Is there a way you can bypass all user login requests when you go to sites. We have applications on windows, mac and linux and would like to know if you can turn the authentication off for all users and just monitor their internet traffic. It will be useful if that feature is enabled
↧
bypass all all authentication for users
↧
Investigative reporting - Exact url , not just 'youtube.com'
So I have enabled detailed URL in my investigative reporting, but It still only shows 'www.youtube.com', or some url to a 'page cannot be displayed'. Is there a way I can find out exactly the url to the videos being watched. I would like to know if the videos are work related (learning), or not.. Basically, I would like to view the link to the video that person watched.
Thanks much!!
↧
↧
https protocol is blocked - how can I open it for a specific site?
Newbie trying to learn how this works:
My standard policy blocks HTTPS
but I need to open it for a number of specific sites that have secure login. How do I add these to my policy?
Daryl
↧
User added to new websense reporting group not showing up
A new reporting group was created. One user was placed in the reporting group. The reporting group is not showing up in trition when i search for the group. The group was created and user placed in it over a week ago.
Does anyone know how to resolve this issue?
↧
Print or Export Categories
Is there an easy way to print or export the categories so they can be presented to management?
↧
↧
Centos websense data protector
Hello, how can i download WebsenseDataSecurityProtector76x iso?
Manual says its on the download page but i can't find it.
↧
Question about Newly Registered Websites and best practices
Hi,
I was doing some checking on activity in the Extended Protection: Newly Registered Websites.
I want to block this category by default because I can see how a number of sites might be exposing our environment to undue risk.
Question: How long does a newly registered website remain in this category? (day, week, month?)
In the last week users hit over 100 unique sites in this category and few of these sites seem legitimate. I do expect some resistance and think having an answer to how long the sites remain in this category would help ease their concerns. I am guessing that if a user complains we can follow the normal process of recommending an alternative category to Websense as well.
Question 2: Is it a best practice to block un-categorized sites? I am hesitant to suggest this because I see that in the last week users have hit over 5,000 sites in this category, and I know a large number are legitimate.
Thanks for any responses.
↧
multiple FTP connect methods for WCG when in a proxy chain with bluecoat SG
Hello,
We have an issue with proxy chaining. Because bluecoat accepts different ftp connection methods as websense, FTP proxy chain does not work as of now between WCG and other proxy models using different formats.
BlueCoat will send in below format:
USER %u@%h %s
PASS %p
ACCT %w
and WCG will expect in below format:
USER %u@%h
PASS %p
Therefore ftp proxy chaining does not work. This has been confirmed by websense. Please implement multiple options to have ftp chaining work with other proxies.
This is a big issue for us because we cannot monitor and inspect ftp traffic sent by child proxies via websense.
Many Thanks,
Gabor Bognar
↧
Downward proxy's IP address collection along with X-forwarded-for client IP
If we have downward proxies sending client IP in the X-Forwarded-For, the downward proxy's own IP address is not recorded in the threat dashboard and in the log database at all.
This heavily affects our incident investigation attempts, as we have many thousand of users and dozens of child proxies and the same client can use multiple child proxies.
Because obviously the child proxy's own IP address is sent during each http request, it would be easy to record that in a new column along with the client IP from the inserted x-forwarded-for so we can:
a) quickly find out from behind which child proxy the client sent the request
b) create reports and measure traffic and events broken down to child proxies (bandwidth, etc.)
G. B.
↧
↧
WebEx IPs added RegEx in Unfiltered but still being blocked
We recently started blocking Web Collaboration and a few exceptions are in a custom allowed category. WebEx is one of those exceptions. What is happening is that any of the WebEx IP addresses come through as Web Collaboration and are blocked.
We have the full list of IP ranges from WebEx and I've added them as RegEx in Unfiltered. I tested each range to make sure sample IPs match. However those IPs are still blocked because they are filtered as Web Collaboration.
Does Websense have a filtering priority so it will filter an IP based on its category before looking to see if it's part of a Regular Expression in Unfiltered URLs?
Other than manually adding the IPs (to 3rd octet) to Unfiltered or Allowed, are there other suggestions to get this to work?
Thanks!
↧
Directory Services LDAP account creds
Trying to get LDAP setup on our Websense filter.
We have been using domain admin creds up until now but were hoping to change this to a less secure account.
The Directory Services Global Catalog Server settings asks for a "distinguished name for a user account with administrative privileges".
It however appears to validate the connection while using a regular domain user account - and from our understanding LDAP queries can be performed w/o full domain admin rights.
Could someone confirm or explain why full admin rights may be needed?
↧
Threats Dashboard - Export to CSV Question
Hey all;
When exporting the Threats to CSV format, there are about 32 columns worth of data provided but no headers. Some of the data is obvious - IE ports, protocol, severity, LDAP path, etc.. but some is not, it's just numbers - IE 50:43:0, 1025, etc... Anyone know of any documentation that points out what column contains what data?
Thanks,
Carter
↧
Issue where all users are getting the default settings
Hi, I have an issue where if the Websense services are restarted or of the server itself is restarted, it will often drop everyone back into the default configuration policy. Everyone will have the same level of access no matter what group they are in. The only way to get the groups to get the correct policy is to restart the domain controller that Websense is working off of in the directory services. Once that server (DC) has been restarted, polices go back to where they are supposed to. Does anyone have any idea why this happens and how to correct this issue?
Active Directory (Native
Mode
Thank you in advance
↧
↧
SSH access to V10K Websense Modules
V10K users should not be penalized for choosing the appliance. Customers that run individual components like the WCG, WSS, etc are allowed to access each module, customize or tweak Websense configuration files, troubleshoot directly on the box without using a CLI emulated in web browser with limited functionality, maintain and archive logs, etc. Simple SSH access to the modules would be a nice feature and would probably cut down on support calls to access the V10K which would in turn free up WS Tech Support resources so customers will not have to wait in the queue for 45 minutes or 1-2 days for a call back.
↧
Script to remove failed or decommissioned components from Triton console
Perhaps a "use at your own risk" script to remove old components from Triton console/dashboard?
Several times I have to edit the config.xml file manually to remove failed or otherwise missing filtering servers, network agents etc. from the console. Sometimes the server is crashed and no longer around, other times we have had an admin in another division just shut down without uninstalling. Anyway, it would be nice to have a utility to remove "downed" components from Triton, especially if they were replaced with a machine with the same IP and then you are guessing which GUID is the right one.
↧
Event Detect via Network Resources for Endpoint Protection
Hello.
I want to detect information movement via Network Resources for Endpoint protection.
As Websense Support said this resource can only detect events by Websense protector. Can you build in it for endpoints too?
↧
EMAILS: A client has exceeded a configured daily Internet usage threshold.
I am constantly getting these emails. I am new to Websense, the person who was maintaining it left the company. Where do I got to change this (Websense Alert: Threshold exceeded for Blocked Category - Personal Network Storage and Backup (48 of 100 alerts for today))
↧
↧
credential when installing Triton server did not work where the same credential working on the appliance
I recently installing a Trinton Unified Security console (v7.8.1), and stuck on the installation of Directory Service Access. The account I used would resulted a pop of "The installer cannot verify your domain settings. Please clear the credentials on this page to continue. You can configure directory service access for affected components after the installation is complete"
It is strange, because the same credential was successfully able to joint the V5000 to join the domain.
Any suggestion?
↧
Investigative reports - Group by action type
When drilling down with Investigative reports, by default, both blocked and permitted actions are included in reports. This can be misleading when trying to interpret bandwidth consumption or hits as Websense includes an estimate of bandwidth that would have been consumed if the user was allowed to the site (even if they were blocked). It would be VERY useful to perhaps have a toggle button on the investigative reports page that allows one to turn off whether blocked actions are included in the reports.
I regularly have clients saying that a user is showing up as consuming X bandwidth for a site when that site is in fact blocked, only to have to tell the client that the bandwidth is what they "saved" according to Websense.
With Presentation reports, we can get around this by only selecting the Permitted actions when customising reports, and this limitation with Investigative reports sometimes renders it useless for a particular purpose.
↧
Site Look Up Tool
Team
We would like to enable selected“end user” employees with limited access to the Websense Site Look Up tool ONLY so they can request classification of uncategorized websites. This will simplify our internal support processes substantially.
These users should not be able to download software or view any knowledge base articles etc from the Websense portal.
Please note that the reason for this request is that we are finding that there many business sites used in the New Zealand market place which Websense has not categorised. This is causing considerable inconvenience for our users.
↧