Would be great, if it is possible to send the encrypted notfication with the origin sender email address.
↧
Encrypt Notification - Sender
↧
PIX and ASA
Hello,
Can i use one filtering service for both PIX and ASA or do i need to install another server?
↧
↧
Setting up new Websense server having issues with AD
Were upgrading to a newer Websense Triton web filter server, I'm trying to add our global catalog server but can't seem to get the new websense server to talk to it. I'm using the ip address, I've set up a service account and made it a domain admin. We have an OU called service accounts for accounts like this and that is where the account is listed. However when I test the connection I keep getting a "Unable to connect to the directory" error. Our firewalls are all turned off as a domain policy so I'm pretty sure that it isn't being blocked. The port number is correct, I've verified that the server i'm trying to connect to is a Global Catalog server. Anyone else have any ideas?
↧
HTTP Status 404 - /triton/pages/eipProductContainer.jsf
Hello all,
Our standalone install of websense is having an issue where after we upgraded the RAM for the server, I keep getting the following:
HTTP Status 404 - /triton/pages/eipProductContainer.jsf
type Status report
message/triton/pages/eipProductContainer.jsf
descriptionThe requested resource (/triton/pages/eipProductContainer.jsf) is not available.
Websense App Server/7.7
The websense db user and the websense triton settings database uid (postgres_eip) has the Log On As permission (which was when i noticed this problem). i can restart any services with no problem and all websense services are running. Can you guys help? Thanks.
↧
Add Global Catalog Server - unable to connect to the directory
Fresh install of Websense - Web Security 7.7.3. Win2008 R2. My connection to the domain server is successful under TRITON Settings\User Directory. ...tests fine and used to successfully add security to Websense for new users. This is a single-domain environment. I am pointing to the same server on the same port as the TRITON setting and I can't get the test to succeed. Connection via Telnet works fine (as expected). I've attempted both Full Distinguished Name and Distinguished Name by Components with same result: "Unable to connect to the directory"
Any ideas?
↧
↧
I have a 7.7 installation and I'm getting; Unable to contact Websense User Service when I go in to my Investigative Reports section.
Restarting the service typically corrects the issue, but I would like to know why the problem exists at all. The service(s) are all up and running.
Active Directory 2003, Windows 2003 server.
↧
Log Database errors cause out of control growth of index partition
Hello all-
We have a customer who is seeing repeated cases of a database problem and could use some guidance - this concerns the wslogdb70.mdf catalog database. Symptom is that this database begins to fill with error tables and grows out of control - in first case it grew to over 100GB. The error tables repeat with changing timestamps but have the format:
incomingbuffer_offline_error_20140702_195040
And
dbo_PART_BUFFER_PREV_error_20140702_195122
Once this condition starts the database continues to grow and the only solution (so far) has been to delete all database and use the CREATEDBU command to start a fresh database. This seems to clear things up, but only for a little while.
We have done that twice, and each time the system seems stable for several weeks but then the problem recurs. Aside from one KB article that does not seem directly related (references partition creation issues, which we don't seem to have) I cannot find anything on this set of errors. Support has not provided much useful information
Customer is currently running Web Security build 7.8.2.1167 on Windows 2008R2. The SQL server storing the databases is on a dedicated box, currently running SQL 2008.
Any suggestions greatly appreciated.
Thanks,
Dan
↧
Customize "Proxy Authorization Required"
Please allow cusomtization of the "Proxy Authorization Required" HTTP error message similarly to how other HTTP error messages are customizable.
Error Code: (NTLM) NA NT_STATUS_NO_SUCH_USER
↧
Full URL in user report
How do I view full URL's in a user report? I have modified the report and added the Full URL field but this field is completely empty in the resulting report. I have been receiving alert emails from websense containing the full url and ip address why can I not view this information in a report?
↧
↧
ESMTP server returns an error
Hello,
I am getting this alert on Email security "ESMTP server returns an error". My ESG does not show any alert on the main page, except on the Email security Gateway Appliance Log it shows [Alert Post] our.IP.Address. My email server logs shows successful recipient verification request and traffic seems uninterrupted.
I've restarted triton and am tempted to restart the mail server. If anyone can give me suggestions on where to look or educate me on how to address this alert, I would really appreciate it.
Yes this is my first post. Being that it takes 24+ hours to hear from a websense rep, I am hoping to reap the benefits of others experiences as I have done so many times before in searching through the forums.
Thanks..
~Renata
↧
Web Security File Downloads
I would like a confirm option for dealing with or downloading specific file types. Currently there is a 'Block' and 'Permit' Option, but a confirm option would be a good way to give users the flexibility to gauge whether the file they are downloading is appropriate. It would be a compromise solution for our organization. It also would give more coverage to different files, since some websites which could host downloads are not categorized as File Download Servers or similar categories.
↧
Websense thinks it is blocking HTTPS sites, but users can still get to web page
We use Websense Web Filter 7.5 build:20100417_1368 with a Sonicwall.
Usually, if a student tries to get to facebook/social networking sites via HTTPS (ie https://www.facebook.com), Websense blocks the request. The student doesn't see a custom block page, but that's fine. At least the page is blocked.
I noticed yesterday that the students can again get to social networking sites via HTTPS. I'm not sure when this behavior began. I test HTTPS sites periodically to ensure that they are being blocked, but I don't remember the last time I checked. It's probably been a month or two.
So ... I ran testlogserver. Websense thinks that it is blocking the webpage -- I see the following entry in the log:
protocol= "HTTPS"
url= "HTTPS://199.59.150.39:443"
port= "443"
category= 117 (SOCIAL NETWORKING)
disposition= 1025 (Category Blocked)
But, after 10 or so seconds, the web page actually loads. This happens in both Chrome and IE.
I'm not sure where to start troubleshooting this. What could be letting the request through? What should I be looking at?
Thanks!
Jamie
↧
Category Rules: Personal network storage and backup
We have a request to filter different actions for Personal Network Storage and Backup sites (eg. dropbox/box/etc.). The request is to enable selective blocking on upload and download action - to provide control on which users can upload or download from different sites controlled by external parties. This is similar to the granularity already provided for Social Media sites.
↧
↧
Quota Time not being applied
I have set the quota time to 15 1 minutes sessions. This has worked for years. I just noticed this week that the setting is still correct, but now users are getting 60 minutes a day in 10 minute sessions. A reboot didn't fix it. Any ideas? ver 7.8.2
↧
AD security group-based filtering if group contains computers
Hello All!
Does anyone know if Websense has a possibility to apply filtering rules to AD security group which contains computers, not users? Or the only way to treat computers is to use Computers scope under Clients section?
↧
Microsoft Security Advisory 2982792
Improperly Issued Digital Certificates Could Allow Spoofing
I was wondering if my Websense Content Gateway (7.8.2) will automatically block these false certificates, we are using SSL intercept.
Thanks!
↧
Websense Web Endpoint Client: How can I hide the systray icon?
Normal 0 21 false false false DE X-NONE X-NONE
Is it possible to hide/disable the Endpoint client systray icon? Maybe there is registry key to do this for the local machine or a particular user?
↧
↧
Websense Log Server Service Starts and Stops post Upgrade to Version 7.7 - usp_user_permission_verify
Hi,
We just upgraded our websense infrasturcture to the new version 7.7.
Post upgrade we cannot get the websense Log Server Service to start.
I mean it starts and it stops immediately.
Note: We had configured the Log Server service to connect via a Trusted User Authentication earlier.
We tried the websense article:
http://www.websense.com/support/article/kbarticle/Log-Server-not-running-after-upgrading-to-v7-7
The stored procedure which the article talks about - usp_user_permission_verify_logserver was sucessfully created. However, we got a message that the object could still not be made effective or something due to some issue.
After debugging the Log server service using
http://www.websense.com/support/article/kbarticle/v7-Debugging-Websense-Logserver
Checked the debug log :
WsLogRecordset::Open() - FAILURE: sqlCommand: {call usp_user_permission_verify_logserver} ERROR: The Procedure usp_user_permission_verify is not found.
We Uninstalled the log server component and reinstalled. Still same issue. After troubleshooting with Websense Support for a long time and got no where.
Now, If you could notice, you will find no document about this Stored proceedure anywhere.
I checked for the usp_user_permission_verify_logserver stored procedure which just resides above the usp_user_permission_verify_logserver stored procedure in the sql server. (Refer to the picture in the Websense article we tried earlier)
Found the particular usp_user_permission_verify_logserver be missing completely.
The usp_user_permission_verify_logserver is actually dependent on the usp_user_permission_verify_logserver stored procedure. So without it the logserver verify will fail.
Now how to you create the usp_user_permission_verify procedure.
If you try to manually create the procedure (which you can) (Right click on Stored procedures-->click on new Stored procedure). You can only create the blank procedure. But where do you get the code ?? or what the parameters to be supplied??
You run the debug again -- You get this in the debug.txt file.
WsDBConnectionProperties comparison: != SSL: 0 != 0
WsODBCConnectionController::Initialize() - Initializing a new datasource for dsn: wslogdb70.
Returning Number of Logger Threads: 6
WsODBCConnectionController::Initialize() - Attempting to open datasource: wslogdb70.
WsDBConnectionProperties::GetConnectionString() - using a Trusted Connection for the ODBC string
WsConnectionPool::initialize() - SUCCESS: Created 9 connections to db.
WsODBCConnectionController::Initialize() - Open datasource : wslogdb70 SUCCESS.
WsLogRecordset::Open() - FAILURE: sqlCommand: {call usp_user_permission_verify_logserver} ERROR: Procedure usp_user_permission_verify has no parameters and arguments were supplied.
WsDataSource::Validate() - Permission test failed: .
WsODBCConnectionController::Initialize() - Validate datasource : wslogdb70 FAILURE: .
Waiting for LogServer to shutdown...
LogServerDoc shutdown cleanly...
So how to fix this. Well a couple of ways.
1. If you have another log server:
Open the Stored procedure usp_user_permission_verify from the other log database and copy the query and paste in the affected database. Execute it. Then execute the usp_user_permission_verify_logserver script again.
2. You can try to restore a old backup of the log database to another sql server or with a different name. attach it get the script work. i was not sure how to do this.
then I tried this.
1. You have to detach your websense database (wslogdb70) from the SQL server.
2. Uninstall Log server,
3. Then move the Websense database to a backup folder on the same location. (you may also try installing og server without moving the files - I didn't try that)
4. Install the log server feature again.
5. Now a database is created with the new usp_user_permission_verify stored procedure.
6. Copy the query to a notepad file.
7. Follow the procedure from step 1 in reverse to get the old database.
8. Modify or create the usp_user_permission_verify SP and paste query you copied and run it.
Well I would say, You can copy the query you can find here and recreate the usp_user_permission_verify SP like :
-------------------------------------------------------------------------------------------------------------------------------------------------
USE [wslogdb70]
GO
/****** Object: StoredProcedure [dbo].[usp_user_permission_verify] Script Date: 08/06/2012 09:46:21 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER OFF
GO
create procedure [dbo].[usp_user_permission_verify] @reason nvarchar(1000) output, @debug bit = 0 as
begin
set nocount on;
set @reason = N'OK';
declare @productStr varchar(20),
@engineEdition int,
@version_num int;
select @productStr = cast ( serverproperty(N'ProductVersion') as varchar(20) ),
@engineEdition = cast ( serverproperty(N'EngineEdition') as int ),
@version_num = dbo.udf_dbserver_get_version();
-- check version before creating jobs
if (dbo.udf_dbserver_valid_version(@version_num) = 0)
begin
exec dbo.usp_event_log N'error', N'usp_user_permission_verify(): Specifiec SQL Server version is not supported';
set @reason = N'Specifiec SQL Server version is not supported';
print N'usp_user_permission_verify(): Specifiec SQL Server version ' + cast(@version_num as varchar) + N' is not supported.';
return -1;
end
-- SQL Express
if @engineEdition = 4 and IS_SRVROLEMEMBER(N'sysadmin') != 1
begin
set @reason = N'You must have sysadmin for SQL Express platform';
return 1;
end
-- everything is OK here
if IS_SRVROLEMEMBER(N'sysadmin') = 1
return 0;
-- standard or enterprise
-- need db_creator
if IS_SRVROLEMEMBER(N'dbcreator') != 1
begin
set @reason = N'You must have dbcreator server role';
return 2;
end
declare @sid varbinary(85),
@db_var sysname,
@sql nvarchar(4000),
@total int,
@i int;
select @sid = sid from sys.server_principals where name = system_user;
print @sid
declare @db_list table (
table_id int identity(1,1),
name sysname primary key
);
create table #db_permission (
id int identity(1,1) primary key,
dname sysname,
role_name sysname
);
insert into @db_list ( name )
select [DB_NAME] from dbo.wse_partitions where offline=0 and deleted= 0
union
select [name] from dbo.amt_partitions where active = 1;
set @total = @@ROWCOUNT;
-- add msdb
insert into @db_list (name) values (N'msdb');
set @total = @total + 1;
if @debug = 1 select * from @db_list;
begin try
select @i = 1;
while @i <= @total
begin
select @db_var = name from @db_list where table_id = @i;
set @sql = N'
insert into #db_permission (dname, role_name)
select ''' + @db_var + ''', role_principal.name role_principal_name
from ' + @db_var + N'.sys.database_role_members join ' + @db_var + N'.sys.database_principals as role_principal on database_role_members.role_principal_id = role_principal.principal_id
join ' + @db_var + N'.sys.database_principals as member_principal on database_role_members.member_principal_id = member_principal.principal_id
where member_principal.sid = N''' + cast(@sid as nvarchar(100)) + N'''';
if @debug = 1 print @sql;
exec (@sql);
set @i = @i + 1;
end
if @debug = 1 select * from #db_permission ;
if not exists (select 1 from #db_permission where dname = N'msdb' and role_name in ( N'db_datareader' , N'db_owner') )
begin
set @reason = N'You must have msdb.db_datareader database role';
return 3;
end
if not exists (select 1 from #db_permission where dname = N'msdb' and role_name in ( N'SQLAgentUserRole', N'SQLAgentOperatorRole', N'SQLAgentReaderRole') )
begin
set @reason = N'You must have one of the msdb.SQLAgentxxxRole (User, Operator, Reader) database role ';
return 4;
end
-- check partition ownership
select @i = 1;
while @i < @total
begin
select @db_var = min(name) from @db_list where name != N'msdb' and table_id >= @i;
if @debug > 0 print @db_var;
if not exists (select 1 from #db_permission where dname = @db_var and role_name = N'db_owner')
begin
set @reason = N'You must have ' + @db_var + N'.db_owner database role';
return 5;
end
set @i = @i + 1;
select @db_var = min(name) from @db_list where name != N'msdb' and table_id >= @i;
end
end try
begin catch
set @reason = ERROR_MESSAGE();
exec dbo.usp_error_log_info N'usp_user_permission_verify() failed to verify database permission ', @db_var;
return 6;
end catch
return 0;
end -- usp_user_permission_verify
GO
--------------------------------------------------------------------------------------------------------------------------------------------------
Now follow the steps in the Websense ariticle and check.
You can start the log server fine.
Hope websense releases an article similar to the usp_user_permission_verify_logserver one for this too.
Thanks,
Krishna.
↧
E-mail Marketing Sites
Dear Websense,
Is it possible to create a catagory for e-mail marketing sites like mailchimp, which client companies use to send marketing e-mails to people on their lists. Note: They are not spammers - people have to consent to receive these e-mails, so companies use them to send out marketing campaigns on their behalf.
The problem is that they also serve content, such as newletters, brochures, or even redirects back to the main company website. They are listed under the catagory of Hosted Business Applications, which we block. The URL's they put on e-mails are nearly always dynamic, and sometimes bare no relation to the client company's URL. Even when they do, the dynamic nature of the URL means that a released one today, will be blocked tomorrow.
I have looked at releasing by regular expression release (keyword release does not work), but Websense advises that a large number of expressions can affect the performance of the appliances. Thus I was thinking of a seperate catagory called e-mail marketing where they can be listed to make releasing easier. Hosted Business applications is too broad.
↧
Block users when subscription expires or is exceeded error
While on summer break and no one is normally using the network one employee came in and was unable to access the Internet. The block message was "The subscription has expired or been exceeded" The subscription is current and 0 users is shown. I unchecked "Block users when subscription expires or is exceeded" and the connection was enabled. What could cause this?
There is no filtering now.
↧