Quantcast
Viewing all 2011 articles
Browse latest View live

Websense services repeatedly crash

June 4, 2015, 8:37 am
$
0
0

I have had this problem across 2 websense products on different servers.

 

Currently I am running a fairly new instalatoin triton 7.8 on a server 2008 under 2003 domain controllers.  

I am repleatedly finding that several of the websense services have failed to on a consistent basis, when I go to start said services they start and all stop after about 5 min.  Before I can start any of the services that require a domain account I have to open the properties and reenter the password on at least one of the services before any of them will start.

I had this problem with my old 6.2 server and upgraded to 7.8 hoping to get away from these problems, but it seems it has come with me to the new server.

    Search

    Blocking ccTLD's

    June 5, 2015, 5:33 am
    $
    0
    0

    Hello,

    I am utilizing Websense Web Security / Web Filter

    I am looking for a way to block top level domains by their country code. ex .ir, .cn, .br.

    I tired to create an exception using http://*.ir but it appears you cannot use wildcard expressions.

    I then tried to use a couple regular expressions but nothing appeared to be working when I tried that too.

     

    Is there any way to block ccTLDs?

     

    Thanks!

    Facebook reporting

    June 8, 2015, 8:38 am
    $
    0
    0

    Can anyone explain to me how facebook is being filtered and other social media.  I have the reports stating that users within facebook and youtube have hit some form of adult content but I can't determine if it was intentional or a popup advertisement or other possibility within facebook?  Facebook is not blocked at our site but some features are like games, uploads etc. I've asked the network team to allow for full url filtering...should this help me to determine if the user is actually intending on going to a link they shouldn't be?

    What product and version am I actually using?

    June 9, 2015, 8:38 am
    $
    0
    0

    Greetings,

    I am new to my company, and I need to get up to speed on Websense ASAP.  According to our subscription, we are licensed for Cloud Web Security Gateway.  When I login to our portal, it says Wbsense Triton APX Advanced Protection.  How can I determine the version?

    Thank you!

    Report issue - can't schedule

    June 9, 2015, 8:47 am
    $
    0
    0

    We are using the Cloud Web Security Gateway, and I can't figure out how to schedule reports.  Here are the steps I am taking:

    1) Click Reporting and then Report Catalog.

    2) Under Standard Reports > Web Security > Misconduct, I am clicking Top Users of Adult Material Sites.

    3) Click the report to generate it.

    4) From the list of Top 10 users, I click the hits counter to see the detail.

    5) I see the individual offending hits.

    At every step, I see what looks like a grayed out calendar button in the toolbar which I assume is used to schedule reports.  Any idea why it might be grayed out?  I can export reports just fine, but I want the to export regularly and automatically.

    Thank you!

    Whats your opinion on switching on all advanced inspection features?

    June 10, 2015, 2:17 am
    $
    0
    0

    Do you switch on all features in web security for lower risk sites? If you leave it to high risk only, are you comfortable with the potential risks of a well known site being compromised and not inspected?

    We're seeing a lot of complaints coming as users have no filtering currently and don't have delays when accessing mainstream sites.

     

     

    Has anyone else being experiencing issues with OSX and the Endpoint Client?

    June 11, 2015, 2:03 am
    $
    0
    0

    We wanted to go down the endpoint client route for our OSX based laptops, however we've found multiple issues with this, timeouts, blocks, errors on Safari saying it cannot connect to the secure proxy...

    If I uninstall the agent and browse from a known IP via the proxy, its fine. Not great as we can't identify individuals then.

    Anyone else have issues or a good experience with the TRITON AP-WEB cloud proxy system and OSX / Macs?

    Andy Bowden
    Halma Group

    Testing Antivirus Functionality- EICAR is still downloadable!

    May 2, 2014, 7:43 am
    $
    0
    0

    Hi

    The built-in Antivirus of Websense Cloud Web Security Gateway should prevent our Users from downloading malicious Attachements (E.g. from privat Webmail Accounts)

    Therefore we have tried to test that functionality with the EICAR Virus. www.eicar.org

    All tough we have enabled "Antivirus File Analysis - Inbound" ---> Analyze content from sites with elevated risk profiles and from sites with lower risk profiles......  we are still able to download the EICAR Testvirus. So from my side it looks that Antivirus is not working properly..

    Can somebody from this forum test, if the EICAR will be detected on their websense environment?

    Or does anybody knows, why the EICOR isn't detected by Websense (WS Support has no idea and told me that my setup is correct)

    Thank you

    Daniel

    Search

    Web Security 7.8.4 - Clients not being blocked - Real-time monitor can see and says block

    June 10, 2015, 1:40 pm
    $
    0
    0

    Websecurity 7.8.4 Standalone. No clients are having pages blocked, but real-time monitor sees the clients and reports appropriate sites as blocked as per policies.

    Websense server has 2 NICs. The monitor nic has ip address 0.0.0.0 (this is promiscuous mode from what I read). I prefer to keep using promiscuous mode. Filter/Block NIC is assigned static ip from internal LAN.

    Using DC Agent and Login Agent, Windows 2008 R2 domain controller. Mix of Windows 7, chromebooks, iPad clients. Websense seems to have no problems with communicating Active Directory on local domain.

    From client, http://[websense_ip]:15871/cgi-bin/blockpage.cgi returns "Invalid Request", which i understand to be a good sign.

    testlogserver shows data being received and reports pages that should be blocked as blocked.

    The monitor nic is connected to a mirror port on Netgear GS748TPS (which mirrors TX/RX of port connected to Untangle firewall/router 11.1.0, which goes to internet). I had Websecurity 7.8.3 working with this same switch and config, but my monitor nic had an ip assigned (not in promiscuous mode).

    Does my monitor nic need an ip address? If not, what further troubleshooting steps can i take? I can capture from the client with wireshark, but I don't know exactly what to look for. What would cause block message to get dropped? Maybe it isn't even being sent from the filtering NIC? Anything I should check in the Untangle (firewall/router) config?

     

    Problem with Triton manager - WEB

    June 13, 2015, 4:34 pm
    $
    0
    0

    The server shutdown and after reboot, it's appearing the error message: " The primary Policy Server version does not match the management console version. There are no available secondary Policy Servers with the proper version.

    Please make sure there is at least one Policy Server with the same version as the management console, and network communication is possible between it and the Policy Server machine".

    *This server never had any other version installed.

    -We tried to restore a backup from triton EIP and wsbackup from 06/07/2015 but it doesn't worked, we still get the same issue.

    -So we tried to repair triton and we restarted the machine, after it we got the error "web security could not be launched".

    I tried to uninstall and install only triton web security, but it seems triton setup is not removing the service, because after we finished the setup the service still there.

     

     

    What can we do to fix it?

     

    Regards,

    Jeferson Furio

    Use multiple profiles in the same location?

    June 15, 2015, 1:12 pm
    $
    0
    0

    Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4

    Hello,

    I am preparing to implement Cloud Web Security for my company and I am running into a problem. I could be misunderstanding so forgive and correct me if I am wrong, but it seems like it REALLY wants you to use just a single Profile per location, specified by having that location’s IP Address as a “Proxied Connection” on the Connections tab within the Profile itself. I’ve seen it suggested in another forum post that you should then handle differences between users by adding small ‘exceptions’ to this single Profile.  This doesn’t work for me because we have categories of users within the same building that are so dramatically different that the exceptions would be endless.

    I was hoping and expecting to be able to set the IP address (or range) above all my Profiles, and then have user’s account or group membership dictate which Profile they actually use. How can I have different users in the same location be subject to different Profiles?

     

    Ray

    Exchange 2013 and Websense - "551 this is not a relay host"

    June 17, 2015, 2:06 am
    $
    0
    0

    What we have is Exchange 2013 using Websense server as a smarthost to send/recieve email.
    We have some users who are set up with server-side forwards to external email addresses.

    What happens at the moment:-

    1) Email from internal user A to internal user B (who has forward setup). Email gets forwarded to user B's external email.
    2) Email from external user C to internal user B (who has forward setup). Email gets bounced with 551 error abck to external user C.

    I assume its because something (Exhchange or Websense) is detecting that the original sender is not the same domain as the exchange server that is attempting to forward. Which sort of makes sense.

    BUT, we've recently moved from 2007 where this used to work. So theres something - on old Exchange 2007 or Websense that has allowed this previously.

    Appreciate its not a wise move to allow this sort of thing but it is what it is.

    By the way, its NOT remote domain setting on Exchange. This applies ONLY to client side forwarding.

    Here is the error:-

    Generating server: abc.xyz.co.uk (exchange 2013)

    userB@hotmail.co.uk (user Bs external email)
    websense.xyz.gov.uk (Websense server)
    Remote Server returned '551 This is not a relay host - mail must be to or from host domain.'

    Limit on web site look ups on the Site Look Up Tool

    June 19, 2015, 11:04 am
    $
    0
    0

     While performing research for my firm I just received the following message:

    Your organization has exceeded the maximum number of lookups for a single day. Please try again tomorrow.

    Websense has implemented a limit to ensure the availability of Master Database categorization for Websense customers and prospects. Thank you for your understanding.

    I am signed in with my credentials as the Super Administrator for my firm.  When and why was this put in place for a licensed user.  This may have an impact on some of the things we do here.

    Feature Request

    June 22, 2015, 8:16 am
    $
    0
    0

    I placed a ticket asking if this was possible.  I was told that it was not and to place a feature request.

    So, here it is:

    It would be great to have the ability to narrow a search query to NOT include a specific phrase, regex, or word.

    Thanks!

    Best way to filter Citrix users

    January 2, 2015, 12:46 pm
    $
    0
    0

    I have a new WSGA 7.8.3 environment with V10Ks.  I need to filter and log traffic from Citrix users.  In your opinions is it better to use the Citrix Plugin or IWA?  I have Citrix users that are on the LAN and well as connect in from their home Internet.  My problem is that we use provisioning servers and cant get a clear answer from documents on using the Citrix plugin, we also have clients that are not on the domain that need to be filtered.  Any thoughts?

    Search

    Websense Group Uninstall w/out using SMS or SCCM Possible?

    June 23, 2015, 7:48 am
    $
    0
    0

    Hello,

    We are looking to remove a group of remote users that have websense installed on their Win 7 machines. I was browsing the website and all I can find are uninstallation instructions using SMS or SCCM. Is there another way I can do this? Thanks in advance for any responses. 

    database issue

    June 23, 2015, 1:07 pm
    $
    0
    0

    I am missing the updates to the database. When a user hits a website that is blocked it is supposed to write that to the database. I lost that ability.

    7.8.4 WSE and WCG Hotfix confusion

    June 23, 2015, 2:04 pm
    $
    0
    0

    I have 7.8.4 Web Security and Web Content Gateway installed on CentOS 6.5 machines and am trying to get fully up to date hotfix wise.  The portal sometimes says the file name is .zip but the link says "click here to download the rpm".  Other times it mentions the file is .tgz but the link says "click here to download the rpm".   A good example from the hotfix download page is when I select "Websense Web Security", Version 7.8.4, and "Linux" for the OS.  Only three hotfixes show up.  HF03, HF09, HF10.   Where are 1,2,4,5,6,7,8?  Clicking the "plus" sign by HF10 and then "more details" it says the hotfix is for Windows and Linux and to download the rpm named "WSE-7.8.4-010.rpm" but when you download it the actual name is "Appliance-hotfix-NA-7.8.4-010.rpm" . Is there an easier way to determine the latest hotfixes for what I have?.  

    Thanks

    Elevated Exposure - Recategorise URL

    June 25, 2015, 2:43 am
    $
    0
    0

    We have a partner's portal that has been blocked under Elevated Exposure. How do I go about getting websense to recategorise the URL?

    Chrome and EndPoint

    June 26, 2015, 5:48 am
    $
    0
    0

    I use Chrome every day - currently v43.0.  For the first time today, I received a Chrome message saying "Chrome has disabled your Websense extension.  To protect you while you use browse, Chrome only lets you use extensions that have been published on the Chrome Web store." and it cannot be re-enabled - all in an effort to "protect" us.  Aren't we lucky to have Google there to save us?  <sigh>

    It does on to say "if you need to use a disabled extension you can contact the extension's developer and ask the to upload their extension to the Chrome Web Store".  Right.  We can ask.  Sorry, but I have little confidence in that option.

    Anybody know of a hack to allow this in Chrome?  I may have to ban this browser from my enterprise.

    Thanks!

     

     

    Viewing all 2011 articles
    Browse latest View live
    Search
    <script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>