation instructions.

    When Websense software is integrated with Squid Web Proxy Cache, the following components are configured differently than in a stand-alone installation:

    * Websense Squid plug-in must be installed on each Squid Web Proxy Cache machine (Squid machine) to allow Squid Web Proxy Cache to communicate with Filtering Service.
    * Websense Network Agent is configured to manage only the Internet protocols not managed by Squid Web Proxy Cache (e.g., instant messaging, streaming media, peer-to-peer).

    Click View Complete Document for more.

  • Universal Integrations Installation Supplement

    Installation Supplement for Universal Integrations

    Version 7.5

    This supplement to the Websense Web Security and Websense Web Filter Installation Guide provides information specific to integrating Websense software with your firewall, proxy server, caching application, or network appliance (referred to as the "integration product"). For general installation instructions, refer to the Installation Guide.

    Separate installation supplements are available for these specific integration products or vendors:

    * Check Point®
    * Cisco®
    * Citrix®
    * Microsoft® Internet Security and Acceleration (ISA) Server or Forefront TMG
    * Squid Web Proxy Cache

    If your integration product is not listed here, go to:

    www.websense.com/global/en/Partners/TAPartners/SecurityEcosystem/

    Check the list of Technology Partners to see if Websense software supports an integration with your firewall, proxy server, caching application, or network appliance. If your integration product is listed, that product has been specifically enhanced to integrate with Websense software.

    Click View Complete Document for more.

v7.1

  • Installation Guide - Standalone (PDF)

    Installation Guide (Standalone)

    v7.1

    Installation and setup information in this guide applies to both Websense Web Security and Websense Web Filter.

    Instructions are included for downloading and extracting installation files, and starting and running the installer.

    This guide also includes instructions for:

    -Installing individual components
    -Configuring Stealth Mode
    -Planning for Reporting in Windows
    -Troubleshooting
    -Contacting Technical Support

    Click View Complete Document for more.

  • Installation Guide - Cisco Supplement (PDF)

    Installation Guide Supplement for use with Integrated Cisco Products

    v7.1

    This supplement to the Websense Web Security and Websense Web Filter Installation Guide provides information specific to integrating Websense software with Cisco® Adaptive Security Appliance (ASA), Cisco PIX® Firewall, Cisco IOS routers, and Cisco Content Engine. For general installation instructions, refer to the Installation Guide.

    Integrating Websense software with a Cisco product involves the following components:

    -Filtering Service: The integrated Cisco product and Network Agent work with Filtering Service to filter Internet requests.
    -Network Agent: Manages Internet protocols that are not managed by your integrated Cisco product.
    If Network Agent is installed, you must define the IP addresses of all proxy servers through which computers route their Internet requests. See Network Configuration in the Websense Manager Help for instructions.
    -Configure your Cisco integration: You must direct Internet requests through your Cisco integration product, and configure it for use with Websense software.
    -User authentication: To work properly, Filtering Service must be installed in the same domain (Windows), or the same root context (LDAP), as Cisco Secure ACS.
    If you are using DC Agent and manual authentication, this configuration is not necessary.

    Click View Complete Document for more.

  • Installation Guide - Squid Supplement (PDF)

    Installation Guide Supplement for use with Squid Web Proxy Cache

    v7.1

    This supplement provides additional information for installing and configuring Websense® Web Security or Websense Web Filter with the Squid Web Proxy Cache. See the Installation Guide for complete Websense software installation instructions.

    When Websense software is integrated with Squid, the following components are configured differently than in a stand-alone installation:

    -Websense Filtering plug-in for Squid must be installed on each Squid Web Proxy Cache machine to allow the Squid Web Proxy Cache to communicate with Filtering Service.
    -Network Agent is configured to manage only the Internet protocols not managed by the Squid Web Proxy Cache.
    If you plan to use Network Agent to filter non-HTTP protocols or perform logging, you can install Network Agent on the same machine as Squid Web Proxy Cache to ensure traffic visibility. Having Network Agent on the same machine as Squid eliminates the need to configure port-forwarding or port-mirroring on a switch to provide the necessary visibility.

    Click View Complete Document for more.

  • Installation Guide - NetCache Supplement (PDF)

    Installation Guide Supplement for use with NetCache

    v7.1

    This supplement to the Websense Web Security and Websense Web Filter Installation Guide provides information specific to integrating Websense software with a NetCache Web proxy cache. For general installation instructions, refer to the Installation Guide.

    An integration with NetCache affects the following Websense components:

    -Websense NetCache Service: This additional Websense component is installed with Filtering Service. This service is an ICAP server that enables NetCache to communicate with Filtering Service.
    -Filtering Service: Interacts with NetCache and Network Agent to filter Internet requests. Filtering Service either permits the Internet request or sends an appropriate block message to the user.

    After installing your Websense software, you must configure NetCache to communicate with Websense NetCache Service. This Websense service may also require configuration. See Chapter 2: Configuring NetCache for instructions.

    Click View Complete Document for more.

  • Installation Guide - Microsoft ISA Server Supplement (PDF)

    Installation Guide Supplement for use wth Microsoft ISA Server

    v7.1

    This supplement to the Websense Web Security and Websense Web Filter Installation Guide provides information specific to integrating Websense software with Microsoft® Internet Security and Acceleration (ISA) Server. For general installation instructions, refer to the Installation Guide.

    An integration with Microsoft ISA Server affects the following Websense components:

    -ISAPI Filter plug-in: This additional Websense component is installed on the machine running ISA Server. The Websense ISAPI Filter configures ISA Server to communicate with Filtering Service.
    -Filtering Service: Interacts with ISA Server and Network Agent to filter Internet requests. Filtering Service either permits the Internet request or sends an appropriate block message to the user.
    After the Filtering Service is installed, the ISAPI Filter must be installed on every ISA Server machine in your network.
    If Websense software is installed on the same machine as ISA Server, the Websense ISAPI Filter must be installed on that machine at the same time.
    -Network Agent: Internet protocols that are not managed by the ISA Server are managed by Network Agent. It can detect HTTP network activity and instruct the Filtering Service to log this information.
    -Transparent identification agents: Generally, ISA Server provides user authentication information for Websense software. If ISA Server is not configured to provide user information to Websense software, install the appropriate Websense transparent identification agent. See the Deployment Guide or Transparent Identification of Users technical paper for more information about these agents.

    If your environment includes an array of ISA Server machines, the preferred configuration is to install Websense software on a machine outside of the array.

    Click View Complete Document for more.

  • Installation Guide - Check Point Supplement (PDF)

    Installation Guide Supplement for use with Integrated Check Point Products

    v7.1

    This supplement to the Websense Web Security and Websense Web Filter Installation Guide provides information specific to integrating Websense software with Check Point® products. For general installation instructions, refer to the Installation Guide.

    An integration with a Check Point product works with Websense components as follows:

    -Filtering Service: Interacts with the Check Point product and Network Agent to filter Internet requests.
    -Network Agent: Manages Internet protocols that are not managed by the Check Point product.

    Click View Complete Document for more.

  • Installation Guide - Citrix Supplement (PDF)

    Installation Guide Supplement for use with Integrated Citrix Servers

    v7.1

    This supplement to the Websense Web Security and Websense Web Filter Installation Guide provides information specific to integrating Websense software with the Citrix® MetaFrame® Presentation Server or Citrix Presentation Server™. For general installation instructions, refer to the Installation Guide.

    Integrating Websense software with a Citrix product involves the following components:

    -Websense Citrix Integration Service: The Integration Service must be installed on each Citrix server to allow that server to communicate with Websense Filtering Service.

    -Network Agent: Manages Internet protocols that are not managed by your Citrix server integration. It can also detect HTTP network activity and instruct Filtering Service to log this information.

    Click View Complete Document for more.

Configuration and Management

v7.8

  • TRITON console Help

    TRITON Unified Security Center Help

    Version 7.8

    The TRITON Unified Security Center is a single, browser-based console that provides a central, graphical interface to the general configuration, policy management, and reporting functions of your Websense software.

    From the TRITON console, you can access some or all of the following modules, depending on your subscription:

    • Web Security works in conjunction with integration devices (including proxy servers, firewalls, routers, and caching appliances) and enables you to develop, monitor, and enforce Internet access policies
    • Data Security protects organizations from information leaks and data loss both at the perimeter and inside the organization
    • Email Security protects your organization against the threats of malware, spam, and other unwanted content in email traffic

    Click View Complete Document for more.

  • Web Security Help

    Web Security Help

    Version 7.8.x

    This guide provides detailed instructions for using the Web Security manager to configure your Websense software, create Internet security policies, manage clients, run reports, and more. It also includes contextual and troubleshooting information to help you verify and optimize your deployment. Topics include:

    First steps Initial solutions
    Working in the Web Security manager
    Your subscription
    The Websense Master Database
    Websense product components
    Installation and subscription issues
    Master Database issues
    Troubleshooting tools
    Start policy enforcement Enforcement solutions
    Managing access to categories and protocols
    Adding a client
    Working with policies
    Creating exceptions to policies
    Policy enforcement issues
    Network Agent issues
    User identification issues
    Block message issues

    Click View Complete Document for more.

  • Content Gateway Help

    Content Gateway Help

    Version 7.8.x

    Websense Content Gateway is the web proxy component of the Websense Web Security Gateway and Web Security Gateway Anywhere solutions.

    Content Gateway is a high-performance web proxy that works in combination with Websense Web Security to protect users and networks from malicious and unwanted content by performing advanced content analysis precisely when it is needed—as the content flows through the proxy—using the results of analysis to apply appropriate Web Security policy. This on-demand analysis protects users and networks at the same time that it makes dynamic websites safe for your organization and users.

    The precise application of content analysis is configured by the administrator for each Web Security Gateway deployment.

    Content Gateway can also function as a high-performance web proxy cache that improves network efficiency and performance by caching frequently accessed information at the edge of the network. This brings content physically closer to end users for faster delivery and reduced bandwidth usage.

    Content Gateway includes a full set of web proxy features.

    Click View Complete Document for more.

  • Web Security FAQ

    Web Security Frequently Asked Questions

    Websense Web Security Solutions, v7.7 and 7.8

    Provides answers to questions including:

    • How is a policy assigned to a request?
    • How do I know which policy is being applied to a client's requests?
    • What do I do when the wrong policy being applied to requests?
    • How do keywords and regular expressions work?
    • Can I exclude specific traffic from logging?
    • How do I create exceptions and how do they work?
    • How do I create Web Security policies?
    • How do block pages work?
    • Can I customize block pages for my organization?
    • How is quota time configured and used?
    • What are filters, and how do they work?
    • What are custom URLs, and how do they work?
    • How do I back up and restore my Web Security policy and configuration data?
    • What is my subscription level and what happens if it's exceeded?

    Click View Complete Document for more.

  • Content Gateway FAQ

    Frequently Asked Questions

    Content Gateway version 7.x

    A collection of articles that answer common configuration and maintenance questions, including:

    • How do I configure IPTables to harden the Content Gateway host system?
    • How do I ensure that Content Gateway is properly identified in the network?
    • Which Web browsers provide the best user experience with Content Gateway?
    • How do I backup and restore the SSL Incident List?

    Click View Complete Document for more.

  • Security Information Event Management (SIEM)

    Security Information Event Management (SIEM)

    Websense Web Security Solutions

    Versions 7.6 - 7.8

    Alert messages keep your system administrator informed about significant events in your Websense system and in your network as they happen. Unlike reporting, which tracks trends over time, alerting provides a quick look at events that determine the health of your Websense software or V-Series appliances.

    This paper focuses both on alerts sent via SNMP traps and (v7.7 and later) SIEM integration to forward Web Security logging data to third-party SIEM products.

    SNMP alerting is available for:

    • Websense Web Filter and Web Security
    • Websense Web Security Gateway and Gateway Anywhere
    • Websense V-Series appliance

    In addition, in v7.7 and later, SIEM integration for logging data is available for all Websense Web Security solutions.

    Click View Complete Document for more. 

     

  • Managing Policy Broker Replication

    Managing Policy Broker Replication

    Websense Web Security Solutions

    Version 7.8.x

    Websense Policy Broker is responsible for managing access to both policy data (including clients, filters, and filter components) and global settings.

    Starting in version 7.8.1, you have the option to deploy Policy Broker in either a standalone or replicated configuration.

    In a standalone configuration, there is one Policy Broker for the entire deployment, as in v7.7.x and earlier.

    In a replicated configuration, there is one primary Policy Broker, to which configuration and policy changes are saved, and one or more replica instances, each with their own read-only copy of the configuration and policy data.

    Click View Complete Document for more.

  • Using Logon Agent for Transparent User Identification

    Using Logon Agent for Transparent User Identification

    Websense Web Security Solutions

    Version 7.8

    Websense Logon Agent (also called Authentication Server) identifies users in real time, as they log on to domains. Logon Agent works with the Websense logon application (LogonApp.exe), which runs on Windows client machines.

    This collection includes the following articles to help you understand how Logon Agent works, configure Logon Agent, deploy the logon application, and troubleshoot user identification issues.

    • How Logon Agent identifies users
    • Components used for transparent identification with Logon Agent
    • Logon Agent deployment
    • Configuring Logon Agent settings in the Web Security manager
    • Logon application Windows deployment
    • Logon application Mac deployment
    • Configuring Logon Agent to ignore certain user names
    • Custom configuration for a Logon Agent instance
    • Logon Agent troubleshooting

    Click View Complete Document for more.

  • Using DC Agent for Transparent User Identification

    Using DC Agent for Transparent User Identification

    Websense Web Security Solutions

    Versions 7.7 and 7.8

    If your organization uses Microsoft Windows Active Directory, you can use Websense DC Agent to identify users transparently. The agent periodically queries domain controllers for logon session information, and can be configured to poll client machines to verify logon status.

    This collection includes the following articles to help you understand how to deploy, configure, and use DC Agent.

    • How DC Agent identifies users
    • Components used for transparent identification with DC Agent
    • DC Agent deployment overview
    • Configuring DC Agent settings in the Web Security manager
    • Configuring DC Agent to ignore certain user names
    • Custom configuration for a DC Agent instance

    Click View Complete Document for more.

  • Remote Filtering Software

    Remote Filtering Software

    Versions 7.7 and 7.8

    Deploy Websense remote filtering software to manage Internet requests from machines outside the network. By default, remote filtering software manages HTTP, HTTPS, and FTP traffic.

    Remote filtering software is an optional feature, available to Websense Web Filter, Websense Web Security, Websense Web Security Gateway, and Websense Web Security Gateway Anywhere customers.

    NOTE: In Websense Web Security Gateway Anywhere deployments, the hybrid (cloud) service can also be used to manage Internet requests from users outside the network.

    Remote filtering software includes the following components:

    • Remote Filtering Client is installed on each machine that will receive Web Security policy enforcement when used outside the network. This client is configured to communicate with the Remote Filtering Server.
    • Remote Filtering Server resides inside your firewall, and acts as a proxy to Websense Filtering Service.

    Click View Complete Document for more.

  • Using RADIUS Agent for Transparent User Identification

    Using RADIUS Agent for Transparent User Identification

    Websense Web Security Solutions

    Verisons 7.7 and 7.8

    Websense RADIUS Agent works together with the RADIUS server and RADIUS clients in your network to process and track Remote Access Dial-In User Service (RADIUS) traffic.

    Websense RADIUS Agent enables Websense filtering software to transparently identify users who access your network using a dial-up, Virtual Private Network (VPN), Digital Subscriber Line (DSL), or other remote connection (depending on your configuration).

    This collection includes the following articles to help you understand how RADIUS Agent works, configure RADIUS Agent, and troubleshoot user identification issues.

    • Processing RADIUS traffic
    • Components used for transparent identification with RADIUS Agent
    • RADIUS Agent deployment and configuration
    • RADIUS Agent troubleshooting

    Click View Complete Document for more.

  • Using eDirectory Agent for Transparent User Identification

    Using eDirectory Agent for Transparent User Identification

    Websense Web Security Solutions

    Versions 7.7 and 7.8

    Websense eDirectory Agent works with Novell eDirectory to transparently identify users so that Websense software can enforce policies assigned to particular users or groups.

    This collection includes the following articles to help you understand how eDirectory Agent works, configure eDirectory Agent, and troubleshoot user identification issues.

    • How eDirectory Agent works
    • Novell eDirectory server replication
    • eDirectory Agent user identification process
    • Components used for transparent identification with eDirectory Agent
    • Deploying and configuring eDirectory Agent
    • eDirectory Agent troubleshooting

    Click View Complete Document for more.

  • Delegated Administration Quick Start

    Delegated Administration Quick Start

    Websense Web Security Solutions, v7.6 - v7.8

    Delegated administration is a powerful tool for distributing filtering and reporting responsibilities across an organization.

    A Global Security Administrator creates accounts and grants them access to one or more TRITON console modules.

    Within the Web Security manager, Super Administrators can then grant policy management privileges, reporting rights, or both to delegated administrators, who can then manage or report on Internet usage for specific clients (users, groups, computers, or networks). Super Administrators can also:

    • Create a set of master restrictions that limit the Internet access that delegated administrators can provide.
    • Send copies of policies and filters that they have created to delegated administrators, who can use these policies as templates for creating policies and filters to apply to their clients.

    Click View Complete Document for more.

  • New Admin Quick Start

    New Admin Quick Start

    Websense Web Security Solutions, v7.8.x

    Use this Quick Start tutorial to learn the basics of policy management and reporting with Websense Web Security solutions. The tutorial is made up of a series of short lessons, divided into 4 sections:

    * Initial Setup
    * Navigation Tips
    * Policy Management
    * Reporting

    Each lesson requires between 5 and 10 minutes to complete.

    Click View Complete Document for more.

  • Backup and Restore FAQ

    Backup and Restore FAQ

    Websense TRITON Enterprise, v7.6.x - 7.8.x

    You can back up each module (TRITON Infrastructure, Web Security, Data Security, Email Security) of your Websense TRITON solution, and revert to a previous configuration if required. Data saved by the backup process can also be used to transfer configuration settings to a different machine or appliance.

    When backing up a TRITON management server, note that there are separate backup processes for the TRITON infrastructure component and each TRITON module. As a best practice, synchronize the backup of your TRITON modules with the TRITON infrastructure backup.

    • How do I back up and restore the TRITON infrastructure?
    • How do I back up and restore V-Series appliances?
    • How do I back up and restore Web Security software?
    • How do I back up and restore Websense Content Gateway?
    • How do I back up and restore Data Security software?
    • How do I back up and restore Email Security off-appliance components?
    • Important tips for backing up or restoring both Web Security and the TRITON console
    • How do I back up or restore multiple Web Security Gateway appliances?

    Click View Complete Document for more.

  • Web Security Component Ports

    Web Security Component Default Ports

    Versions 7.5 - 7.8

    This paper identifies the default ports used by Websense Web Security components, including Content Gateway and the interoperability components used to communicate with Websense Data Security and, in Websense Web Security Gateway Anywhere deployments, the hybrid service.

    In most cases, the default ports, which are assigned automatically during installation, never need to be changed. If you do need to change a port:

    • Use the Log Server Configuration utility (v7.5 or v7.6) or Settings > Reporting > Log Server page (v7.7 and later) to change the Log Server port.

    • Use the Web Security manager to configure communication with Log Server if the port has changed, and to change port information for transparent identification agents (DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent).

    If you need to change ports for other services, this can be done in the initialization (INI) file for the component. Given dependencies between components, the change may need to be made in multiple files.

    Click View Complete Document for more.

  • SSL Certificate Verification Engine

    Content Gateway SSL Certificate Verification

    Version 7.8.x

    The Websense Web Security Gateway proxy component – Content Gateway – can be configured to manage HTTPS (SSL/TLS) connections, and perform decryption, analysis of content, and re-encryption.

    This paper describes the most effective use of the Certificate Verification Engine. The Certificate Verification Engine is responsible for SSL/TLS certificate validation. It should be configured to ensure that only those connections that meet with your organization’s IT security requirements for certificate verification are allowed.

    Click View Complete Document for more.

  • PAC File Best Practices

    PAC File Best Practices with Web Security Gateway and Web Security Gateway Anywhere

    Versions 7.x

    This article examines Proxy Auto-Configuration (PAC) files and their use and best practices with Websense Web Security Gateway and Web Security Gateway Anywhere (hybrid Web filtering).

    Topics include:

    • What is a PAC file?
    • How is a PAC file consumed?
    • Using a PAC file with Web Security Gateway
    • Using a PAC file with Web Security Gateway Anywhere
    • Sample PAC file
    • PAC file best practices

    Click View Complete Document for more.

v7.7.3

  • Content Gateway Help

    Content Gateway Help

    Version 7.7.3

    Websense Content Gateway is the Web proxy component of the Websense Web Security Gateway and Web Security Gateway Anywhere solutions.

    Content Gateway is a high-performance Web proxy that works in combination with Websense Web Security to protect users and networks from malicious and unwanted content by performing advanced content analysis precisely when it is needed—as the content flows through the proxy—using the results of analysis to apply appropriate Web Security policy. This on-demand analysis protects users and networks at the same time that it makes dynamic Web sites safe for your organization and users.

    The precise application of content analysis is configured by the administrator for each Web Security Gateway deployment.

    Content Gateway can also function as a high-performance Web proxy cache that improves network efficiency and performance by caching frequently accessed information at the edge of the network. This brings content physically closer to end users for faster delivery and reduced bandwidth usage.

    Content Gateway includes a full set of Web proxy features.

    Click View Complete Document for more.

     

  • SSL Manager Certificate Verification Engine

    SSL Manager Certificate Verification

    Version 7.7.x

    The Websense® Web Security Gateway proxy component – Content Gateway – includes a feature called SSL Manager. SSL Manager oversees SSL and TLS (HTTPS) connections, decryption, analysis of content, and re-encryption.

    This article describes the most effective use of the Certificate Verification Engine, a sub-component of SSL Manager. The Certificate Verification Engine ensures that only those connections that comply with your organization’s IT security requirements for certificate verification are allowed.

    Click View Complete Document for more.

v7.7

  • TRITON Console Help

    TRITON Unified Security Center Help

    Version 7.7

    The TRITON Unified Security Center is a single, browser-based console that provides a central, graphical interface to the general configuration, policy management, and reporting functions of your Websense software.

    From the TRITON console, you can access some or all of the following modules, depending on your subscription:

    • * TRITON - Web Security works in conjunction with integration devices (including proxy servers, firewalls, routers, and caching appliances) and enables you to develop, monitor, and enforce Internet access policies
    • * TRITON - Data Security protects organizations from information leaks and data loss both at the perimeter and inside the organization
    • * TRITON - Email Security protects your organization against the threats of malware, spam, and other unwanted content in email traffic

    Click View Complete Document for more.

  • TRITON - Web Security Help

    TRITON - Web Security Help

    Version 7.7

    This guide provides detailed instructions for using TRITON - Web Security to configure your Websense software, create Internet security policies, manage clients, run reports, and more. It also includes contextual and troubleshooting information to help you verify and optimize your deployment. Topics include:

    First steps Initial solutions
    Working in TRITON - Web Security
    Your subscription
    The Websense Master Database
    Websense product components
    Installation and subscription issues
    Master Database issues
    Troubleshooting tools
     
    Start filtering Filtering solutions
    Filtering categories and protocols
    Adding a client
    Working with policies
    Creating exceptions to policies
    Filtering issues
    Network Agent issues
    User identification issues
    Block message issues

    Click View Complete Document for more.

  • Content Gateway Help

    Content Gateway Help

    Version 7.7

    Websense Content Gateway is the Web proxy component of the Websense Web Security Gateway and Websense Web Security Gateway Anywhere solutions.

    Content Gateway is a high-performance Web proxy that works in combination with Websense Web Security to protect users and networks from malicious and unwanted content by performing advanced content analysis precisely when it is needed—as the content flows through the proxy—using the results of analysis to apply appropriate Web Security policy. This on-demand analysis protects users and networks at the same time that it makes dynamic, Web 2.0 sites safe for your organization and users.

    The precise application of content analysis is configured by the administrator for each Web Security Gateway deployment.

    Content Gateway can also function as a high-performance Web proxy cache that improves network efficiency and performance by caching frequently accessed information at the edge of the network. This brings content physically closer to end users for faster delivery and reduced bandwidth usage.

    Click View Complete Document for more.

  • Web Security Component Ports

    Web Security Component Default Ports

    Versions 7.5 - 7.8

    This paper identifies the default ports used by Websense Web Security components, including Content Gateway and the interoperability components used to communicate with Websense Data Security and, in Websense Web Security Gateway Anywhere deployments, the hybrid service.

    In most cases, the default ports, which are assigned automatically during installation, never need to be changed. If you do need to change a port:

    • Use the Log Server Configuration utility (v7.5 or v7.6) or Settings > Reporting > Log Server page (v7.7 and later) to change the Log Server port.

    • Use the Web Security manager to configure communication with Log Server if the port has changed, and to change port information for transparent identification agents (DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent).

    If you need to change ports for other services, this can be done in the initialization (INI) file for the component. Given dependencies between components, the change may need to be made in multiple files.

    Click View Complete Document for more.

  • Web Security FAQ

    Web Security Frequently Asked Questions

    Websense Web Security Solutions, v7.7 and 7.8

    Provides answers to questions including:

    • How is a policy assigned to a request?
    • How do I know which policy is being applied to a client's requests?
    • What do I do when the wrong policy being applied to requests?
    • How do keywords and regular expressions work?
    • Can I exclude specific traffic from logging?
    • How do I create exceptions and how do they work?
    • How do I create Web Security policies?
    • How do block pages work?
    • Can I customize block pages for my organization?
    • How is quota time configured and used?
    • What are filters, and how do they work?
    • What are custom URLs, and how do they work?
    • How do I back up and restore my Web Security policy and configuration data?
    • What is my subscription level and what happens if it's exceeded?

    Click View Complete Document for more.

  • Content Gateway FAQ

    Frequently Asked Questions

    Content Gateway version 7.x

    A collection of articles that answer common configuration and maintenance questions, including:

    • How do I configure IPTables to harden the Content Gateway host system?
    • How do I ensure that Content Gateway is properly identified in the network?
    • Which Web browsers provide the best user experience with Content Gateway?
    • How do I backup and restore the SSL Incident List?

    Click View Complete Document for more.

  • SSL Manager Certificate Verification Engine

    SSL Manager Certificate Verification

    Version 7.7.x

    The Websense® Web Security Gateway proxy component – Content Gateway – includes a feature called SSL Manager. SSL Manager oversees SSL and TLS (HTTPS) connections, decryption, analysis of content, and re-encryption.

    This article describes the most effective use of the Certificate Verification Engine, a sub-component of SSL Manager. The Certificate Verification Engine ensures that only those connections that comply with your organization’s IT security requirements for certificate verification are allowed.

    Click View Complete Document for more.

  • Using Logon Agent for Transparent User Identification

    Using Logon Agent for Transparent User Identification

    Websense Web Security Solutions

    Version 7.7

    Websense Logon Agent (also called Authentication Server) identifies users in real time, as they log on to domains. Logon Agent works with the Websense logon application (LogonApp.exe), which runs on Windows client machines.

    This collection includes the following articles to help you understand how Logon Agent works, configure Logon Agent, deploy the logon application, and troubleshoot user identification issues.

    * How Logon Agent identifies users
    * Components used for transparent identification with Logon Agent
    * Logon Agent deployment
    * Configuring Logon Agent settings in TRITON - Web Security
    * Logon application deployment
    * Configuring Logon Agent to ignore certain user names
    * Custom configuration for a Logon Agent instance
    * Logon Agent troubleshooting

    Click View Complete Document for more.

  • Using DC Agent for Transparent User Identification

    Using DC Agent for Transparent User Identification

    Websense Web Security Solutions

    Versions 7.7 and 7.8

    If your organization uses Microsoft Windows Active Directory, you can use Websense DC Agent to identify users transparently. The agent periodically queries domain controllers for logon session information, and can be configured to poll client machines to verify logon status.

    This collection includes the following articles to help you understand how to deploy, configure, and use DC Agent.

    • How DC Agent identifies users
    • Components used for transparent identification with DC Agent
    • DC Agent deployment overview
    • Configuring DC Agent settings in the Web Security manager
    • Configuring DC Agent to ignore certain user names
    • Custom configuration for a DC Agent instance

    Click View Complete Document for more.

  • Using RADIUS Agent for Transparent User Identification

    Using RADIUS Agent for Transparent User Identification

    Websense Web Security Solutions

    Verisons 7.7 and 7.8

    Websense RADIUS Agent works together with the RADIUS server and RADIUS clients in your network to process and track Remote Access Dial-In User Service (RADIUS) traffic.

    Websense RADIUS Agent enables Websense filtering software to transparently identify users who access your network using a dial-up, Virtual Private Network (VPN), Digital Subscriber Line (DSL), or other remote connection (depending on your configuration).

    This collection includes the following articles to help you understand how RADIUS Agent works, configure RADIUS Agent, and troubleshoot user identification issues.

    • Processing RADIUS traffic
    • Components used for transparent identification with RADIUS Agent
    • RADIUS Agent deployment and configuration
    • RADIUS Agent troubleshooting

    Click View Complete Document for more.

  • Using eDirectory Agent for Transparent User Identification

    Using eDirectory Agent for Transparent User Identification

    Websense Web Security Solutions

    Versions 7.7 and 7.8

    Websense eDirectory Agent works with Novell eDirectory to transparently identify users so that Websense software can enforce policies assigned to particular users or groups.

    This collection includes the following articles to help you understand how eDirectory Agent works, configure eDirectory Agent, and troubleshoot user identification issues.

    • How eDirectory Agent works
    • Novell eDirectory server replication
    • eDirectory Agent user identification process
    • Components used for transparent identification with eDirectory Agent
    • Deploying and configuring eDirectory Agent
    • eDirectory Agent troubleshooting

    Click View Complete Document for more.

  • Delegated Administration Quick Start

    Delegated Administration Quick Start

    Websense Web Security Solutions, v7.6 - v7.8

    Delegated administration is a powerful tool for distributing filtering and reporting responsibilities across an organization.

    A Global Security Administrator creates accounts and grants them access to one or more TRITON console modules.

    Within the Web Security manager, Super Administrators can then grant policy management privileges, reporting rights, or both to delegated administrators, who can then manage or report on Internet usage for specific clients (users, groups, computers, or networks). Super Administrators can also:

    • Create a set of master restrictions that limit the Internet access that delegated administrators can provide.
    • Send copies of policies and filters that they have created to delegated administrators, who can use these policies as templates for creating policies and filters to apply to their clients.

    Click View Complete Document for more.

  • New User Quick Start

    New User Quick Start

    Websense Web Security Solutions, v7.7

    Use this Quick Start tutorial to learn the basics of policy management and reporting with Websense Web Security solutions. The tutorial is made up of a series of short lessons, divided into 4 sections:

    * Initial Setup
    * Navigation Tips
    * Policy Management
    * Reporting

    Each lesson requires between 5 and 10 minutes to complete.

    Click View Complete Document for more.

  • Upgrading User Quick Start

    Upgrading User Quick Start

    Websense Web Security Solutions, v7.7

    This Quick Start tutorial provides an overview of what has changed in Websense Web Security since previous versions, including changes to terms and concepts. The tutorial also includes:

    * Platform information and tips pertinent to any administrators familiar with previous Websense Web Security solutions.
    * An overview of features introduced in:
       - v7.0
       - v7.1
       - v7.5
       - v7.6
       - v7.7
    * An orientation to help you find features and functions that have moved.
    * Short instructions for performing common tasks.

    Click View Complete Document for more.

  • Backup and Restore FAQ

    Backup and Restore FAQ

    Websense TRITON Enterprise, v7.6.x - 7.8.x

    You can back up each module (TRITON Infrastructure, Web Security, Data Security, Email Security) of your Websense TRITON solution, and revert to a previous configuration if required. Data saved by the backup process can also be used to transfer configuration settings to a different machine or appliance.

    When backing up a TRITON management server, note that there are separate backup processes for the TRITON infrastructure component and each TRITON module. As a best practice, synchronize the backup of your TRITON modules with the TRITON infrastructure backup.

    • How do I back up and restore the TRITON infrastructure?
    • How do I back up and restore V-Series appliances?
    • How do I back up and restore Web Security software?
    • How do I back up and restore Websense Content Gateway?
    • How do I back up and restore Data Security software?
    • How do I back up and restore Email Security off-appliance components?
    • Important tips for backing up or restoring both Web Security and the TRITON console
    • How do I back up or restore multiple Web Security Gateway appliances?

    Click View Complete Document for more.

  • Security Information Event Management (SIEM)

    Security Information Event Management(SIEM)

    Websense Web Security Solutions, v7.6 and v7.7

    Alert messages keep your system administrator informed about significant events in your Websense system and in your network as they happen. Unlike reporting, which tracks trends over time, alerting provides a quick look at events that determine the health of your Websense software or V-Series appliances.

    This paper focuses both on alerts sent via SNMP traps and (v7.7 only) SIEM integration to forward Web Security logging data to third-party SIEM products.

    SNMP alerting is available for:

    * Websense Web Filter and Web Security
    * Websense Web Security Gateway and Gateway Anywhere
    * Websense V-Series appliance

    In addition, in v7.7, SIEM integration for logging data is available for all Websense Web Security solutions.

    Click View Complete Document for more. 

  • PAC File Best Practices

    PAC File Best Practices with Web Security Gateway and Web Security Gateway Anywhere

    Versions 7.x

    This article examines Proxy Auto-Configuration (PAC) files and their use and best practices with Websense Web Security Gateway and Web Security Gateway Anywhere (hybrid Web filtering).

    Topics include:

    • What is a PAC file?
    • How is a PAC file consumed?
    • Using a PAC file with Web Security Gateway
    • Using a PAC file with Web Security Gateway Anywhere
    • Sample PAC file
    • PAC file best practices

    Click View Complete Document for more.

v7.6

  • TRITON Console Help

    TRITON Unified Security Center Help

    Version 7.6

    The TRITON Unified Security Center is a single, browser-based console that provides a central, graphical interface to the general configuration, policy management, and reporting functions of your Websense software.

    From the TRITON console, you can access some or all of the following modules, depending on your subscription:

    • * TRITON - Web Security works in conjunction with integration devices (including proxy servers, firewalls, routers, and caching appliances) and enables you to develop, monitor, and enforce Internet access policies
    • * TRITON - Data Security protects organizations from information leaks and data loss both at the perimeter and inside the organization
    • * TRITON - Email Security protects your organization against the threats of malware, spam, and other unwanted content in email traffic

    Click View Complete Document for more.

  • TRITON - Web Security Help

     

    TRITON - Web Security Help

    Version 7.6

    This guide provides detailed instructions for using TRITON - Web Security to configure your Websense software, create Internet filtering policies, manage clients, run reports, and more. It also includes contextual and troubleshooting information to help you verify and optimize your deployment. Topics include:

     

    First steps Initial solutions
    Working in TRITON - Web Security
    Your subscription
    The Websense Master Database
    Websense product components
    Installation and subscription issues
    Master Database issues
    Troubleshooting tools
     
    Start filtering Filtering solutions
    Filtering categories and protocols
    Adding a client
    Working with policies
    Assigning a policy to clients
    Filtering issues
    Network Agent issues
    User identification issues
    Block message issues

     

    Click View Complete Document for more.

  • Content Gateway Help

    Content Gateway Help

    Version 7.6

    Websense Content Gateway is the Web proxy component of the Websense Web Security Gateway and Websense Web Security Gateway Anywhere solutions.

    Content Gateway is a configurable, high-performance Web proxy that works in combination with Websense Web Security to protect users and networks from malicious and unwanted content by performing advanced content analysis precisely when it is needed—as the content flows through the proxy—using the results of analysis to apply appropriate Web Security policy. This on-demand analysis protects users and networks at the same time that it makes dynamic, Web 2.0 sites safe for your organization and users.

    The precise application of content analysis is configured by the administrator for each Web Security Gateway deployment.

    Web proxy cache: Content Gateway can also be configured to function as a high-performance Web proxy cache that improves network efficiency and performance by caching frequently accessed information at the edge of the network. This brings content physically closer to end users for faster delivery and reduced bandwidth usage.

    Click View Complete Document for more.

  • New User Quick Start (Web Security)

    New User Quick Start

    Websense Web Security Solutions, v7.6

    Use this Quick Start tutorial to learn the basics of filtering and reporting with Websense Web Security and Websense Web Filter. The tutorial is made up of a series of short lessons, divided into 4 sections:

    * Initial Setup
    * Navigation Tips
    * Websense Filtering
    * Reporting

    Each lesson requires between 5 and 10 minutes to complete.

    Click View Complete Document for more.

  • Upgrading User Quick Start (Web Security)

    Upgrading User Quick Start

    Websense Web Security Solutions, v7.6

    This Quick Start tutorial provides an overview of what has changed in Websense Web Security since previous versions, including changes to terms and concepts. The tutorial also includes:

    • * Platform information and tips pertinent to all upgrade environments.
    • * An overview of features introduced in:
        - v7.0
        - v7.1
        - v7.5
        - v7.6
    • * An orientation to help you find features and functions that have moved.
    • * Short instructions for performing common tasks.

    Click View Complete Document for more.

  • Network Agent Quick Start

    Network Agent Quick Start

    Version 7.5

    Websense Network Agent monitors Internet traffic for all or specified machines in a network.

    * When you install Websense Web security solutions in standalone mode, Network Agent is used to filter both HTTP and non-HTTP traffic.
    * When you integrate Websense Web security solutions with a firewall, proxy, or caching product, the integrated product passes HTTP and HTTPS content to Websense software for filtering. Traffic using other protocols can be managed by Network Agent.

    Network Agent also captures bandwidth usage data for use in filtering and reporting. When Network Agent is used to filter non-HTTP protocols, it can detect malicious peer-to-peer applications and spyware, even when they tunnel over ports commonly used for legitimate Internet communication. In addition, Network Agent can filter requests for Internet applications used for instant messaging, streaming media, file sharing, proxy avoidance, Internet mail, and other network or database operations.

    This Quick Start introduces Websense Network Agent and summarizes the steps needed to successfully deploy the component in your network.

    Click View Complete Document for more.

  • Delegated Administration Quick Start

    Delegated Administration Quick Start

    Websense Web Security Solutions, v7.6 - v7.8

    Delegated administration is a powerful tool for distributing filtering and reporting responsibilities across an organization.

    A Global Security Administrator creates accounts and grants them access to one or more TRITON console modules.

    Within the Web Security manager, Super Administrators can then grant policy management privileges, reporting rights, or both to delegated administrators, who can then manage or report on Internet usage for specific clients (users, groups, computers, or networks). Super Administrators can also:

    • Create a set of master restrictions that limit the Internet access that delegated administrators can provide.
    • Send copies of policies and filters that they have created to delegated administrators, who can use these policies as templates for creating policies and filters to apply to their clients.

    Click View Complete Document for more.

  • Transparent Identification of Users

    Transparent Identification of Users

    Versions 7.5 and 7.6

    Websense Web Security solutions let you define custom filtering policies for different individuals or groups within your organization.

    * In any environment, you can assign policies to individual computers (identified by IP address), or networks (groups of contiguous IP addresses).

    * If your environment includes a supported directory service, you can configure Websense software to also filter directory clients: users, groups, and domains (organizational units).

    To apply policies to users, groups, and other directory clients, Websense software must be able to identify the user making a request, given the originating IP address. Any of 4 methods can be used to identify users...

    Click View Complete Document for more.

  • Remote Filtering Software

    Remote Filtering Software

    Version 7.6

    Deploy Websense remote filtering software to filter Internet requests from machines outside the network. By default, remote filtering software monitors HTTP, HTTPS, and FTP traffic.

    Remote filtering software is an optional feature, available to Websense Web Filter, Websense Web Security, Websense Web Security Gateway, and Websense Web Security Gateway Anywhere customers.

    NOTE: In Websense Web Security Gateway Anywhere deployments, hybrid (in-the-cloud) filtering can also be used to filter Internet requests from users outside the network.

    Remote filtering software includes the following components:

    * Remote Filtering Client is installed on each machine that will be filtered when used outside the network. This client is configured to communicate with the Remote Filtering Server.
    * Remote Filtering Server resides inside your firewall, and acts as a proxy to Websense Filtering Service.

    Click View Complete Document for more.

  • Web Security Component Ports

    Web Security Component Default Ports

    Versions 7.5 - 7.8

    This paper identifies the default ports used by Websense Web Security components, including Content Gateway and the interoperability components used to communicate with Websense Data Security and, in Websense Web Security Gateway Anywhere deployments, the hybrid service.

    In most cases, the default ports, which are assigned automatically during installation, never need to be changed. If you do need to change a port:

    • Use the Log Server Configuration utility (v7.5 or v7.6) or Settings > Reporting > Log Server page (v7.7 and later) to change the Log Server port.

    • Use the Web Security manager to configure communication with Log Server if the port has changed, and to change port information for transparent identification agents (DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent).

    If you need to change ports for other services, this can be done in the initialization (INI) file for the component. Given dependencies between components, the change may need to be made in multiple files.

    Click View Complete Document for more.

  • SSL Manager Certificate Verification

     SSL Manager Certificate Verification

     Version 7.6.2

    The Websense® Web Security Gateway proxy component – Content Gateway – includes a feature called SSL Manager. SSL Manager oversees SSL and TLS (HTTPS) connections, decryption, analysis of content, and re-encryption.

    This article describes the most effective use of the Certificate Verification Engine, a sub-component of SSL Manager. The Certificate Verification Engine ensures that only those connections that comply with your organization’s IT security requirements for certificate verification are allowed.

    Click View Complete Document for more.

  • Content Gateway Tunneled Protocol Detection

    Tunneled Protocol Detection

    Websense Content Gateway v7.6

    Tunneled protocol detection analyzes traffic to discover protocols that are tunneled over HTTP and HTTPS. Traffic that is allowed to tunnel over specific ports is also scanned. Such traffic is reported to Websense Web filtering for protocol policy enforcement. When tunneled protocol detection is enabled, scanning is performed on both inbound and outbound traffic, regardless of other scanning settings.

    HTTP tunneling occurs when applications that use custom protocols for communication are wrapped in HTTP (meaning that standard HTTP request/response formatting is present) in order to use the ports designated for HTTP/HTTPS traffic. These ports are open to allow traffic to and from the Web. HTTP tunneling allows these applications to bypass firewalls and proxies, leaving a system vulnerable.

    The tunneled protocol detection feature scans HTTP and HTTPS traffic and, when it detects a protocol, forwards it to Websense Web filtering for policy enforcement. At this point, a protocol is blocked or allowed based on policy definitions. This feature can be used to block protocols used for instant messaging, peer-to-peer applications, and proxy avoidance.

  • Content Gateway Frequently Asked Questions

    Frequently Asked Questions

    Content Gateway version 7.6

    A collection of articles that answer common configuration and maintenance questions, including:

    • * How do I configure IPTables to harden the Content Gateway host system?
    • * How do I ensure that Content Gateway is properly identified in the network?
    • * Which Web browsers provide the best user experience with Content Gateway?
    • * How do I backup and restore the SSL Incident List?

    Click View Complete Document for more.

  • Using SNMP with Content Gateway

    Using SNMP with Websense Content Gateway

    Version 7.6

    This article describes how to use Net-SNMP with software installations of Content Gateway (not V-Series appliances) to monitor Content Gateway processes. It assumes that the reader is familiar with SNMP.

    For information about using SNMP with V-Series appliances, see V-Series Appliance Manager Help.

    If you are not familiar with SNMP, an introductory article can be found in Wikipedia.

    An essential resource and the location of Net-SNMP software is www.net-snmp.org

    For documentation, go to: http://net-snmp.sourceforge.net/docs/man/

    To use SNMP with Content Gateway you must:

    • * Install Net-SNMP RPMs
    • * Configure snmpd.conf to monitor Content Gateway processes and send traps to the SNMP Manager
    • * Verify the configuration
  • Security Information Event Management (SIEM)

    Security Information Event Management (SIEM)

    Websense Web Security Solutions

    Versions 7.6 - 7.8

    Alert messages keep your system administrator informed about significant events in your Websense system and in your network as they happen. Unlike reporting, which tracks trends over time, alerting provides a quick look at events that determine the health of your Websense software or V-Series appliances.

    This paper focuses both on alerts sent via SNMP traps and (v7.7 and later) SIEM integration to forward Web Security logging data to third-party SIEM products.

    SNMP alerting is available for:

    • Websense Web Filter and Web Security
    • Websense Web Security Gateway and Gateway Anywhere
    • Websense V-Series appliance

    In addition, in v7.7 and later, SIEM integration for logging data is available for all Websense Web Security solutions.

    Click View Complete Document for more. 

     

  • Web Security FAQs

    Web Security FAQs

    Version 7.6

    This paper covers the following frequently asked questions:

    • - How does Websense Web Security decide which policy to apply to a request?
    • - How do keyword searches work?
    • - Can I exclude specific traffic from logging?
    • - How do I set up a filtering blacklist?
    • - How do I set up a filtering whitelist?

    Click View Complete Document for more.

  • Backup and Restore FAQ

    Backup and Restore FAQ

    Websense TRITON Enterprise, v7.6.x - 7.8.x

    You can back up each module (TRITON Infrastructure, Web Security, Data Security, Email Security) of your Websense TRITON solution, and revert to a previous configuration if required. Data saved by the backup process can also be used to transfer configuration settings to a different machine or appliance.

    When backing up a TRITON management server, note that there are separate backup processes for the TRITON infrastructure component and each TRITON module. As a best practice, synchronize the backup of your TRITON modules with the TRITON infrastructure backup.

    • How do I back up and restore the TRITON infrastructure?
    • How do I back up and restore V-Series appliances?
    • How do I back up and restore Web Security software?
    • How do I back up and restore Websense Content Gateway?
    • How do I back up and restore Data Security software?
    • How do I back up and restore Email Security off-appliance components?
    • Important tips for backing up or restoring both Web Security and the TRITON console
    • How do I back up or restore multiple Web Security Gateway appliances?

    Click View Complete Document for more.

  • Deploying Remote Filtering Client and Data Endpoint

    To deploy Data Endpoint and Remote Filtering Client on a single machine for version 7.6, first ensure that any previous versions of Data Endpoint and Remote Filtering Client have been uninstalled, then follow the instructions in this article to create a joint deployment package.

    Click View Complete Document for more.

  • PAC File Best Practices

    PAC File Best Practices with Web Security Gateway and Web Security Gateway Anywhere

    Versions 7.x

    This article examines Proxy Auto-Configuration (PAC) files and their use and best practices with Websense Web Security Gateway and Web Security Gateway Anywhere (hybrid Web filtering).

    Topics include:

    • What is a PAC file?
    • How is a PAC file consumed?
    • Using a PAC file with Web Security Gateway
    • Using a PAC file with Web Security Gateway Anywhere
    • Sample PAC file
    • PAC file best practices

    Click View Complete Document for more.

v7.5

  • TRITON - Web Security Help

    TRITON - Web Security Help

    Version 7.5

    This document provides detailed instructions for using TRITON - Web Security to configure your Websense software, create Internet filtering policies, manage clients, run reports, and more. It also includes contextual and troubleshooting information to help you verify and optimize your deployment. Topics include:

    First steps Initial solutions
    Working in TRITON - Web Security
    Your subscription
    The Websense Master Database
    Websense product components
    Installation and subscription issues
    Master Database issues
    Troubleshooting tools
     
    Start filtering Filtering solutions
    Filtering categories and protocols
    Adding a client
    Working with policies
    Assigning a policy to clients
    Filtering issues
    Network Agent issues
    User identification issues
    Block message issues

    Click View Complete Document for more.

  • Content Gateway Help

    Getting Started

    After installing Websense Content Gateway on your host system or on the nodes of your Content Gateway cluster, Content Gateway is ready for use.

    Refer to the following procedures to get started:

    * Starting and stopping Content Gateway
    * Starting Content Gateway Manager
    * Entering your subscription key
    * Verifying that the proxy is running
    * Using the command-line interface

    Starting Content Gateway Manager

    Content Gateway Manager is the management user interface to Websense Content Gateway. Content Gateway Manager is supported on Microsoft Internet Explorer 7 and later, and on Firefox 3.0.x - 3.5.x. Use of another browser version may result in unexpected behavior.

    Java and JavaScript must be enabled in your browser. See your browser documentation for information on enabling Java and JavaScript.

  • New User Quick Start (Web Security)

    New User Quick Start

    Websense Web Security, v7.5

    Use this Quick Start tutorial to learn the basics of filtering and reporting with Websense Web Security and Websense Web Filter. The tutorial is made up of a series of short lessons, divided into 4 sections:

    * Initial Setup
    * Navigation Tips
    * Websense Filtering
    * Reporting

    Each lesson requires between 5 and 10 minutes to complete.

    Click View Complete Document for more.

  • Network Agent Quick Start

    Network Agent Quick Start

    Version 7.5

    Websense Network Agent monitors Internet traffic for all or specified machines in a network.

    * When you install Websense Web security solutions in standalone mode, Network Agent is used to filter both HTTP and non-HTTP traffic.
    * When you integrate Websense Web security solutions with a firewall, proxy, or caching product, the integrated product passes HTTP and HTTPS content to Websense software for filtering. Traffic using other protocols can be managed by Network Agent.

    Network Agent also captures bandwidth usage data for use in filtering and reporting. When Network Agent is used to filter non-HTTP protocols, it can detect malicious peer-to-peer applications and spyware, even when they tunnel over ports commonly used for legitimate Internet communication. In addition, Network Agent can filter requests for Internet applications used for instant messaging, streaming media, file sharing, proxy avoidance, Internet mail, and other network or database operations.

    This Quick Start introduces Websense Network Agent and summarizes the steps needed to successfully deploy the component in your network.

    Click View Complete Document for more.

  • Transparent Identification of Users

    Transparent Identification of Users

    Versions 7.5 and 7.6

    Websense Web Security solutions let you define custom filtering policies for different individuals or groups within your organization.

    * In any environment, you can assign policies to individual computers (identified by IP address), or networks (groups of contiguous IP addresses).

    * If your environment includes a supported directory service, you can configure Websense software to also filter directory clients: users, groups, and domains (organizational units).

    To apply policies to users, groups, and other directory clients, Websense software must be able to identify the user making a request, given the originating IP address. Any of 4 methods can be used to identify users...

    Click View Complete Document for more.

  • Content Gateway Frequently Asked Questions

    Frequently Asked Questions

    Content Gateway version 7.5

    A collection of articles that answer common configuration and maintenance questions, including:

    *  How do I configure IPTables to harden the Content Gateway host system?
    *  How do I ensure that Content Gateway is properly identified in the network?
    *  Which Web browsers provide the best user experience with Content Gateway?
    *  How do I backup and restore the SSL Incident List?

    Click View Complete Document for more.

  • Content Gateway Tunneled Protocol Detection

    Websense Content Gateway: Tunneled Protocol Detection

    Tunneled protocol detection analyzes traffic to discover protocols that are tunneled over HTTP and HTTPS. Traffic that is allowed to tunnel over specific ports is also scanned. Such traffic is reported to Websense Web filtering for protocol policy enforcement. When tunneled protocol detection is enabled, scanning is performed on both inbound and outbound traffic, regardless of other scanning settings.

    HTTP tunneling occurs when applications that use custom protocols for communication are wrapped in HTTP (meaning that standard HTTP request/response formatting is present) in order to use the ports designated for HTTP/HTTPS traffic. These ports are open to allow traffic to and from the Web. HTTP tunneling allows these applications to bypass firewalls and proxies, leaving a system vulnerable.

    The tunneled protocol detection feature scans HTTP and HTTPS traffic and, when it detects a protocol, forwards it to Websense Web filtering for policy enforcement. At this point, a protocol is blocked or allowed based on policy definitions. This feature can be used to block protocols used for instant messaging, peer-to-peer applications, and proxy avoidance.

  • Using SNMP with Content Gateway

    Using SNMP with Content Gateway

    This article describes how to use Net-SNMP with software installations of Content Gateway (not V-Series appliances) to monitor Content Gateway processes. It assumes that the reader is familiar with SNMP.

    For information about using SNMP with V-Series appliances, please contact Websense Technical Support.

    If you are not familiar with SNMP, an introductory article can be found in Wikipedia.

    An essential resource and the location of Net-SNMP software
    is www.net-snmp.org.

    For documentation, go to: http://net-snmp.sourceforge.net/docs/man/.

    To use SNMP with Content Gateway you must:

    *  Install Net-SNMP RPMs
    *  Configure snmpd.conf to monitor Content Gateway processes
        and send traps to the SNMP Manager
    *  Verify the configuration

  • Websense Web Security SSL Certificates

    Websense Web Security SSL Certificates

    Version 7.5

    Topic 50140

    The topics in this paper provide an overview of how Websense software uses SSL certificates to secure communications, as well as instructions for creating custom certificates. The paper also offers instructions for administrators and end users who receive a browser certificate error. Topics include:

    * TRITON - Web Security SSL certificates
    * SSL certificates for secure manual authentication
    * Generating self-signed SSL certificates
    * Working with a Certificate Authority
    * Accepting a security certificate

    Click View Complete Document for more.

  • Delegated Administration Quick Start

    Delegated Administration Quick Start

    Version 7.5

    Delegated administration is a powerful tool for distributing filtering and reporting responsibilities across an organization.

    One or more Super Administrators can grant policy management privileges, reporting rights, or both to delegated administrators, who can then manage or report on Internet usage for specific clients (users, groups, computers, or networks). Super Administrators can also:

    * Create a set of master filtering restrictions that limit the filtering access that delegated administrators can provide.
    * Send copies of policies and filters that they have created to delegated administrators, who can use these policies as templates for creating policies and filters to apply to their clients.

    All of this is accomplished through the use of roles, which group related clients with the administrators responsible for managing and reporting on their Internet usage. For example, a school district might create Staff, Teachers, and Elementary Students roles, and then assign one or more administrators to each.

    Click View Complete Document for more.

  • Remote Filtering Software

    Remote Filtering Software

    Version 7.5

    Deploy Websense remote filtering software to filter Internet requests from machines outside the network. By default, remote filtering software monitors HTTP, HTTPS, and FTP traffic.

    Remote filtering software is an optional feature, available to Websense Web Filter, Websense Web Security, Websense Web Security Gateway, and Websense Web Security Gateway Anywhere customers.

    NOTE: In Websense Web Security Gateway Anywhere deployments, hybrid (in-the-cloud) filtering can also be used to filter Internet requests from users outside the network.

    Remote filtering software includes the following components:

    * Remote Filtering Client is installed on each machine that will be filtered when used outside the network. This client is configured to communicate with the Remote Filtering Server.
    * Remote Filtering Server resides inside your firewall, and acts as a proxy to Websense Filtering Service.

    Click View Complete Document for more.

  • Web Security Component Ports

    Web Security Component Default Ports

    Versions 7.5 - 7.8

    This paper identifies the default ports used by Websense Web Security components, including Content Gateway and the interoperability components used to communicate with Websense Data Security and, in Websense Web Security Gateway Anywhere deployments, the hybrid service.

    In most cases, the default ports, which are assigned automatically during installation, never need to be changed. If you do need to change a port:

    • Use the Log Server Configuration utility (v7.5 or v7.6) or Settings > Reporting > Log Server page (v7.7 and later) to change the Log Server port.

    • Use the Web Security manager to configure communication with Log Server if the port has changed, and to change port information for transparent identification agents (DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent).

    If you need to change ports for other services, this can be done in the initialization (INI) file for the component. Given dependencies between components, the change may need to be made in multiple files.

    Click View Complete Document for more.

  • DLP ICAP Integration

    Integrating Content Gateway with Third Party Data Loss Prevention Applications

    Websense Content Gateway supports the ICAP v1 protocol for integration with the third party data loss prevention (DLP) applications, such as Symantec Data Loss Prevention (formerly Vontu Data Loss Prevention) and RSA Data Loss Prevention. Data loss prevention applications deliver multi-protocol monitoring and blocking of sensitive data leaving the network. DLP is available in various configurations, one of which utilizes a HTTP/HTTPS/FTP proxy with ICAP client such as the Websense Content Gateway for monitoring and blocking of sensitive data.

    This document provides instructions on configuring Websense Content Gateway as an ICAP client for non-Websense DLP products acting as the ICAP server.

  • PAC File Best Practices

    PAC File Best Practices with Web Security Gateway and Web Security Gateway Anywhere

    Versions 7.x

    This article examines Proxy Auto-Configuration (PAC) files and their use and best practices with Websense Web Security Gateway and Web Security Gateway Anywhere (hybrid Web filtering).

    Topics include:

    • What is a PAC file?
    • How is a PAC file consumed?
    • Using a PAC file with Web Security Gateway
    • Using a PAC file with Web Security Gateway Anywhere
    • Sample PAC file
    • PAC file best practices

    Click View Complete Document for more.

Reporting

v7.8

  • Administering Websense Databases

    Administering Websense Databases

    Websense TRITON Solutions

    Versions 7.6 - 7.8

    Websense TRITON solutions (Web Security, Data Security, and Email Security) use several databases and database platforms. This paper is designed to help database administrators understand database requirements for all TRITON modules.

    The document includes infomration about:

    • What are the various databases?
    • What database versions does Websense support?
    • What hardware and operating systems are recommended?
    • How will my database size?
    • How big will my reporting database be?
    • Can I use SQL Server 2008 R2 Express?
    • What determines the size of my database?
    • What affects the performance of my reporting system?
    • Which database tools are required or used?
    • Which permissions are required?
    • Which database jobs are run?
    • How does the installer set up each database?
    • How big should the database partitions be?
    • How many partitions can be accessed at the same time?
    • How do I configure partition rollover?

    Click View Complete Document for more.

  • Investigative Reporting Quick Start

    Investigative Reporting Quick Start

    Websense Web Security Solutions

    Versions 7.5 - 7.8

    Learn how to use investigative reports to analyze Internet activity and find the information that you need.

    The quick start provides an overview of the default information displayed when you open the Investigative Reports page, and then shows you how to navigate to the information you need.

    • If the high-level summary shows areas of potential concern, drill down to find details.
    • Use standard reports to get a targeted view of Internet activity.
    • Customize summary reports or Customize detail reports to create a report that better reflects your needs.
    • For quick reference explaining the types of data that can be included in an investigative reports, see What information can I see in a report?
    • Create Favorite reports to minimize the work required to get to the data you need, and optionally schedule them to run at regular intervals.

    Click View Complete Document for more.

  • Presentation Reporting Quick Start

    Presentation Reporting Quick Start

    Web Security Solutions

    Versions 7.7 and 7.8

    Use presentation reports to create bar charts, trend charts, or tabular reports showing Internet activity in HTML, PDF, or Microsoft Excel (XLS) format.

    Access presentation reports, for example, after drilling down into investigative reports data requiring additional analysis. A presentation report is often available that provides additional detailed information that can be used for comparisons over a longer time period, across more users, including more categories, and so on.

    Presentation reports are also useful for those who prefer a report they can print and review over an online, drill down report. The available presentation report formats may be more readable or usable to some consumers than the available investigative reports formats.

    Click View Complete Document for more.

  • Web Security Reporting FAQ

    Web Security Reporting FAQ

    Versions 7.7 and 7.8

    Use this collection to find answers to frequently asked questions about Web Security reporting tools, including:

    • How do I correct investigative report display or PDF export problems?
    • Why don’t reports contain the data I expected?
    • Is it possible to save presentation reports to a custom folder?
    • What does it mean when the Log Database page shows partitions in red?
    • How do I verify that WebCatcher is working?
    • Can I review Log Server cache files?
    • What are application reports?
    • Why are application reports missing data?
    • How do I export the Suspicious Event Summary?

    Click View Complete Document for more.

  • Moving the Web Security Log Database

    Moving the Web Security Log Database

    Websense Web Security Solutions

    Versions 7.7.x and 7.8.x

    If you need to move your Microsoft SQL Server database to a new location (directory, drive, or machine), use these steps to move the Websense Web Security Log Database without data corruption or loss. Ideally, this procedure should be performed by, or with assistance from, your organization's database administrator.

    Click View Complete Document for more.

  • Security Information Event Management (SIEM)

    Security Information Event Management (SIEM)

    Websense Web Security Solutions

    Versions 7.6 - 7.8

    Alert messages keep your system administrator informed about significant events in your Websense system and in your network as they happen. Unlike reporting, which tracks trends over time, alerting provides a quick look at events that determine the health of your Websense software or V-Series appliances.

    This paper focuses both on alerts sent via SNMP traps and (v7.7 and later) SIEM integration to forward Web Security logging data to third-party SIEM products.

    SNMP alerting is available for:

    • Websense Web Filter and Web Security
    • Websense Web Security Gateway and Gateway Anywhere
    • Websense V-Series appliance

    In addition, in v7.7 and later, SIEM integration for logging data is available for all Websense Web Security solutions.

    Click View Complete Document for more. 

     

v7.7

  • Administering Websense Databases

    Administering Websense Databases

    Websense TRITON Solutions

    Versions 7.6 - 7.8

    Websense TRITON solutions (Web Security, Data Security, and Email Security) use several databases and database platforms. This paper is designed to help database administrators understand database requirements for all TRITON modules.

    The document includes infomration about:

    • What are the various databases?
    • What database versions does Websense support?
    • What hardware and operating systems are recommended?
    • How will my database size?
    • How big will my reporting database be?
    • Can I use SQL Server 2008 R2 Express?
    • What determines the size of my database?
    • What affects the performance of my reporting system?
    • Which database tools are required or used?
    • Which permissions are required?
    • Which database jobs are run?
    • How does the installer set up each database?
    • How big should the database partitions be?
    • How many partitions can be accessed at the same time?
    • How do I configure partition rollover?

    Click View Complete Document for more.

  • Investigative Reporting Quick Start

    Investigative Reporting Quick Start

    Websense Web Security Solutions

    Versions 7.5 - 7.8

    Learn how to use investigative reports to analyze Internet activity and find the information that you need.

    The quick start provides an overview of the default information displayed when you open the Investigative Reports page, and then shows you how to navigate to the information you need.

    • If the high-level summary shows areas of potential concern, drill down to find details.
    • Use standard reports to get a targeted view of Internet activity.
    • Customize summary reports or Customize detail reports to create a report that better reflects your needs.
    • For quick reference explaining the types of data that can be included in an investigative reports, see What information can I see in a report?
    • Create Favorite reports to minimize the work required to get to the data you need, and optionally schedule them to run at regular intervals.

    Click View Complete Document for more.

  • Presentation Reporting Quick Start

    Presentation Reporting Quick Start

    Web Security Solutions

    Versions 7.7 and 7.8

    Use presentation reports to create bar charts, trend charts, or tabular reports showing Internet activity in HTML, PDF, or Microsoft Excel (XLS) format.

    Access presentation reports, for example, after drilling down into investigative reports data requiring additional analysis. A presentation report is often available that provides additional detailed information that can be used for comparisons over a longer time period, across more users, including more categories, and so on.

    Presentation reports are also useful for those who prefer a report they can print and review over an online, drill down report. The available presentation report formats may be more readable or usable to some consumers than the available investigative reports formats.

    Click View Complete Document for more.

  • Web Security Reporting FAQ

    Web Security Reporting FAQ

    Versions 7.7 and 7.8

    Use this collection to find answers to frequently asked questions about Web Security reporting tools, including:

    • How do I correct investigative report display or PDF export problems?
    • Why don’t reports contain the data I expected?
    • Is it possible to save presentation reports to a custom folder?
    • What does it mean when the Log Database page shows partitions in red?
    • How do I verify that WebCatcher is working?
    • Can I review Log Server cache files?
    • What are application reports?
    • Why are application reports missing data?
    • How do I export the Suspicious Event Summary?

    Click View Complete Document for more.

  • Security Information Event Management (SIEM)

    Security Information Event Management(SIEM)

    Websense Web Security Solutions, v7.6 and v7.7

    Alert messages keep your system administrator informed about significant events in your Websense system and in your network as they happen. Unlike reporting, which tracks trends over time, alerting provides a quick look at events that determine the health of your Websense software or V-Series appliances.

    This paper focuses both on alerts sent via SNMP traps and (v7.7 only) SIEM integration to forward Web Security logging data to third-party SIEM products.

    SNMP alerting is available for:

    * Websense Web Filter and Web Security
    * Websense Web Security Gateway and Gateway Anywhere
    * Websense V-Series appliance

    In addition, in v7.7, SIEM integration for logging data is available for all Websense Web Security solutions.

    Click View Complete Document for more. 

  • Moving the Web Security Log Database

    Moving the Web Security Log Database

    Websense Web Security Solutions

    Versions 7.7.x and 7.8.x

    If you need to move your Microsoft SQL Server database to a new location (directory, drive, or machine), use these steps to move the Websense Web Security Log Database without data corruption or loss. Ideally, this procedure should be performed by, or with assistance from, your organization's database administrator.

    Click View Complete Document for more.

v7.6

  • Investigative Reports Help

    Investigative Reports

    Version 7.6

    Investigative reports let you browse through log data interactively. The main page shows a summary-level bar chart of activity by risk class. Click the different elements on the page to update the chart or get a different view of the data.

    Use the Reporting > Investigative Reports page to analyze Internet filtering activity in an interactive way. Initially, the main Investigative Reports page shows a summary report of activity by risk class.

    Work in the summary report view by clicking the available links and elements to explore areas of interest and gain general insight into your organization's Internet usage. Multi-level summary reports and flexible detail reports let you analyze the information from different perspectives.

    Click View Complete Document for more.

  • Presentation Reports Help

    Presentation Reports

    Version 7.6

    Presentation reports offer a list of predefined report templates and custom reports. Some output tabular reports; some combine a bar chart and a table. Copy any report template and apply your own report filter to create a custom report.

    Use the Reporting > Presentation Reports page to generate template-based charts and tabular reports in HTML, PDF, or Microsoft Excel (XLS) format.

    Available predefined and custom reports are found in the Report Catalog, which organizes them into related groups. The groups that appear are based on your subscription type. Some groups (like Real Time Security Threats and Scanning Activity) require a Websense Web Security Gateway or Gateway Anywhere subscription.

    Click View Complete Document for more.

  • Real-Time Monitor Help

    Real-Time Monitor

    Version 7.6

    Real-Time Monitor provides insight into current Internet filtering activity in your network, showing the URLs being requested and the action applied to each request. In Websense Web Security Gateway and Web Security Gateway Anywhere deployments, the monitor also shows which sites were scanned by Content Gateway. If a site is dynamically recategorized based on scanning results, both the original category and current category are shown.

    Use the Reporting > Real-Time Monitor page to review current Internet filtering activity in your network.

    Click View Complete Document for more.

  • Web Security Log Server Configuration

    Web Security Log Server Configuration Help

    Version 7.6

    Websense Log Server is the Web Security component that receives log records from Filtering Service and processes them into the Log Database.

    During installation, you configure certain aspects of Log Server operation, including how Log Server interacts with Websense filtering components.The Log Server Configuration utility lets you change these settings when needed, and configure other details about Log Server operation. This utility is installed on the same machine as Log Server.

    Click View Complete Document for more.

v7.5

  • Use Reports to Evaluate Filtering

    Use Reports to Evaluate Filtering

    Version 7.5

    TRITON - Web Security provides several reporting tools for use in evaluating the effectiveness of your filtering policies. (Log Server, a Windows-only component, must be installed to enable reporting.)

    * The Today page appears first when you open TRITON - Web Security. It shows the operating status of Websense software, and can display charts of filtering activities in the network since midnight.
    * The History page shows charts of filtering activities in the network for up to 30 days, depending on the amount of information in the Log Database. These charts do not include today's activities.
    * Presentation reports and Investigative reports offer many options for creating and customizing reports. See Reporting overview for more information.

    Click View Complete Document for more.

  • Investigative Reporting Quick Start

    Investigative Reporting Quick Start

    Websense Web Security Solutions

    Versions 7.5 - 7.8

    Learn how to use investigative reports to analyze Internet activity and find the information that you need.

    The quick start provides an overview of the default information displayed when you open the Investigative Reports page, and then shows you how to navigate to the information you need.

    • If the high-level summary shows areas of potential concern, drill down to find details.
    • Use standard reports to get a targeted view of Internet activity.
    • Customize summary reports or Customize detail reports to create a report that better reflects your needs.
    • For quick reference explaining the types of data that can be included in an investigative reports, see What information can I see in a report?
    • Create Favorite reports to minimize the work required to get to the data you need, and optionally schedule them to run at regular intervals.

    Click View Complete Document for more.

  • Presentation Reports

    Presentation Reports

    Version 7.5

    Use the Reporting > Presentation Reports page to generate charts and tabular reports based on templates from the Report Catalog.

    The Report Catalog organizes a list of pre-defined report templates and custom reports into groups.

    * Expand a group to see its corresponding templates and custom reports.
    * Click on a template or report title to see a brief description of what it includes.

    The number of groups in the Report Catalog depends on your subscription type. Some groups (like Real Time Security Threats and Scanning Activity) appear only with a Websense Web Security Gateway or Web Security Gateway Anywhere subscription.

    Click View Complete Document for more.

  • Reporting Administration

    Reporting Administration

    Version 7.5

    This document covers:

    * Planning your configuration
    * Managing access to reporting tools
    * Basic configuration
    * Log Server Configuration utility
    * Administering the Log Database
    * Configuring investigative reports
    * Self-reporting

    Click View Complete Document for more.

  • Log Server Configuration Utility

    Log Server Configuration Utility

    Version 7.5

    Websense Log Server is the component that receives log records from Filtering Service and processes them into the Log Database.

    During installation, you configure certain aspects of Log Server operation, including how Log Server interacts with Websense filtering components.The Log Server Configuration utility lets you change these settings when needed, and configure other details about Log Server operation. This utility is installed on the same machine as Log Server.

    Click View Complete Document for more.

  • The TestLogServer Utility

    Internet activity log records

    Version 7.5

    Topic 50102 / Updated: 24-Jun-2010

    A command-line utility called TestLogServer is included as part of your Websense Web Security installation. This utility displays log traffic sent from Websense Filtering Service to Websense Log Server.

    Use TestLogServer to verify that logging data is being sent to Log Server as expected, and to diagnose problems with:

    * Filtering and policy application
    * Authentication
    * Logging
    * URL categorization and protocol identification

    Click View Complete Document for more.

Troubleshooting

v7.8

  • Content Gateway Troubleshooting Topics

    Troubleshooting Tips

    Content Gateway, Versions 7.x

    A collection of troubleshooting tips on common proxy issues, including:

    • Dropped HTTPS connections
    • Sites that have difficulty transiting the proxy
    • Sites that host applications that don’t handle NTLM authentication
    • How to handle restricted users who fail to authenticate with NTLM

    Click View Complete Document for more.

  • DC Agent Troubleshooting

    DC Agent Troubleshooting

    Versions 7.7 and 7.8

    This collection includes the following articles to help you troubleshoot DC Agent installation and user identification issues.

    • Problems installing DC Agent
    • DC Agent initial diagnostic steps
    • DC Agent: System error while enumerating domain controllers
    • DC Agent: Error Code 1058 (seen on startup)
    • DC Agent: ERROR_ACCESS_DENIED - 5
    • DC Agent: ERROR_BAD_NETPATH - 53
    • DC Agent doesn't see some or all users

    Click View Complete Document for more.

  • Web Security Log Server Troubleshooting Guide

    Web Security Log Server Troubleshooting Guide

    Versions 7.7 and 7.8

    This collection contains the following articles to help you identify and resolve the underlying cause of reporting problems:

    • Web Security Log Server installation: Error connecting to SQL Server
    • Error creating the Log Database
    • Web Security Log Server stops unexpectedly or will not start
    • Web Security Log Server and Windows registration
    • Incorrect or missing data in Web Security reports
    • Web Security Log Database permissions

    Click View Complete Document for more.

  • Using TestLogServer for Web Security Troubleshooting

    Using TestLogServer for Web Security Troubleshooting

    Versions 7.7 and 7.8

    A command-line utility called TestLogServer is included as part of your Websense Web Security installation. This utility displays log traffic sent from Websense Filtering Service to Websense Log Server.

    Use TestLogServer to verify that logging data is being sent to Log Server as expected, and to diagnose problems with:

    • Filtering and policy application
    • Authentication
    • Logging
    • URL categorization and protocol identification

    This collection includes the following articles to help you use TestLogServer. Click a link below to jump to the topic, or use the arrows at the top of the content pane to browse between articles.

    Click View Complete Document for more.

  • Manually Creating the Web Security Log Database

    Manually Creating the Web Security Log Database

    Versions 7.7 and 7.8

    You may find that you need to create or upgrade a Web Security Log Database if:

    • An error appeared during installation
    • The Log Database has become corrupted
    • The Log Database was not upgraded properly when you upgraded your Websense Web Security solution

    This collection of articles includes instructions for using the database creating utility to manually create the Log Database, as well as reference and troubleshooting material, including:

    • Running the database creation utility
    • Database creation utility parameters
    • Using SQL Server Management Studio to verify database creation
    • Database creation utility errors

    Click View Complete Document for more.

  • Web Security Log Server Error Reference

    Web Security Log Server Error Reference

    Versions 7.7 and 7.8

    When logging problems occur, Log Server errors may be written to the Windows Event Viewer and the Websense.log file. The Websense.log file is located in the Websense bin directory (C:\Program Files (x86)\Websense\Web Security\bin, by default).

    Use the information in this document to better understand the following error messages, and to troubleshoot the underlying problem or problems.

    Click View Complete Document for more.

v7.7

  • Content Gateway Troubleshooting Topics

    Troubleshooting Tips

    Content Gateway, Versions 7.x

    A collection of troubleshooting tips on common proxy issues, including:

    • Dropped HTTPS connections
    • Sites that have difficulty transiting the proxy
    • Sites that host applications that don’t handle NTLM authentication
    • How to handle restricted users who fail to authenticate with NTLM

    Click View Complete Document for more.

  • DC Agent Troubleshooting

    DC Agent Troubleshooting

    Versions 7.7 and 7.8

    This collection includes the following articles to help you troubleshoot DC Agent installation and user identification issues.

    • Problems installing DC Agent
    • DC Agent initial diagnostic steps
    • DC Agent: System error while enumerating domain controllers
    • DC Agent: Error Code 1058 (seen on startup)
    • DC Agent: ERROR_ACCESS_DENIED - 5
    • DC Agent: ERROR_BAD_NETPATH - 53
    • DC Agent doesn't see some or all users

    Click View Complete Document for more.

  • Web Security Log Server Troubleshooting Guide

    Web Security Log Server Troubleshooting Guide

    Versions 7.7 and 7.8

    This collection contains the following articles to help you identify and resolve the underlying cause of reporting problems:

    • Web Security Log Server installation: Error connecting to SQL Server
    • Error creating the Log Database
    • Web Security Log Server stops unexpectedly or will not start
    • Web Security Log Server and Windows registration
    • Incorrect or missing data in Web Security reports
    • Web Security Log Database permissions

    Click View Complete Document for more.

  • Using TestLogServer for Web Security Troubleshooting

    Using TestLogServer for Web Security Troubleshooting

    Versions 7.7 and 7.8

    A command-line utility called TestLogServer is included as part of your Websense Web Security installation. This utility displays log traffic sent from Websense Filtering Service to Websense Log Server.

    Use TestLogServer to verify that logging data is being sent to Log Server as expected, and to diagnose problems with:

    • Filtering and policy application
    • Authentication
    • Logging
    • URL categorization and protocol identification

    This collection includes the following articles to help you use TestLogServer. Click a link below to jump to the topic, or use the arrows at the top of the content pane to browse between articles.

    Click View Complete Document for more.

  • Manually Creating the Web Security Log Database

    Manually Creating the Web Security Log Database

    Versions 7.7 and 7.8

    You may find that you need to create or upgrade a Web Security Log Database if:

    • An error appeared during installation
    • The Log Database has become corrupted
    • The Log Database was not upgraded properly when you upgraded your Websense Web Security solution

    This collection of articles includes instructions for using the database creating utility to manually create the Log Database, as well as reference and troubleshooting material, including:

    • Running the database creation utility
    • Database creation utility parameters
    • Using SQL Server Management Studio to verify database creation
    • Database creation utility errors

    Click View Complete Document for more.

  • Web Security Log Server Error Reference

    Web Security Log Server Error Reference

    Versions 7.7 and 7.8

    When logging problems occur, Log Server errors may be written to the Windows Event Viewer and the Websense.log file. The Websense.log file is located in the Websense bin directory (C:\Program Files (x86)\Websense\Web Security\bin, by default).

    Use the information in this document to better understand the following error messages, and to troubleshoot the underlying problem or problems.

    Click View Complete Document for more.

v7.6

  • Content Gateway Troubleshooting Topics

    Troubleshooting Tips

    Content Gateway, Versions 7.x

    A collection of troubleshooting tips on common proxy issues, including:

    • Dropped HTTPS connections
    • Sites that have difficulty transiting the proxy
    • Sites that host applications that don’t handle NTLM authentication
    • How to handle restricted users who fail to authenticate with NTLM

    Click View Complete Document for more.

  • General Web Security Troubleshooting

    Troubleshooting Resources

    Websense Web Security, Version 7.6

    Use this document to find solutions to common issues before contacting Technical Support.

    Troubleshooting instructions are grouped into the following sections:

    * Installation and subscription issues
    * Master Database issues
    * Filtering issues
    * Network Agent issues
    * User configuration and identification issues
    * Block message issues
    * Log, status message, and alert issues
    * Policy Server and Policy Database issues
    * Delegated administration issues
    * Log Server and Log Database issues
    * Investigative report and presentation report issues
    * Other reporting issues
    * Interoperability issues
    * Troubleshooting tips and tools

    Click View Complete Document for more.

v7.5

  • General Web Security Troubleshooting

    Troubleshooting Resources

    Websense Web Security, Version 7.5

    Use this document to find solutions to common issues before contacting Technical Support.

    Troubleshooting instructions are grouped into the following sections:

    * Installation and subscription issues
    * Master Database issues
    * Filtering issues
    * Network Agent issues
    * User identification issues
    * Block message issues
    * Log, status message, and alert issues
    * Policy Server and Policy Database issues
    * Delegated administration issues
    * Reporting issues
    * Interoperability issues
    * Troubleshooting tools

    Click View Complete Document for more.

  • Content Gateway Troubleshooting Topics

    Troubleshooting Content Gateway

    Version 7.5

    A collection of articles on common proxy issues, including:
    *  Dropped HTTPS connections
    *  Sites that have difficulty transiting the proxy
       -  Citrix collaboration products
       -  WebEx
       -  Firefox Update
       -  Pandora.com
       -  Real Networks Real Player
    *  Sites that host applications that don’t handle NTLM authentication
    *  Restricted users fail to authenticate with NTLM

    Click View Complete Document for more.

  • The ConsoleClient Utility

    Component statistics and diagnostics

    Version 7.5

    Topic 50101 / Updated: 24-Jun-2010

    A command-line utility called ConsoleClient is included as part of your Websense software installation. This utility can be used to retrieve statistics and diagnostic information from Websense Web Security / Websense Web Filter components.

    Use ConsoleClient to:

    * Review user name to IP address resolution maps to troubleshoot user identification issues.
    * Review requests sent to Filtering Service to make sure that requests are being passed properly by Network Agent, Content Gateway, or a third-party integration product.
    * Collect Network Agent diagnostic data.

    Click View Complete Document for more.

  • The WebsensePing Utility

    URL categories and filtering status

    Version 7.5

    Topic 50100 / Updated: 24-Jun-2010

    A command-line utility called WebsensePing is included as part of your Websense software installation. This utility can be used to mock a request from the firewall to Filtering Service to review how Websense software resolves URLs without proxy or firewall involvement. Because WebsensePing does not rely on data passed from other network applications or services, it can test internal Websense processes.

    WebsensePing can be used to:

    * Check Filtering Service status, responsiveness, and subscription count
    * Find the category for a URL or all categories for an IP address
    * See how a URL is filtered for a client (user or IP address)

    Click View Complete Document for more.

  • The TestLogServer Utility

    Internet activity log records

    Version 7.5

    Topic 50102 / Updated: 24-Jun-2010

    A command-line utility called TestLogServer is included as part of your Websense Web Security installation. This utility displays log traffic sent from Websense Filtering Service to Websense Log Server.

    Use TestLogServer to verify that logging data is being sent to Log Server as expected, and to diagnose problems with:

    * Filtering and policy application
    * Authentication
    * Logging
    * URL categorization and protocol identification

    Click View Complete Document for more.

  • DC Agent Troubleshooting

    DC Agent Troubleshooting

    Version 7.5

    Overview

    If you are using DC Agent for transparent identification, but it doesn't seem like user and group clients are being filtered properly, use this series of topics to help identify and resolve the problem.

    This troubleshooting series includes 5 topics:

    * 50200: Using DC Agent (overview)
    * 50201: DC Agent troubleshooting (general)
    * 50202: DC Agent installation errors
    * 50203: DC Agent errors (post-installation)
    * 50204: DC Agent doesn't see some or all users

    Click View Complete Document for more.

Document Preview