Could the facility be added for a V10K to monitor an upstream router for failure, then when it sees the failure force a fail over to a secondary V10K thus ensuring traffic flow?
Ian
↧
Tracker-IP Upstream failure detection for V10K cluster
↧
problem with chinese browsing
hello,
We are using websense in hybrid mode: Endpoint agent install on all COmputer.
When chines people are browsing internet, it is working, until they browse some specific site: www.yahoo.com, http://bbs.anzhi.com, and some others...
When they browse those sites, internet stop for everybody in the agency (behind the same IP) for 3 minutes.
Then it comes back until they browse one of those site.
There is a lot of other site that stop internet.
Is there an explanation? and Is there a solution?
The agency is located in Zhenjiang, china.
↧
↧
Configuring email alerts for failed reports
Is there any way to create a custom email alert when a scheduled investigative report fails ? Currently, we have investigative reports scheduled to run throughout the week and the reports are automatically emailed to recipients that need to review them . These reports fail from time to time, and I would like to be alerted, if possible, when these fail so I can immediately log in to Triton and run them manually,without having to wait for the reviewer to alert me that they have failed.
↧
Upgrade on Linux 773 network agent fails
Trying to upgrade from 773 to 782 and my installer gets a cannot execute binary. Could be a simple issue. I have downloaded WebsenseWeb782, move to an install directory and change ownership to the install user.
Installer instructions are uncompress and launch installer. When doing so i get
Preparing to install...
Extracting the JRE from the installer archive...
Unpacking the JRE...
Extracting the installation resources from the installer archive...
Configuring the installer for this system's environment...
Launching installer...
/root/Websense_setup/Setup.bin: line 3319: /tmp/install.dir.11514/Linux/resource/jre/bin/java: cannot execute binary file
/root/Websense_setup/Setup.bin: line 3319: /tmp/install.dir.11514/Linux/resource/jre/bin/java: Success
Installation ends...
↧
Please do not allow user passwords to be sent in clear when authenticating.
Please develop a secure authentication method for manual authentication
Description: Example The WCG are set to use IWA , we do not want to use LDAP as this make a DLP deployment difficult . So if the client basic authentication is not secure, the user password can be seen , why not use ssl for the auth page or forms
↧
↧
User Service is not available when user not belongs to role super administrator
Hello everyone!
I noted that when I create an user in Triton settings and when I put this user in a new role with all permission, I can't use the toolbox "Check policy" and "Test Filtering" in both case I received an error "User Service is not configured. User information is not available." But if I put this user in the role "Super administrator" I can perform all tasks without any problem. This behavior is normal? Are there any way to grant permission for an user to use the toolbox without use the role "Super administrator"?
Thank you!
↧
Presentation Reports to distinguish between Sent/Received traffic
For some users/categories, it is crucial to monitor the uploaded (or sent) traffic to the internet. The fear is from Data Leakage initiated from employees or some sort of threat leaking data to outside the network.
This shall not be part of DLP, as the report will only monitor the amount of data uploaded, and not the data or files.
Knowing that such report can be generated from the “Investigative Reports”, but the latter cannot be scheduled, which makes the Presentation reports more valuable, even if it is after the fact (i.e. the data is already uploaded), but at least noticed within a short time frame.
↧
Auditor Role
As an Information Security Officer, it is very essential to monitor (or have a read-only view) to all the parameters and settings available under the Web Security module. A similar role is found under the name of "Full Reporting", but it does not allow you to see "Settings" menu.
An Auditor feature is available in many security products, and users under this role have access to view all the parameters (read-only), however, the "Commit Changes" button is always inaccessible.
↧
2014 March Madness
The NCAA 2014 Men's Basketball Tournament starts on March 18, 2014. Last year Websense moved most of the URLs for this event, especially streaming video, to the 'Special Event's category. Has anyone hear if this is the plan again this year?
Thanks
↧
↧
After installation of Websense how can I tell what routing device my Websense Network agent is bound to?
We have an installation of WS 7.8.1, I initially set it up using universal integration, then I saw that we are using an ASA, so I removed and re installed the network agent and had it integrate with a Cisco ASA. Now that it is installed, how can I verify that it is in fact bound to the Cisco ASA and not the universal integration?
I cannot see traffic using the testlogserver command, before I did this yesterday traffic was being generated and recorded into the investigative reports. I am using it on a Windows 2008 R2 server.
Thank you
↧
After Changing the IP address Websense Express
Gives me this when I initiate the Websense Management Console
"Unable to connect to Policy Server. Verify that Policy Server is installed and running, and that your network connection is active."
I already changed all the IP's in the Websense.ini and config.xml. Can someone tell me what I missed?
↧
script for starting websense services and changing password of postgrep/wensense
just would like to share... it's running on windows 2008 r2 sp1.
# policy database, change password and start it
$password=Get-Date -UFormat "%A%Y%m%d%Z%M%S"
$strComputer="CHSVINFRA008"
$service="WebsensePolicyDB"
$user="WebsenseDBUser"
$admin=[adsi]("WinNT://" + $strComputer + "/$user, user")
$admin.psbase.invoke("SetPassword", $password)
$account="$strComputer\$user"
$svc=gwmi win32_service -filter "name='$service'"
$result = $svc.change($null,$null,$null,$null,$null,$false,$account,$password,$null,$null,$null)
if ($result.ReturnValue -eq '0') {write-host "Password changed"} else {write-host "Error: $result.ReturnValue"};
$svc.StartService();
# policy broker
$service="WebsensePolicyBroker"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# policy server
$service="WebsensePolicyServer"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# user service
$service="WebsenseUserService"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# filtering service
$service="Websense EIM Server"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# Triton settings DB, change password and start it
$password=Get-Date -UFormat "%A%Y%m%d%Z%M%S"
$strComputer="CHSVINFRA008"
$service="pgsqlEIP"
$user="postgres_eip"
$admin=[adsi]("WinNT://" + $strComputer + "/$user, user")
$admin.psbase.invoke("SetPassword", $password)
$account="$strComputer\$user"
$svc=gwmi win32_service -filter "name='$service'"
$result = $svc.change($null,$null,$null,$null,$null,$false,$account,$password,$null,$null,$null)
if ($result.ReturnValue -eq '0') {write-host "Password changed"} else {write-host "Error: $result.ReturnValue"};
$svc.StartService();
# triton web security
$service="WebsenseManagerTomcat"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# Triton Unified
$service="EIPManager"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# triton server
$service="EIPManagerProxy"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# control service
$service="WebsenseControlService"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# dc agent
$service="WebsenseDCAgent"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# explorer
$service="WebsenseWFReportServer"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# information
$service="WebsenseCommunicationAgent"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# log server
$service="WebsenseLogServer"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# network agent
$service="Websense Network Agent"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# reporter scheduler
$service="Websense Reporter Scheduler"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# rtm db
$service="WebsenseRtmDb"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# rtm client
$service="WebsenseRtmTomcat"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# rtm server
$service="WebsenseRTM"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# usage monitor
$service="WebsenseUsageMonitor"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
# web reporting tools
$service="Apache2Websense"
$svc=gwmi win32_service -filter "name='$service'"
$svc.StartService();
↧
Initial Database Download Very Slow/Fails
Can anyone assist me today? Our Websense server at our school district has had to be rebuilt several times this past month as we migrated from ESXi. Now that we have everything in order and have gone to deploy it for a final time, it won't download an initial database. It downloads about 40MB in 30 minutes (6Mb every 5 minutes or so) and then stops, and tells me it timed out and to check my security settings.
Update, after 4 hours and 240MB of 400MB the initial database download failed. What gives, does anyone know?
Update, after another 4 hours I watched the .xfr go to 470MB, and then suddenly, an error file was created, and the .xfr was deleted and the database download started over again. Why is the database downloading at such a snails pace? Is there anyone online that can assist me? I need to get this filter online tonight, before school starts! Why is the DB download so incredibly slow? Is there anything I can do to get the download faster? Please assist if possible.
I'll have to stay up all night with this application yet again. The tracert to download.websense.com is just asterisks. It can be resolved, but no tracert from here. Is there an alternative to getting this initial database download? I did not have this problem doing the 7.6 installation I started with earlier this year. What is going on?
↧
↧
Cloud Websense is not Filtered in some Users
Hi
We are Using Cloud Websecurity.But some users are not filtered properly as they are in Block Policies Category.i had checked endpoint installer.it is ok.Pls Help
↧
7.8.2 Network agent fails
I recently upgraded to 7.8.2 Web Security and have run into a similar problem I had at 7.7.3
One of my remote network agents cannot start / immediately stops on manually starting it.
I tried the 'solution' that I have been presented in the past of removing all of the .p12 files, clearing caches, waiting and restarting... but this has not fixed the problem in 7.8.2.
Is there a new 'fix' for this under 7.8.2?
↧
How can I exclude a public ip from the Hybrid filtering service with Web Endpoint installed?
We have a client who is rolling out the Web Endpoint client. They would like a select group of users to work through the client at all locations other than through their own routers at home, where they want no filtering applied.
Is there a way I can exclude specific public IP addresses from passing through the Hybrid filtering service? These routers are under our management so I have access to all of the public ip's however I can't see an obvious location to configure what I am trying to do? I am basically looking for an Unfiltered Source instead of an Unfiltered Destination
I understand the thinking that all clients should always pass through the filtering service at all times but this is a specific request that I am trying hard not to duck!
We are using Web Security Gateway Anywhere V7.8.2 with client 1.4.7.6.1145
Thanks and Regards
Matt
↧
Cloud Web Security Gateway routing issue when on FortiClient VPN
All our laptops are installed with Websense Endpoint Client which ensures all HTTP/HTTPS traffic is routed to Websense Cloud service whether on corporate LAN, public WiFi or home broadband.
However, we are experiencing issue with Websense routing when after connecting to an SSL VPN using FortiClient to a Fortigate firewall. In certain scenarios, the web browser traffic tries to connect directly to the internet, rather than to Websense servers. See details below
- We traffic does proxy correctly on the internal LAN and it does proxy correctly when on an external network e.g. home broadband
- it does proxy correctly correctly when connecting via the VPN WHEN THE BROWSER IS OPENED BEFORE MAKING THE VPN CONNECTION.
- it does NOT proxy if I make the VPN connection first and then open the browser to access the internet. In this scenario, using TCPView, I can see the browser trying to connect directly to websites which I do not want. I still need this proxy in via Websense as with all other scenarios.
The fact Websense traffic routes to Websense via the VPN in 1 scenario suggests the traffic is allowed across the VPN and out the corporate firewall unhindered.
I just can’t work out what is different in connecting the web browser first and what is causing the web browser to try and connect to the internet directly… Incidentally, when I manually download the PAC file in this situation, it downloads fine. Wireshark doesn't show much as soon as the VPN is connected due to encryption I assume.
Any thoughts?
↧
↧
Websense endpoint client issues
Hi,
We are trying to test websense hybrid enpoint using the blackspider service and have found a weird problem, in certain situations the client will pick up the wrong configuration and point at the wrong pac file.
What happens is that the client software is installed on to a laptop and it pulls down a config that points to the pac file the first time it connects to the Internet. This will work normally if the laptop is connected using our internal network or an external internet connection, but if the laptop is connected to our public wireless that uses Websense Cloud service for filtering it gets configured to connect to the cloud service rather than the blackspider one.
I have tested this and when a laptop is connected to our public wireless immediately after the hybrid client software is installed the registry shows that the pac file reference is for our cloud subscription (the pac reference matches the one on our cloud administration page and not our triton administration page).
Additionally, we cannot use our hybrid anti tamper password to uninstall the client software.
Has anyone come across a similar situation before? If so, is there a premanent fix for this?
Cheers
Andy
↧
Automate EUMR subscriptions
I already created a support case for this: 01516777
The issue is: The customer would like to automatically set EUMR report frequency to “daily” and the content of the report within “one day”. We have been advised that this has to be done by Ops team. It is working for those existing users once Ops team made the change. However, for further new users, the customer has to come back to us to make the change.
We believe this needs a Feature request. The Support can submit a FR for this issue, so you/the customer can follow up with Product Management team for further advice.
I don't udnerstand why there is an area for "general settings" where I configure the EUMR reprot frequency to be set to daily when it isn't used for the subscriptions.
↧
Router Support
Can Cisco routers forward directly to the Cloud Web Security without an application or PAC file?
↧