I am using 7.7 and it is working fine monitoring our private LAN, I am in the process of adding wireless access in the building via a Public_VLAN and would like to setup Websense to also monitor that network. I added a NIC to the server (the server is virtual) and the vNic is setup promiscuous, but it isn't seeing any traffic. Before I spend a bunch of time or burn a support ticket, just wanted to see if it is even possible. Thank you for any assistance you could give.
↧
Can Websense monitor multiple NIC's? (i.e. Private and Public VLAN)
↧
IS Forefront Plugin Upgrade Required when upgrading to 7.7.x
We are currently running Web Security 7.6.2 and were looking to go to 7.7.x and then to 7.8. When we went to 7.6 we needed to upgrade the Forefront plugin, is this required when going to 7.7.x and further 7.8.x? Please let me know. Thanks
↧
↧
Failed to Create Database
Hi :-) This is my first Post on this Forum, i use Websense since near 5 or 6 Years.
But know i got a real hard Problem :-)
We build up vom Ground a new Websense Server (Windows 2008 x32) Filters on an TMG 2010 on Win2k8R2
The Database is host on the Win2k8 x32 SP2 Machine where Websense Services Installed.
All working fine i see the Traffic comming in on the TestLog Server Utility.
After Install i got an Errormessage that the DB cannot be Created so i use the CreateDBu.exe Utility to Create on.
The Commands running, on the sqlmanagement tool i see the Database comming up. After a while when the createdbu.exe is complete the Database is not here anymore.In stdout and stderror Textfile is nothing but in the CreadbInstall.txt Follow:
CreateDb Starting
CreateDb Parse Command Line Parameters
CreateDb Create event to tell calling process to wait.
CheckConnection: See if the user entered the right server, user name, and password
Creating a connection string. Connection = SERVER=127.0.0.1;DATABASE=master
Creating the sp_database.sql file to see if the database exists.
Getting the Osql login timeout from the LogServer.ini file.
Running the following command with CreateProcess
.\osql -S "127.0.0.1" -d "master" -i ".\sp_database.sql" -m-1 -l "65" -o ".\sp_database.out" -E
Parsing the sp_database.out file to see if a connection can be made.
The database connection is OK
Generating a new ODBC connection for this database.
CheckIfDbExists: See if the database exists
Parsing sp_database.out to see if the database exists.
CreateDb - create the DB.
Creating a connection string. Connection = DSN=wslogdb70;SERVER=127.0.0.1;DATABASE=master
Calling Logdatabases createNewDatabase
Generating a new ODBC connection for this database.
Creating a connection string. Connection = DSN=wslogdb70;SERVER=127.0.0.1;DATABASE=wslogdb70
Loading tables and stored procedures into the database.
Writing to Install File
WriteToInstallFile(.\CheckSpDatabase.txt) = ERROR: 9
FATAL ERROR OCCURRED, CLEANING UP THE DATABASE.
DB CLEANUP - Dropping SQL Agent jobs.
DB CLEANUP - Dropping all paritions.
Creating a connection string. Connection = DSN=wslogdb70;SERVER=127.0.0.1;DATABASE=master
Generating a new ODBC connection for this database.
DB CLEANUP - Connecting to the master db.
DB CLEANUP - Dropping Catalog database.
DB CLEANUP - Dropping partition database.
Failed to create the DB.
Writing to Install File
WriteToInstallFile(.\CheckSpDatabase.txt) = ERROR: 6
What is ERROR:6 or ERROR:9
A Feature Request: Errorcode List.
Keeping Checking with Procmon and Regmon and SQL Log since 3 Days.
Thx in Advice
daBONDi
↧
7.5.1 - 7.8 New installation Forefront TMG Integration
Hi there a little help if you have time.
I currently have 7.51 one with isa integration and one with cisco integration. I have managed to backup the policy database from this version but i am having trouble figuring out how to get it into 7.8
I am firstly trying to backup the new 7.8 installation on a new installation of windows server 2008 r2 using the command
PgSetup --save 78.backup_policy_db
but receive the error
wbsn::SysException: OpenService(WebsensePolicyDB): Access is denied.
If i use the command above with the services off as suggested it returns a similar error.
Basically i need a guide of how to transfer the policies from 7.5.1 to 7.8.1
Thanks in advance
↧
Websense 7.8.1 on Server 2008 SP2 64 Bit?
The release notes say 7.8.1 is supported on Server 2008 R2, and support was removed from Server 2008 32-bit, but nowhere is compatibility addressed for Server 2008 SP2 64 bit. Is 7.8.1 supported on Server 2008 SP2 64 bit?
-Keith
↧
↧
Export Policies spreadsheet not in a usable format
I sent in an official "enhancement request", but it seems WebSense will not provide a better or more readable output for their "export Policies" button.
I suggested, that instead of all the Categories and Protocols in a single line down the page (THOUSANDS of lines, and lots of extranious information), that it list the Categories down, and columns of Policies tabbed across the top. Similar to this example below: (This took me 4+ hours to manipulate from their layout):
| Category Filters | |||||||||
| 1 | Default | 2 | Block All | 3 | InfoTech Filter | 4 | Extended Access | 5 | Internet Filter |
| Abortion | Block | Block | Permit | Permit | Permit | ||||
| Abused Drugs | Block | Block | Confirm | Confirm | Confirm | ||||
| Adult Content | Block | Block | Block | Block | Block | ||||
| Adult Material | Block | Block | Block | Block | Block | ||||
| Advertisements | Block | Block | Permit | Permit | Permit | ||||
| Advocacy Groups | Block | Block | Permit | Permit | Permit | ||||
| Alcohol and Tobacco | Block | Block | Permit | Permit | Permit | ||||
| Alternative Journals | Block | Block | Permit | Permit | Permit | ||||
| Bandwidth | Block | Block | Permit | Permit | Permit | ||||
Would any others like to see this type of layout native from their "Export Policies" spreadsheet? If so, send in your enhancement requests, or reply to this post....
↧
AD 2012 and DC Agent on 7.6
We currently have Web Security 7.6 and Active Directory 2008 R2 in native mode. We have no problem using the DC Agent to get the usernames.
We are planning an upgrade to Active Directory 2012 R2 soon. Will the DC Agent stop working when we will have upgraded our AD? Do we absolutely have to upgrade to Websense 7.8 to continue having the user mapping?
Thanks.
↧
Remote Filtering Server Install Question v7.7 No DMZ
Hi,
Quick question regarding a Remote Filtering Server. Is the DMZ necessary? We do not use a DMZ and would prefer not to.
↧
Exception for URL starting with...
Hi Guys,
I tried some Regular Expressions to get it to work but my Websense appliances either says the URL is invalid or it just doesn't work. What I want to do is be able to make an exception for any URL that starts with something...
My example is: http://videocdn.sbs.com.au/u/video/
The issue is I need to unblock some videos that are embedded and if I try to unblock the specific URLs, it keeps changing and going longer so I ended up adding 20 before giving up. Could someone let me know the entry I need to do to make that above link exception for any URL that starts with that?
↧
↧
possibility to limit access to Triton console
The triton console can be accessed by all users through the appliance C interface.
This is something which is done by design. (we had a case open for this)
There are a few options to prevent users from accessing this site, but they are mostly based on client settings.
This allows users to open and possible login to the Triton console.
This is seen as a security issue, because it is possible to perform Cross site scripting attacks, and exploit possible vulnerability's which exist in the software.
We want to be able to control, which clients can connect to the triton console (possible with an ACL)
or even disable access to the C interface completely and only allow direct access.
↧
Reports for Management
I am in the process of rolling out Cloud Web Security and I am curious what others are doing for reports that management can understand and use.
What types of reports are you finding that management can understand without much hand holding?
Thoughts?
Thanks.
↧
concrete5 - sharethis.com blocked, when blocked it keeps trying and trying and trying
We have several users that are experiencing this with our Concrete5 intranet and blog platform. When a user that does not have access to sharethis.com goes to our intranet page it calls out to sharethis.com and once blocked tries again and again in a constant loop for as long as the user is on the page. I tried digging this out of concrete5's folders, but couldn't locate anything that called out to sharethis.com Help?!?
↧
Cisco AnyConnect VPN & Endpoint
Has anyone run into this before? I have the Endpoint installed on my laptop and if I try to launch AnyConnect VPN I get prompted for credentials for the proxy. I've tried adding vpnui.exe to the bypass settings but it doesn't appear to be working.
I don't mind the connection being proxied, just not prompting for credentials.
↧
↧
Transparent NTLM only works when you force authentication?
I'm trying to find a happy medium with the Cloud service that allows me to authenticate everyone who can but not force it. If they don't provide credentials just give them the DEFAULT policy, but if they do I want to capture it.
In my testing it seems that Transparent NTLM only works if you have "Authenticate users on first access" checked. If I change it to "Authenticate only in these cases:" then NTLM does not occur anymore and user logs are no longer identified with their username. Is this by design or a bug?
↧
Implementing Websense Webfilter - Windows Server 2012 / SQL Server 2012 and Webfilter v7.8
Hello,
We are about to migrate from Surfcontrol Webfilter to Websense Webfilter.
The idea is to create a new server with the latest software components available.
I understand Webfilter v7.8 is Windows Server 2012 compatible, but is only an upgrade - does this mean I will have to install v7.7 first, (which I downloaded previously), and then upgrade to v7.8?
In which case, will v7.7 install on WindowsServer 2012?
Also, is v7.8 compatible with SQL Server 2012? Which version of SQL server is included in the Webfilter v7.8 installation?
Lastly, we we're using ISA Server 2006 with Surfcontrol Webfilter, but I understand this product had been replaced with Microsoft Forefront (TMG) - but even this is not available to buy - is there a replacement for TMG that we can use?
Thanks. 
Dave.
↧
CVE-2013-3918
I have searched to see if Websense will identify this 0-Day vuln, but cannot seem to locate where Websense provides this information.
We have gateway & hybrid, and I'm looking to see if Websense is a layer that provides protection against this specific CVE.
Thanks,
John
↧
Web Security Logging Behaviour
As far as i investigate that after authenticating users Web Sec. is creating a
record on the SQL database and give that record a domain_id and user_id.
After that any web traffic which is requested from this user LDAP query is logged
and associated with that user_id on the MSSQL database.
But when the user is moved to another OU container on the active
directory this user is re-authenticated and a new user and domain id is
created for that record on the websense SQL DB. And new web requests
from that user LDAP query is associated with this new id on the database.
But at the end we have two different records in our hand which were related with the same user. So i
understand that, if a user changes its OU he could have two or more different records on the SQL, so this is why there is multiple different
records on the investigate reports(1 month user report).
Microsoft tech guys had told me that "SAM-Account-Name" is unique for every user, so maybe websense can user it for merging that users ?
Regards,
NSK
↧
↧
Network Account Login - WS Manager
Hi there,
Sometimes I can login to the WS manager with no problems but more often than not i get the following message
Make sure that the Websense Policy Broker service is running and that the Websense Manager machine can communicate with the Policy Broker machine.
Considering the WS manager and the Policy Broker are on the same machine and are both in a running state i dont understand why the network credentials login wont work.
Regards
↧
skype block
Hi,
I want to block skype. There is no Network Agent. My company does not allow to install NA. Is it possible to block Skype by using HTTPS? I edited policies and bloked skype protocol, internet telephony category. It did not work.Thank you.
↧
Presentation reports showing two entries for the same user
I have created some "custom" reports to show user activity by location and organization as a whole but have noticed that there are two entries for some users. So instead of having all 20k weekly requests for one user show in one column, it is splitting it between two as if it were two separate users.
Has anyone else experienced this or have any idea why this might be happening? There are two entries for the user when selecting users to add to the report but I'm not sure why. I know I could remove one and probably fix the reporting output that way, but then it would not include all of the requests from that user.
Running Websense Web Security 7.6 in standalone mode.
I will edit a quick screenshot of this into the post when I can get a picture hosted to help illustrate the issue.
↧