Cuerrently if a user releases a email that has been qurantined from EUMR, the email won't be filtered by any component like anti-virus, format scanning etc, which is not good enough. Currently we have an email which got qurantined as bulk spam, but actually the email has a zip file attachment with virus inside. The user was able to realease the email without knowing that there is a virus inside. Therefore if a user releases an email from EUMR, the email should still be filtered again by Cloud email security to make sure that similar issue won't happen again.
↧
Change the way EUMR works for Cloud Email Security
↧
Better full path value on database discovery incidents
Hi,
When running a discovery scan against a database the only information we get is the scheme, Db and the "chunk" reference of the tables that were scanned. The full path value does not include the specific table or field where the incident data actually resides.
Can you please improve the full data path field that shows the specific location of the incident data not just a chunk of 75000 rows
↧
↧
Websense service account creating lots of logon/logoff in the security logs
We are seeing what seems like an unusually high number of login/logoff events in the security logs on some of our servers. This seems to be something new. Anyone have any idea if this is a normal occurrence?
We are running Web Security 7.8.1.1485 on Server 2008R2.
↧
Chrome browser not blocking properly
I have a very strange situation happening on my websense implementation. I dont know for how long, but it appears that websites that should be restricted are not restricted when using the Chrome browser.
Example:
Acessing http://testdatabasewebsense.com/nudity via IE or FireFox : Blocked
accessing the same site via Chrome, I get a notification that the category is not blocked.
Anyone else have a similar issue?
Running Websense Standalone, version 7.7 on Windows
↧
AD Data to Cloud
We would like the feature to upload AD data to the cloud service on a more regular basis. At the moment it only does it once a day and we would like it at least once an hr
↧
↧
Custom Block Page - Different content for block page, quota, and confirm
We have recently upgrade our Websense and I am working on the custom block page. It has all the information I need and looks good, but I would like some of the information changed based on what kind of page it is (weather it is a block page, a site that is allowed for quota, or if it is a confirm page). I see the Bottom Frame does this, but I am not sure how it knows, or how to have the block page know about it. Is there a variable that I could use for this?
↧
High traffic volume download.skype.com
Hi,
We are seeing some devices in our WSS 7.6.7 with huge receive traffic from download.skype.com
If we search on the affected device there is no problem.
Also if we compare the volyme from WSS with our IDS system "not from websense", the numbers is not the same.
Any other that see the high volume on download.skype.com?
↧
EndPoint Authentication with local User
Hello,
I am setting up a WebSense Cloud Web Security environment for about 300 Users. Some of them are travelling around to some customers, others have ThinClients outside of the company. They all have changing outgoing IP-Addresses. These computers are no members of the company domain.
I thought about to create a filter only Policy without authentication and the endpoint installed to make a connection to the Cloud Proxy, but from the options I've seen, this isn't possible. The Cloud Proxy asks everytime for the credentials. Strange thing is, that the endpoint created automatically a user from my lab notebook with a NTLM ID "nt authority\system.local"
Am I missing something, or isn't this possible?
Thanks for any help
kind regards
↧
Websense Express and Office 365 connectivity
Good Day all
I implemented a Websense Express system and now some of my users have issues connecting their outlook client to the Office 365 cloud based e-mail system. it drops off but connects after some attempts, But it is mostly when they first log on or if they log back on after leaving or locking there system. Does anyone know anything about this issue?
↧
↧
Change IP Address of Mail security
Hi,
we are planning to move our server from our main office to another office that is not in the same IP range
running standalone no appliance, it's running on a Windows Server 2008 R2 STD
I would like to know what configurations / steps I should do to make it work with the new IP address
Triton Infrastructure 7.6.2.18 setup is installed
websense email security Version 7.3.0..01158
Hotfix = WES_7.3_HF8 installed
What shoudl I do to get it running with the new ip address that woul be in 10.1.25.x instead of 192.168.1.x network
I copied it into a virtual server to try the configuration and get prepared for the go live.
thanks a lot for your help
Daniel
↧
Google Drive not being blocked correctly
Hi,
We're having some issues preventing access to Google Drive.
We're currently running Triton Web Security build 7.8.1.1485.
The category Personal Network Storage and Backup is blocked blocked for most users. When I use the URL Category and Test Filtering tools, all of the drive.google.com URLs I test are properly categorized and show that they should be blocked.
However, in practice, users are able to access Google Drive without any issue.
I used the TestLogServer tool to take a look at the traffic, and everything it picked up was showing up in the category Search Engines and Portals. Here's a sample of the output:
DestinationIp= 173.194.43.44
time= Wed Apr 09 17:18:18 2014 version= 6
disposition= 1026 - Category Permitted
URL= HTTPS://173.194.43.44
protocol= 11 - HTTPS port= 443 networkDirection= Inbound
category= 76 - SEARCH ENGINES AND PORTALS
categoryReason= 1 - Master Database: URL
Is there a way to differentiate the traffic to drive.google.com from other Google traffic so we can block it?
Thanks!
↧
Dashboard Feature request
When you logon to Triton, the landing page is the dashboard. The default view is to show 30 days of Threats. If you had a virus and the total # of threat is large (4million+) it takes a minute or two for the page to load every time. This should be customizable so that 'Today' can be selected as the default. Or at least make it the default. No one cares what happend 30 days ago all of the time. 'Today' is much more relevant as a dashboard landing page. Please fix this.
↧
Site Look Up Tool
Team
We would like to enable selected “end user” employees with limited access to the Websense Site Look Up tool ONLY so they can request classification of uncategorized websites. This will simplify our internal support processes substantially.
These users should not be able to download software or view any knowledge base articles etc from the Websense portal.
Please note that the reason for this request is that we are finding that there many business sites used in the New Zealand market place which Websense has not categorised. This is causing considerable inconvenience for our users.
↧
↧
Custom YouTube policy issues on different browsers
Hi all,
I have created a custom policy which will only apply to this specific user account in AD. It basically only allows them to have complete access to YouTube but has blocked everything else so I made a custom category and the expressions I've added for this are:
^https?:(//.*\.|//)youtube\.com($|/.*)
^https?:(//.*\.|//)ytimg\.com($|/.*)
I have done a search on this and have seen a few threads where some other people are receiving 'An error occurred, please try again later.' I also get this error but only on IE. Firefox seems to have a continuous loading sign but videos work completely fine in Chrome. Can anyone help with this please?
Many Thanks
P.S. using version 7.8
↧
Heartbleed OpenSSL Vulnerability CVE-2014-0160
Hello Fellow Websenser's
We are trying to determine what/if any impact OpenSSL Vulnerability CVE-2014-0160 will have in our enviroment since Websense is inside our network. How is your organization handling this?
↧
"Error creating the user" when trying to add an administrator in TRITON Settings
Good day!
I receive an error message when trying to add some Network Account users as administrators in the TRITON Settings, while I'm able to add others. The error message I get is:
Error creating the user xxxxxx : A general error has occurred.
Error creating the user xxxxxx : A detailed message was written to the server's log file, the message can be identified as xxxxxxxxxxxxxxxxxxxxx
I don't know where is the server's log file. Closest thing I found is in the Windows 2008 Application logs. I have an error related to eventID 0, source PostgreSQL, saying: "ERROR: numeric field overflowDETAIL: A field with precision 32, scale 0 must round to an absolute value less than 10^32."
Websense version is 7.7.3 using Web Security only, running on a Windows 2008 SP2.
Any help would be appreciated.
Thanks,
Louis
↧
Custom Categories
I have created a custom category that contains IP's and URL's that are neither logged or blocked. Within my custom category I've added two IP's: 204.15.66.80 and 204.15.67.80. (I believe both of these IP's are used for updating the WebSense database.) I've noticed though that both of these IP's are still registered as being under the 'Miscellaneous' category. They appear in the reports as 'Miscellaneous' and also when using the 'URL Category' tool from the frontpage of WebSense.
No other IP's or URL's added to my custom category behave this way. They all were recategorized successfully and are not logged, as I intended.
I am using a clean install of WebSense 7 standalone edition with 2 hotfixes applied: 'Master DB load errors and other fixes' and 'Policy Broker connection limit'. This is on a Windows 2003 Standard R2 server that is fully patched. The database is SQL Server 2005 Standard SP3. All WebSense components are running on this one server.
Any ideas?
↧
↧
Websense Policy Server started and then stopped.
Our Websense has stopped working when the database got so large that it filled the hard drive. I followed STEPS to shrink it successfully. I then tried to start the services, in the proper order, and When starting Websense Policy Server I receive an error basically stating that the service started and then stopped. I then tried a few more things:
Restart DNS Client service
Try using Backup XML and INI
Not sure whats next. Here is the PolicyServer.exe -c:
C:\Program Files (x86)\Websense\Web Security\bin>PolicyServer.exe -c Starting New Diagnostics... Diagnostics port is 55920 Policy Service running... Failed to retrieve Policy Server UID. Error in initialization: -1 Stopping Diagnostics...
↧
7.7.3 TMG Plugin installation error, Filtering Service Communication
When I attempt to install the TMG plugin on my proxy machine it is unable to find my filtering service. Port is 15868 when installing, I'm not sure where to check in Websense what port the filtering service is using.
My websense web filtering is up and running, it sees all the traffic on the network and the real time monitor displays HTTP and HTTPS traffic. My test computer which I'm working on is connecting through the Proxy just fine and web browsing is not hindered. Also the Websense status is all green, database updated and all.
The Proxy has been added to the Network Agent section but each time I attempt to run the setup on the TMG machine I get and errror: Filtering Service not found. Make sure the Filtering Service is running, or specify a valid address. The address is correct, and pinging the websense server from the proxy yields the address I'm using.
Both the Proxy and Websense are sitting on a VM server. With the Websense implementation using a single physical NIC of the VM server to monitor the Mirrored traffic hitting the gateway.
↧
Allow YouTube Embed Video
We have some sites that are used for business purposes that have embed YouTube. Right now we are running YouTube on a quota, but I would like to allow embed YouTube without quota. I am not sure what expressions I will need to allow this. Has anyone done this?
↧