First
the Option to copy a rule would ease up System Setup. imagine the same rule with slightly different thresholds for different destinations or sources - creating the rule once and copy it several times with just changing the thresholds instead of typing the complete rule again (assuming a lot of classifiers are used within it)
Second
moving rules or policies from a policy Level to another to Change the policy order later on would enhance flexibility of DSS to match growing and/or changing Business Needs.
↧
copy, Move Rules & Policies
↧
ws audit log details
Websense Global Technical Support - Case Number:01889254
request: Logon failed attempt (triton login) to audit log section.
Thank You
Best Regards
↧
↧
Make Endpoint Diagnosis Tool work when port 80 and 443 are blocked on a corporate LAN
It would be good if the new Endpoint Diagnosis Tool worked when connected to a corporate LAN with port 80 and 443 blocked. I'm holding off rolling out this new client even though the feature would be good for our end users because in our environment the Network Diagnostics is errored with Internet access: No even though it works fine via on-site content gateways and anywhere hybrid browsing.
↧
Websense Endpoint agent - Windows 8.1 not supported
Currently, according to the agent supports the following operating systems:
- Windows 7
- Windows 8
Recently, it has more Windows 8.1 workstation. After installing the agent in the settings section of the endpoint status is disabled condition.
It is also interesting that in case of Windows 8 and Windows 8.1 to Windows 7 Triton page appears.
I would suggest to think about Windows 8.1 support is in development.
↧
Dynamic AD Sync
When a user with a specific Websense policy (Policy Management > Clients) moves from one OU to another in AD, the client policy retains their old OU information . This leads to frequent issues where users have to be manually removed from their previous OU and re-setup with a policy based on their new OU in order to keep their website access to certain sites. Is there a way to automate this process? We have an automated system that provisions new users and handles changes which will move them to the appropriate OU when changing departments.
Ideally, it would be nice to have a function in Websense where we could refresh the Client policy settings so that it would detect that user A is now located in a new OU and update the Policy Management > Clients with the new OU string.
Please look into the process of adding this feature. Websense is one of the few systems that we are not able to automate for simple user OU changes. If this will not be added to Websense, can we get some assistance with a SQL Stored Procedure or PowerShell script that would accomplish this?
Thanks
↧
↧
Feature Request: Saved Queries in Message Center
We review quarantined emails multiple times per day due to our file extension blocks. We would love to have a way to save the queries we use frequently to save time in pulling up these messages.
Currently, we have to enter 5-6 pieces to build the criteria and this really adds up doing this each time to perform a search.
As an aside, and I will create a separate one for this, but a link in the administrator notification email that allows you to click, review the message in Message Center, then take the same actions you can take when you search for a message in Message Center. Currently, if you just click the link provided in the administrator notification email you can only view the message and why it was blocked, but not perform any actions on the message.
↧
Feature Request: Allow actions on messages when administraor notification email link is openend
When we recieve a notification that a message was quarantined, the link in the notification message doesn't give us any ability to take action on that message. We have to then go in and login to the console, then build the search query that gives us the message results we're after which is a bit time consuming.
↧
Alert Config
↧
Decreasing effectiveness of Email Security 7.3
My company has been using Email Security (now at version 7.3, the last) since the early days of it being Surf Control. Lately though, it seems that the amount of spam leaking through the cracks is increasing a significant amount, despite the server's update schedule running regularly.
I understand that this product is no longer getting version upgrades, but my question is: Is there any reason that it should be becoming less effective as time wears on, despite definition updates? What can I point to to try and figure out how to get a better detection rate without cranking up the false positives?
Is there any reason that the Email Security Gateway or other Websense products would do a better job of filtering our corporate mail compared to our Email Security 7.3 with all the latest definitions, and if so, how significant would you say that change would be?
↧
↧
Triton Security 7.6 config for vmware
I am migrating to a virtual environment and want to move my physical server to vMware environment. Currently I have two NIC interfaces on the server; one that monitors and one for the server with the proper configuration on the switch. this has been functioning well for some time.
now, I am installing the non integrated Triton Security 7.6 on a virtual server and need assistance with NIC and vnic configuration. is there documentation on how to configure the server NIC's and the vnics? I think this is where my issues are because I am to this point unable to filter
Thanks in advanced.
↧
How do I block FaceBook but allow access to company FaceBook pages and group
I need to block Facebook with the exception of the company Facebook page (www.facebook.com/companyname) and the company Facebook group (www.facebook.com/groups/companygroupname).
I have seen an ancient post that basically states it can't be done, but I'm hoping the current version provides that ability.
↧
New Cloud Portal UI appears to be unable to configure all reports to be provided in UTC
The new Cloud Portal UI appears to generate reports based off the timezone your workstation is set to.
I would like to set my user account to only display time in UTC (as the "old" portal UI did)
If this is not possible, I would like to have this submitted for a possible future feature enhancement. We generate reports for user that are in MANY time zones across the world, they have gotten very used to knowing that the times in the reports are UTC, no matter which SOC Engineer created them in US, Warsaw or Manila. It now become much more complex and confusing for them.
The above was created as support request (Case Number:01925018)
But I was informed that this was not possible and to create my own request here.
thank you
↧
Link to ThreatScope Report inside the ESGA ThreatScope Notification
Can you implement a method to include the link to the ThreatScope Report inside the notification email sent to an administrator when an email attachment is determined to be malicious by File Sandboxing component of ThreatScope in ESGA?
The notification generated by the ThreatScope Alert in WSGA, does contain a nice link to a ThreatScope report, but the ESGA notifications don't.
↧
↧
Feature Request - Create a default scan job with all settings
We have to setup 600 individual scan tasks which have all the same settings - same credentials, same exclude/include filters, same settings for everything, run once schedule disabled (they have to be pinged and then manually run based on availabilty and load bandwidth). The only thing that changes is the target machine and the scan crawler machine and everything else is same. In this way you can just select to create a task by template name, select target machine name and crawler and hit submit to queue the task in the list for manual start.
Rich
↧
Simple downloads are hard to find
Moving to a new server and wanted to download the latest version - but trying to find a simple download link AFTER signing in is frustrating me. Poorly laid out support site, more designed to market than support existing customers.
↧
Cloud Web Security Policies
Hi all,
I have a client for whom a POC of cloud web security is being done. Now as per normal procedure on WSG/Web Security policies are made per user or groups or OU.
In cloud web security i've seen that when a request is made to a site, websense cloud servers see the public IP that sent the request and applies the policy based on that public IP. So websense advises to create one policy per public IP and then create exceptions within that policy.
Has anyone tried such a method, creating one policy based on a public IP and within that policy create exceptions for managers, ceo, VP etc? If so kindly advise how to go about such a method as this is different from traditional websense on-premise policy configuration.
Thanks
↧
New Portal UI - BUG Report-User Filter when using the "Contains" option is Case Senstive
Example:
Searching for the user that contains the following string: mac.local.nobody
If you select CONTAINS and then enter "mac.local.nobody" (no quotes) you receive results
If you select CONTAINS and then enter "MAC.local.nobody " you receive ZERO results.
If you select CONTAINS and then enter "mac.LOCAL.nobody " you receive ZERO results.
If you select CONTAINS and then enter "Mac.local.nobody " you receive ZERO results.
etc, etc
Appears that there are MANY functions in the new UI that Enforce STRICT case sensitivity where its not logical to assume to enforce this strictness.
↧
↧
New Cloud Portal UI - Threats Dashboard- Top Threat Types by Request graph incorrect
The Top Threat Types by Request Graph has a Info icon that describes the graph as "Trends of the top Threat Types being blocked during the selected time frame"
In this graph is the Entries for the Application and Software Download category, in a single hour, there are 2913 entries for a single user #1 for that hour. These are all Application and Software Download Category (site is api.skyscanner.net) of these ALL are set to an action of Allowed.
If these are allowed, then why does the graph info indicate "…top threat types being blocked…" when you mouse over the Info icon for this graph?
↧
PEM 7.3 install on win server 2008r2 with SQL 2008 error
After going through the PEM install wizards and after the PEMConfig and PEMLog databases are created I run into an error that takes me back to the begining of the install wizard.
The error is:
[Microsoft][ODBC SQL Server Driver][SQL Server] Invalid object name 'OptionalComponents'.
Any idea what causes this error. Again it come right after the PEMLog is created in the SQL server that is on the same server as the pem installation.
↧
Access to the Mobile Apps.
We are using many more mobile devices now and have a requirement for certain users to be using the Websense as a proxy in the premises.Along with this giving access to certain Policy's members on certain Instant Messengers like WhatsApp(http://www.whatsapp.com/) ,IMO(https://imo.im/) and many others iOS and Android Apps.
Likewise Skype is mentioned in the Websense Content Gateway->HTTPS Management->Tunnel Skype
By having this feature within for certain Policy Members can be helpful to connect them for their meetings,from anywhere within the premises through mobile devices.
↧