Hi everyone,
I´m having a issue in version 7.6.7. When I try to access to Triton Console it remains in "Processing..." and never show the console, just remains in this state indefinitely. This Triton Server is managed around 12 Policy Servers who are distribuited in differents locations
This problem has been passed us when we had version 7.6.2 and we did the upgrade to 7.6.7 in order to resolve it. Anyone who has had the same issue?
Hello ,
I'm using Web Security build.7.6.2.1449 , I have blocked all Uncategorize sites thru policy.
I now that you can customize the block site page ,but can you set-it up so the user that receives the block site page can re-categorize the site?
I want users to have the option when they receive the block page for Uncategorize to have the option to select a category and input (if possibly ) a rezone they are accessing the site and automatically the site is accessible to the user - temporary if possible ,so an admin can receive a request to permanently categorize ;
Thanks
We'd like the ability for the product to be able to re-categorize ip address ranges. For example, if we know any URL that falls in the range 184.50.0.0 - 184.51.255.255 belongs to a vendor of ours, but Websense has not categorized every address in this range properly yet, we should have the ability to do this on our own within the program. The root of this issue concerns an e-commerce site that utlilizes many secondary sites during the browsing process. Some of these sites were being blocked improperly. Please reference case [ ref:00D27dP.5002Atwue:ref ].
Hey all;
Environment: Websense Web Security v7.6.5 on Windows Server 2008 R2, Standalone Deployment.
Anyone know how to create a REVERSE Limited Access filter? We have a situation where we've been asked to blocke a specific set if Internet sites from a single user account. In doing this we need to permit all other Domain Users access to the sites. The Limited Access filter does the opposite, allows you to specify a list of sites a user or group has access TO. Just wondering if there is an easier way to do this than to create a new filter, category(ies), etc...
Thank you,
Carter
I hope that this is the correct place to request an additional sub-category. For Compliance reasons my site is required to block email marketing sites such as www.constantcontact.com and www.icontcact.com. Periodically requests are approved to allow temporary access to URLs in these domains. Since the domains are filtered via a User Defined Category I am unable to grant access just to the specific URL. I would like to recommend a sub-category 'Email Marketing' as part of the 'Information Technology' category to be able to filter these sites more efficiently.
Auto Upload Uncategorized to be categorized
shouldnt be hard to create an api or something to allow the uncategorized to be sent directly to websense for categorization
I have been online since 3 4 hours and the page response is pathetic, i wanted to download the windows installer for Version 7.3, only 7% is downloaded in the last 3 hours and the current download rate is 22Kbps..!! I do not think it can get worse than this.
Our Germany and Hungarian users are dealing with Hungarian customers and suppliers. Some of them are blocked as spam, while they are regular emails.
I advised the users to add them to their always allowed list, but still they are being blocked.
What can I do to solve this issue?
We are using WES 7.3.0.01181 and PEM 7.3
Thanks.
Hi,
I have Websense Email Security 7.2 with Windows Server 2003 and on Citrix servers.
I have made some work on my email filter to catch any keywords or phrases I have entered in my own dictionary that I setup myself. The rule I have created for this to work is if the message is inbound and the score is = or over 100 then send an email notification back to the sender and isolate the message in the isolate section of the filter.
However due to other firms/organizations having the "automatic reply" or "do not reply" on their servers, I receive 5,6 even more pages worth of these messages from this different businesses saying the "do not reply" so they are worthless bouncebacks. To get these to stop I have to (in the rules administrator) delete the email notification, wait 5 minutes for the bouncebacks to stop and then re-add the email notification again and it's getting a pain now.
Is there anyway I get the email notification to send only once to these other firms servers?
Any help would be apprecriated :)
Many Thanks !
I understand from various posts in the forum that the User and Filtering services may take up to 3+ hours to replicate and recognize changes.
So currently we have a Universal security group tied to a filtering policy in Websense:
- We know that this works (or it doesn't and the users haven't complained yet) as we have put other users into the AD group and their filtering is working just fine
- We just put in 2 new users into the group and its been 24+ hours now (at time of writing) and they don't appear to be seeing any of the filtering that they should be (all things being equal) seeing
- They've logged out and then logged back into Windows.
I checked and it doesn't appear to be any of the following reasons:
- There are no policies applied specifically to these 2 user accounts
- Checked their IP and their IPs are not within any range that has a separate filtering policy
- They are in the AD group and the change has been properly replicated to other DC's (they're at a remote site and connecting to another DC)
- They are using Windows XP, SP2 and they say that they do not have the Windows Firewall on so file and print sharing do not appear to a culprit.
In terms of our AD to Websense, we current have it set to Mixed Mode.
Am I missing something obvious that may cause this??
Thanks!
case 01178824
Web Security>Main>Policy Management>Policies>Default>select category>Confirm>Ok>Save and Deploy
When setting a category to Confirm the continue timer is limited to one hour in v7.7.0
Web Security>Settings>Filtering>General Filtering>Continue timeout>limited to 3600 seconds (1 hour)
Customer would like that increased to allow up to 8 hours.
Thank you
1. Show how many incidents are selected/checked. This ability will help us ensure the number of checked incidents is accurate in cases where over a hundred are available to select.
2. Filter views for incidents that triggered on multiple policies; current capability will select all incidents within the filter, whether triggered on the same incident or not. When we are looking for incidents that triggered on two different rules on the same incident, this ability will help us filter and triage very quickly.
3. An “Undo” option, for instance when making a mistake while classifying an incident. Mistakes can happen at the rate which we triage. A quick button to undo the last made change on an incident can help improve productivity.
4. Exporting policies and rules, and potentially import the general logic into another customer’s policy. This ability will help if we have created custom policies and content classifies that we would like to implement elsewhere. This will ensure standard custom policies can be used in multiple environments.
5. An email language translation function. Users communicate in foreign languages that can contain confidential information. A quick translation function would speed of the triage process and ensure the email is translated in a secure manner.
Thank you,
Thomas Hegel
Hello,
I use Websense to monitor and check traffic.
Usually the same users send the same restricted documents to the same recipients (which is OK).
So, in that case, I can add an exception, excluding those emails.
However, is there a way so Websense can do it for you?
Is there a report of the same "re-occuring" false negative alarms, so I (or even Websense) can add those exceptions and I won't have a very big report to check?
If not, this is my suggestion.
Please advise
Thank you
Eran
When requesting a filtered address, the Websense proxy first sends a 302 HTTP Redirect status to a diagnostic URL, then redirect to an HTML web page. As it is not an error code, it is not interpreted by the usual update scripts (like script to upgrade python) as an error, which means that the script reports a success. It is then very confusing to understand why the global update doesn’t work properly.
The Websense proxy should send a ERROR status, which should be an 402 (or 405 or something like that) code. In that case it would be effectively interpreted by the update script as an error.
Hello all !!!
We are having trouble filtering some adult websites as the users find more and more every days!
I would like to know if it's possible to block all domain names, for examples: domain-name.ru or .xxx?
My request can be a bit harsh but it's the only way for some of them to stop visiting adult websites.
Thank you
Regards
So far Websense has been very helpful and recently we have had needs to do these things as follows:
1. I have 5 users in the same group and I want to block a website www.facebook.com from 1 of 5 users. How do I do this?
2. I block all users from downloading software from CNET.com, however, one of the users needs to download a legit application from this website. How do I do this and when this user needs to download, he will have to put in a password or something that Websense can let him download.
Please let me know...Thank you very much
I have installed Websense 7.6 at 3 seperate locations without problems. I have a SQL 2005 express SP4 instance SQLEXPRESS when I try to install I receive the error "Websense reporting tools do not work with the version of SQL you hve installed."
I also have a freshly installed 2008 express R2 instance SQLEXPR2008 when I try to install to this instance I receive "Unable to connect to SqlServer located at:"
I looked at the KB articles:
However when I run EXEC sp_helpserver it is reporting the correct servername\instancename so I do not want to blow that away since it is configured correctly. I need help, this project is due tonight and I am completely stuck!
Thank you much,
Mike
Many months ago we switched from using our network accounts (Active Directly) to log in as Super Admins to using newly created local accounts. I want to clean out the old network accounts from the list of Administrators but I'm not able to delete any of them - the boxes are grayed out. One listed user is no longer with the company at all!
We have Web Security 7.6. My account is Global Administrator.
Thanks for any help!
Chris
Hi All,
I am using Websense web security 7.7.0.
My security specialist has requested a daily scheduled report to show requests filtered through Websense that have been assigned particular sub-categories under 'Security' (e.g. malicious websites, Keyloggers, spyware etc. but not Custom-Encrypted Uploads or Files containing Passwords).
After looking through all the Presentation reports and finding nothing that allows me to generate a detailed list of requests like this, I thought the added flexibility of Investigative reporting would be the way to go. However, I found no way to select multiple subcategories to show in the same report. Either the whole 'Security' category, or single subcategories were my only options.
I attempted to work around Websense reporting shortcomings by changing the risk class definition of "Security Risk" to only include the sub-categories I wanted (removing things like Parked Domains and Freeware/Software download) and was planning to generate a detailed investigative report with the results I needed.
I made the risk class changes last week, and this morning ran an investigative report detailing requests flagged as "security risks" so far today only to find URLs categorised as Freeware/Software downloads or Parked Domains still appearing on the report. I wasn't sure if I needed to 'move' these categories to another risk class but have noticed they already appear in "Productivity Loss" by default.
Is there another setting I have missed to have the reporting provide these unexpected results?
As i install Triton with Web security, it create my data on my remote SQL Server Succesfully, but i don't want it to use the wslogdb70 name, it need to be something conform to all the other SQL instance we have here. As i could see there is no option in the install to change this, and even worst, once it install the triton, seem impossible to switch to the new created DB (Which i did created succesfully with the createdb.exe utility) Still it doesnt apear in my selection in Settings/reporting/log server. All it can see is the default wslogdb70
We had it right in 6.3.3 Hope you didn't remove this option.
Thank you very much