Quantcast
Channel: Forcepoint Community
Viewing all 2011 articles
Browse latest View live

help with how to health check WISP (EIMserver) behind Netscaler load balancer?

February 14, 2014, 9:15 am
$
0
0

We have a farm of nine 6.3.3 filter servers behind a Netscaler providing WISP connectivity for remote locations.  Occasionally EIMserver just stops accepting connections (process hangs for example) on one server.   Currently, the Netscaler only probes the server health itself and therefore still sends connection requests to the failed EIMserver.

Does anyone know of an application health check for the EIMserver that the Netscaler can use?  I've been told that the Netscaler can't run a Websense utility (like consoleclient or websenseping) natively.  I thought of using netstat for port 15868, but that returns too much information.

Thanks, Chris

Search

Blocked Page Over Top of Another Page Gets In The Way

February 18, 2014, 7:41 am
$
0
0

Here is the problem: We have a website that is unblocked and accessible, however a Facebook like button is blocked on the page which results in a Websense blocked page notification appearing over top of the unblocked page. There are links and buttons on the unblocked page that the Websense notification covers up, leaving the unblocked page useless.

I notice that the Websense blocked page notification disappears after about 45 seconds. In what ways can I allow the unblocked page to be usable.

1) A setting to decrease the size of the Websense blocked page notification?
2) A setting to decrease the time the Websense blocked page notification disappears? Say 1 second?

Help. Thanks.

SQL tables

February 19, 2014, 4:36 am
$
0
0

Hi Guys, 

Recently in customer environment, Microsoft did an analyze in Websense SQL server, looking for any table that is not following the best pratices. 
And in the final report they found some tables related to Websense structure that are not following the SQL best pratices. 

Down below We have the Microsoft's report: 

"(...) Description 
One or more tables found, with foreign key constraint defined but no supporting indexes created on the foreign key columns. 

Best Practice Guidance 
SQL Server doesnt put an index on foreign key columns by default and indexing foreign key fields in referencing tables is not required. 
Foreign key columns usage must evaluated to determine whether or not indexing this column will help up increase the current workloads performance by enhancing join performance, reducing table locking (for full table scans) while cascading updates and deletes, etc 

Importance 
Creating an index on a foreign key is often useful for the following reasons: 
Changes to PRIMARY KEY constraints are checked with FOREIGN KEY constraints in related tables. 
Foreign key columns are frequently used in join criteria thats why indexing them provides better join performance 
Better performance on maintaining the relationship on a delete of a primary/unique key. When you delete a key row, SQL Server must check to see if there are any rows which reference the row being deleted. 
If the foreign key relationship is defined with NO ACTION (on update/delete) then a referenced row CANNOT be deleted as it would leave the referencing rows “orphaned.” To find the rows efficiently an index on the foreign key column helps! 
If the foreign key relationship is defined with CASCADE (on update/delete) then when a referenced row is modified all of the referencing rows must be modified as well (either updated to reflect the new value or on cascade delete). To find the rows to modify efficiently, an index on the foreign key column helps. 

Recommended Resolution 
Check all the current Foreign Keys that are used frequently in joins and create a non-clustered index for each one of them. 
The following query can be used to retrieve all the foreign key column details and whether they are part of indexes in a database (...)" 

This issue could be fixed in a future version?

Thank you, 

Abraão Dias.

post blocking by using keywords

February 19, 2014, 7:26 am
$
0
0

Hi There;

We use websense security gateway and we want to block  posts that include some keywords.

Can we do this?

Why is SiteLookup Tool behind a login ?

October 26, 2013, 4:57 pm
$
0
0

I/we would like our helpdesk and Level II Onsite team to be able to query the SiteLookup Tool without providing logon ID's?   If this isn't possible why not?  If it is possible, can I learn how?

I've seen Barracuda provide this without login, and I've seen McAfee SmartFilter provide this without login.  So, why does Websense require login?

Site Lookups can be helpful for Level I, Level II, even the end-user in reducing or resolving client issues.

David

Web Endpoint & Windows 8 and 8.1

October 29, 2013, 3:38 pm
$
0
0

I find that in my Cloud Web Security portal that version 1145 is the most recent version available (1.4.7.6.1145) and the Release Notes do not mention explicitly supporting Windows 8 or 8.1 (but there is a mention that "…endpoint does not support Windows 8 Metro apps…")  Which seems to indicate that there may be some level of support on Windows 8.

Page 3 of 1145 Release notes do explicitly note:

Supported operating systems

 Windows XP with Service Pack 2 or higher (32-bit and 64-bit)

  Windows Vista with Service Pack 1 or higher (32-bit and 64-bit)

  Windows 7 (32-bit and 64-bit)

My question is are there folks out there with 8 or more specifically 8.1 running with Web endpoint?

 

thanks

Bulk url checking in Triton

February 10, 2014, 5:42 am
$
0
0

Hi Team,

 We are having a list of urls identified as malicious from our team . We would like to check whether they are allowed or blocked in our Triton console. As it contains many urls , do we have any script which can check multiple urls in single go and provide the output whether it is allowed or not?

 

Cloud Web Security Gateway routing issue when on FortiClient VPN

February 20, 2014, 7:19 am
$
0
0

All our laptops are installed with Websense Endpoint Client which ensures all HTTP/HTTPS traffic is routed to Websense Cloud service whether on corporate LAN, public WiFi or home broadband.

However, we are experiencing issue with Websense routing when after connecting to an SSL VPN using FortiClient to a Fortigate firewall. In certain scenarios, the web browser traffic tries to connect directly to the internet, rather than to Websense servers. See details below

- We traffic does proxy correctly on the internal LAN and it does proxy correctly when on an external network e.g. home broadband

- it does proxy correctly correctly when connecting via the VPN WHEN THE BROWSER IS OPENED BEFORE MAKING THE VPN CONNECTION.

- it does NOT proxy if I make the VPN connection‎ first and then open the browser to access the internet. In this scenario, using TCPView, ‎I can see the browser trying to connect directly to websites which I do not want. I still need this proxy in via Websense as with all other scenarios.

The fact Websense traffic routes to Websense via the VPN in 1 scenario suggests the traffic is allowed across the VPN and out the corporate firewall unhindered.

I just can’t work out what is different in connecting the web browser first and what is causing the web browser to try and connect to the internet directly… Incidentally, when I manually download the PAC file in this situation, it downloads fine. Wireshark doesn't show much as soon as the VPN is connected due to encryption I assume.

Any thoughts?

 

Search

Facebook View Only for WCG 7.7.3

February 20, 2014, 9:41 am
$
0
0

Hello,

I'm having an issue where I can't find the perfect combination to allow a user to only look at Facebook or use the login through facebook option on other sites.  For instance, www.bandsintown.com can be logged in to with an FB account.  

We don't allow FB as a rule but there are other sites that we allow and these users would like the "login with your facebook account" option.

We have exception rules for chat, games, etc that we use without issue but the old view only and full access is really what i'm looking for (i think).  any ideas?

Thanks for your help,

Rhonda

 

7.7.3 DC Agent install on Windows 2012?

February 20, 2014, 7:28 am
$
0
0

I have a utility server running Windows 2012 at a remote site and I want to just install DC Agent on it. We are at v. 7.7.3 and the installer gives an error "Installer User Interface Mode Not Supported".

How do I get this installed?

It does say that I can use a -i option with a "valid UI mode" but not sure what that means. Maybe there is a way to just install the DC Agent only via command line?

I really hate to bring up a new 2008 R2 server at the site just for DC Agent...

Stopping and starting services

February 21, 2014, 4:47 am
$
0
0

Good day everyone, can you please tell me what the proper sequence is to stop and start Websense Services using the most recent version of Websense 7.8.1?

 

Also, is this still applicable to Websense 7.8.1?

 

http://www.websense.com/support/article/kbarticle/How-to-Back-Up-and-Restore-the-7x-Policy-Database

Thank you in advance.

Websense Exploer Reporter Scheduler

February 21, 2014, 2:13 pm
$
0
0

We are currently experiencing an issue where the Websense Reporter Scheduler will not start.  Not sure what the issue is, but so far my attempts to find a resolution in either the Knowledge Base or the Forums has failed. 

 

We are a 7.5 Triton Standalone instance and hotfixes are up to date.

 

Thanks

Webfilter 7.7.3 Standalone - Allow Skydrive

February 21, 2014, 11:24 am
$
0
0

Webfilter 7.7.3 Standalone - Triton

I have Personal Storage & Backkup blocked, but only want to allow skydrive.com = https://onedrive.live.com , but not able to, does anyone know the ip to allow it?

I read the link below and added those 2 links in, yet I still can't get to skydrive.com to work.

http://community.websense.com/forums/t/24582.aspx 

I have all this in my allow, yet it doesn't work.

https://65.55.124.223:443   

https://207.46.0.175:443 

http://skydrive.com
http://live.com
https://skydrive.com:443
https://live.com:443

GeoEdge toolbar integration

February 10, 2014, 1:01 am

Websense Report Field

February 24, 2014, 7:36 am
$
0
0

Hi, can someone tell me what the requests field of the reports means? I know it means they went to the website but what else does it indicate. Thanks

Search

Custom reports requirement on ESG

February 24, 2014, 9:14 am
$
0
0

Customization on  ESG report is needed by customers , especially financial companies asking this feature.

Details ;

From 1 source email address to many email address with delivery report in a specific time.

For example :

sender :  someone@acme.com

receipts : 500 email address

type of report : delivery reports

time :  range or a specific time

We can get this information by Email - Logs , but the customers are asking for a report format.

WSG have a powerful reporting section and its very useful , we hope to see this kind of function on ESG too.

 

 

 

 

 

How can I allow limited access to a site?

December 9, 2013, 11:32 am
$
0
0

We block streaming media form most users but we need to allow all of our users to a page that has all of the local closings for inclimate weather. I have added these pages to the User Defined and permit everyone to this group. The problem is all of these pages have nested urls and I have to add each individually. Example:

http://closings.wclo.com/list-categories.php 

http://closings.wclo.com/client/profile.php

http://closings.wclo.com/client/login.php?accesscheck=/client/profile.php

http://wclo.com/pages/14977582.php?

http://www.wclo.com/school-closings-login/

Is there some way I can just open this with out allowing the streaming access? Or even adding every nested page on the site?

 

 

v7.7.3 NetworkAgent.exe crashing. Faulting module RemoteAdapter.dll

June 3, 2013, 7:31 am
$
0
0

Hello,

Websense Web Filtering v.7.7.3 is running in integrated mode. Network Agent is installed on a physical machine monitoring  the network with 2 NICs. The OS is a Windows Server 2008 Standard SP2 64 bits with 24 Gb of RAM and 2 quad core processors running at 3.15 GHz. Number of seats is 2000. The physical machine resources are barely used as you can imagine.

Even so, NetwokAgent.exe is crashing a dozen time a day, but only during business hours, when people are working. No crashing during the nights and the week ends.

Last time, I was able to see the process crash when reaching around 2Gb of RAM. Can I suspect a faulty RAM module on the physical machine?

Some notes: the server is 64 bits, but the process is 32 bits. Also, Network Agent is used only to monitor bandwidth usage. Finally, this is a fresh install and the process has been crashing since the beginning.

Any advice would be greatly appreciated.

Thank you,

Louis

Google Mail not blocked when category is blocked

January 13, 2014, 6:54 am
$
0
0

http://mail.google.com is blocked, but https://mail.google.com/mail/u/0/?shva=1#inbox is not.  When I do a lookup in TRITON, it says it should be blocked by category:

Result:This category is blocked.
URL:
https://mail.google.com/mail/u/0/?shva=1#inbox
Client:
LDAP:// [Domain-specific content removed] Brian Proie
Category:General Email
Details:Found in Master Database category.

CATEGORY BLOCKED

 

 

However, when I go to that URL, it redirects to https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/%26ss%3D1%26scc%3D1%26ltmpl%3Ddefault%26ltmplcache%3D2%26emr%3D1/&ss=1&scc=1&ltmpl=default&ltmplcache=2&emr=1

and when I enter account information it allows me in.

 

Another way to get around this filter would be to go to www.google.com then click on gmail at the top.

 

I tried to add mail.google.com (without http or https specified) to an "exception: block" list, but that didn't fix it.  Any suggestions?

 

 

This question is similar in nature but not the same as this one (in the post referenced below, the category of the site not being blocked was allowed - in my case the category is blocked, as stated above):

http://community.websense.com/forums/p/8444/20383.aspx#20383

How to install a SSL Certificate issued from a CA to a V5000 G2 appliance?

February 25, 2014, 12:25 pm
$
0
0

I have been unsuccessfully searching the Websense site for a guide on installing a ssl certificate issued from our internal CA to the management interface of our V5000 G2 appliance running web security and email filtering.  We have also opened a ticket with support to be told the next available technician can contact us back on Monday (almost a week later).

Any help would be appreciated.

Viewing all 2011 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>