We have a standalone Websense deployment with Network Agent. The Network Agent is experiencing frequent (every minute) crashes. We are running Triton 7.8.4 on windows 2012 r2 server. Network Agents (2) are running on dedicated windows 2012 r2 servers.

We tried natunining.ini on Network Agent servers with NbrHandlerThreads=1 or 4 and

eimserver.ini on filtering server with MaxWISPConnections=1000. Neither worked.

Event log on Network Agent server - followed by Network Agent general log:

Log Name:      Application
Source:        Application Error
Date:          11/19/2015 1:01:51 PM
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      0000SWEB8NA02.domain name

Description:
Faulting application name: NetworkAgent.exe, version: 7.8.4.1390, time stamp: 0x53da807d
Faulting module name: ntdll.dll, version: 6.3.9600.18007, time stamp: 0x55c4c16b
Exception code: 0xc0000374
Fault offset: 0x00000000000f1280
Faulting process id: 0xd8
Faulting application start time: 0x01d1230d7097bbdd
Faulting application path: C:\Program Files\Websense\Web Security\bin\NetworkAgent.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: c0e63197-8f00-11e5-80d7-98be943d09a4
Faulting package full name:
Faulting package-relative application ID:

NetworkAgent log:

[11/19/2015 12:29:03.062] (2576): Adding protocol Yahoo! Messenger attachments (id: 54)
[11/19/2015 12:29:03.062] (2576): Adding protocol MSN Messenger attachments (id: 55)
[11/19/2015 12:29:03.078] (2576): Adding protocol AOL Instant Messenger or ICQ attachments (id: 56)
[11/19/2015 12:29:03.281] (2576): Adding protocol Bot Networks (id: 92)
[11/19/2015 12:29:03.281] (2576): Adding protocol Email Borne Worms (id: 95)
[11/19/2015 12:29:03.281] (2576): Adding protocol Other (id: 97)
[11/19/2015 12:29:03.281] (2576): Adding protocol Brosix (id: 138)
[11/19/2015 12:29:03.281] (2576): Adding protocol Mail.Ru (id: 147)
[11/19/2015 12:29:03.281] (2576): Adding protocol Octoshape (id: 151)
[11/19/2015 12:29:03.281] (2576): Adding protocol Pandora (id: 148)
[11/19/2015 12:29:03.281] (2576): Adding protocol Instant Housecall (id: 152)
[11/19/2015 12:29:03.281] (2576): Adding protocol Voxox (id: 150)
[11/19/2015 12:29:03.281] (2576): Adding protocol Yuuguu (id: 145)
[11/19/2015 12:29:03.281] (2576): Adding protocol Joost (id: 149)
[11/19/2015 12:29:03.281] (2576): Adding protocol netFM Messenger (id: 146)
[11/19/2015 12:29:03.281] (2576): Adding protocol iSpQ (id: 139)
[11/19/2015 12:29:03.281] (2576): Adding protocol CrossLoop (id: 140)
[11/19/2015 12:29:03.281] (2576): Adding protocol NateOn Messenger Attachments (id: 141)
[11/19/2015 12:29:03.281] (2576): Adding protocol Globe7 (id: 142)
[11/19/2015 12:29:03.281] (2576): Adding protocol Chikka Messenger (id: 143)
[11/19/2015 12:29:03.281] (2576): Adding protocol Live Mesh (id: 144)
[11/19/2015 12:29:03.281] (2576): Adding protocol Revver (id: 155)
[11/19/2015 12:29:03.281] (2576): Adding protocol Hulu (id: 156)
[11/19/2015 12:29:03.281] (2576): Adding protocol ShareNow (id: 161)
[11/19/2015 12:29:03.281] (2576): Adding protocol Badongo Buddy (id: 163)
[11/19/2015 12:29:03.281] (2576): Adding protocol Spotify (id: 165)
[11/19/2015 12:29:03.281] (2576): Adding protocol ClipMoon (id: 157)
[11/19/2015 12:29:03.281] (2576): Adding protocol Comodo EasyVPN (id: 166)
[11/19/2015 12:29:03.281] (2576): Adding protocol MyPlay (id: 164)
[11/19/2015 12:29:03.281] (2576): Adding protocol Goober Messenger (id: 168)
[11/19/2015 12:29:03.281] (2576): Adding protocol Netease Popo (id: 101)
[11/19/2015 12:29:03.281] (2576): Adding protocol Mikogo (id: 167)
[11/19/2015 12:29:03.281] (2576): Adding protocol Opera Unite (id: 159)
[11/19/2015 12:29:03.281] (2576): Adding protocol Dailymotion (id: 160)
[11/19/2015 12:29:03.281] (2576): Adding protocol NateOn (id: 105)
[11/19/2015 12:29:03.281] (2576): Adding protocol YouSendIt (id: 154)
[11/19/2015 12:29:03.281] (2576): Adding protocol NateOn Remote Access (id: 153)
[11/19/2015 12:29:03.281] (2576): Adding protocol Vimeo (id: 158)
[11/19/2015 12:29:03.281] (2576): Adding protocol Palringo (id: 162)
[11/19/2015 12:29:03.281] (2576): Adding protocol Neos (id: 109)
[11/19/2015 12:29:03.281] (2576): Adding protocol Xfire (id: 125)
[11/19/2015 12:29:03.281] (2576): Adding protocol MSC Messenger (id: 126)
[11/19/2015 12:29:03.281] (2576): Adding protocol VZOchat (id: 133)
[11/19/2015 12:29:03.281] (2576): Adding protocol AOL Instant Messenger or ICQ (id: 21)
[11/19/2015 12:29:03.281] (2576): Adding protocol Yahoo! Messenger (id: 3)
[11/19/2015 12:29:03.281] (2576): Adding protocol TryFast Messenger (id: 132)
[11/19/2015 12:29:03.281] (2576): Adding protocol X-IM (id: 119)
[11/19/2015 12:29:03.281] (2576): Adding protocol Tencent QQ (see the Knowledge Base) (id: 49)
[11/19/2015 12:29:03.281] (2576): Adding protocol IRC (id: 5)
[11/19/2015 12:29:03.281] (2576): Adding protocol Gadu-Gadu (id: 66)
[11/19/2015 12:29:03.281] (2576): Adding protocol SIMP (Jabber) (id: 4)
[11/19/2015 12:29:03.281] (2576): Adding protocol Camfrog (id: 72)
[11/19/2015 12:29:03.281] (2576): Adding protocol IMVU (id: 124)
[11/19/2015 12:29:03.281] (2576): Adding protocol Meetro (id: 115)
[11/19/2015 12:29:03.281] (2576): Adding protocol MySpaceIM (id: 116)
[11/19/2015 12:29:03.281] (2576): Adding protocol Yahoo! Mail Chat (id: 127)
[11/19/2015 12:29:03.281] (2576): Adding protocol MSN Messenger (id: 2)
[11/19/2015 12:29:03.281] (2576): Adding protocol Google Talk (id: 79)
[11/19/2015 12:29:03.281] (2576): Adding protocol Wengo (id: 84)
[11/19/2015 12:29:03.281] (2576): Adding protocol HTTPS (id: 11)
[11/19/2015 12:29:03.281] (2576): Adding protocol SoonR (id: 110)
[11/19/2015 12:29:03.281] (2576): Adding protocol Vyew (id: 128)
[11/19/2015 12:29:03.281] (2576): Adding protocol Gizmo Project (id: 87)
[11/19/2015 12:29:03.281] (2576): Adding protocol Zolved (id: 135)
[11/19/2015 12:29:03.281] (2576): Adding protocol SoftEther PacketiX (id: 121)
[11/19/2015 12:29:03.281] (2576): Adding protocol Paltalk (id: 74)
[11/19/2015 12:29:03.281] (2576): Adding protocol BeInSync (id: 134)
[11/19/2015 12:29:03.281] (2576): Adding protocol WallCooler VPN (id: 137)
[11/19/2015 12:29:03.281] (2576): Adding protocol Woize (id: 99)
[11/19/2015 12:29:03.281] (2576): Adding protocol HTTP (id: 1)
[11/19/2015 12:29:03.281] (2576): Adding protocol Telnet (id: 17)
[11/19/2015 12:29:03.281] (2576): Adding protocol Eyeball Chat (id: 77)
[11/19/2015 12:29:03.281] (2576): Adding protocol Wavago (id: 90)
[11/19/2015 12:29:03.281] (2576): Adding protocol MyIVO (id: 102)
[11/19/2015 12:29:03.281] (2576): Adding protocol TeamViewer (id: 131)
[11/19/2015 12:29:03.281] (2576): Adding protocol Terminal Services (id: 38)
[11/19/2015 12:29:03.281] (2576): Adding protocol Citrix (id: 39)
[11/19/2015 12:29:03.281] (2576): Adding protocol Toonel (id: 106)
[11/19/2015 12:29:03.281] (2576): Adding protocol SocksOnline (id: 108)
[11/19/2015 12:29:03.281] (2576): Adding protocol Hopster (id: 65)
[11/19/2015 12:29:03.281] (2576): Adding protocol WebEx (PCNow & Support Center) (id: 85)
[11/19/2015 12:29:03.281] (2576): Adding protocol pcTELECOMMUTE (id: 36)
[11/19/2015 12:29:03.281] (2576): Adding protocol Tor (id: 71)
[11/19/2015 12:29:03.281] (2576): Adding protocol JAP (id: 88)
[11/19/2015 12:29:03.281] (2576): Adding protocol pptp (id: 32)
[11/19/2015 12:29:03.281] (2576): Adding protocol GhostSurf (id: 68)
[11/19/2015 12:29:03.297] (2576): Adding protocol RealTunnel (id: 80)
[11/19/2015 12:29:03.297] (2576): Adding protocol VNC (id: 37)
[11/19/2015 12:29:03.297] (2576): Adding protocol ssh (id: 33)
[11/19/2015 12:29:03.297] (2576): Adding protocol pcANYWHERE (id: 35)
[11/19/2015 12:29:03.297] (2576): Adding protocol LogMeIn (id: 81)
[11/19/2015 12:29:03.297] (2576): Adding protocol TongTongTong (id: 107)
[11/19/2015 12:29:03.297] (2576): Adding protocol Google Web Accelerator (id: 69)
[11/19/2015 12:29:03.297] (2576): Adding protocol BoxCloud (id: 111)
[11/19/2015 12:29:03.297] (2576): Adding protocol Metacafe (id: 130)
[11/19/2015 12:29:03.297] (2576): Adding protocol Windows Media (id: 6)
[11/19/2015 12:29:03.297] (2576): Adding protocol iTunes (id: 67)
[11/19/2015 12:29:03.297] (2576): Adding protocol Google Video (id: 76)
[11/19/2015 12:29:03.297] (2576): Adding protocol SHOUTcast (id: 70)
[11/19/2015 12:29:03.297] (2576): Adding protocol Liquid Audio (id: 46)
[11/19/2015 12:29:03.297] (2576): Adding protocol Social FM (id: 136)
[11/19/2015 12:29:03.297] (2576): Adding protocol Slingbox (id: 103)
[11/19/2015 12:29:03.297] (2576): Adding protocol Finetune (id: 129)
[11/19/2015 12:29:03.297] (2576): Adding protocol PeerCast (id: 82)
[11/19/2015 12:29:03.297] (2576): Adding protocol JetCast (id: 75)
[11/19/2015 12:29:03.297] (2576): Adding protocol AOL Radio (id: 86)
[11/19/2015 12:29:03.297] (2576): Adding protocol FastTrack (Kazaa iMesh) (id: 10)
[11/19/2015 12:29:03.297] (2576): Adding protocol Your Freedom (id: 91)
[11/19/2015 12:29:03.297] (2576): Adding protocol RTSP (QuickTime RealPlayer) (id: 7)
[11/19/2015 12:29:03.297] (2576): Adding protocol FolderShare (id: 100)
[11/19/2015 12:29:03.297] (2576): Adding protocol ClubBox (id: 104)
[11/19/2015 12:29:03.297] (2576): Adding protocol MindSpring (id: 123)
[11/19/2015 12:29:03.297] (2576): Adding protocol eDonkey (id: 42)
[11/19/2015 12:29:03.297] (2576): Adding protocol FTP (id: 12)
[11/19/2015 12:29:03.297] (2576): Adding protocol Gnutella (Morpheus Xolox) (id: 9)
[11/19/2015 12:29:03.297] (2576): Adding protocol Hotline Connect (id: 43)
[11/19/2015 12:29:03.297] (2576): Adding protocol Pando (id: 112)
[11/19/2015 12:29:03.297] (2576): Adding protocol Damaka (id: 113)
[11/19/2015 12:29:03.297] (2576): Adding protocol DirectConnect (id: 64)
[11/19/2015 12:29:03.297] (2576): Adding protocol BitTorrent (id: 48)
[11/19/2015 12:29:03.297] (2576): Adding protocol SoulSeek (id: 118)
[11/19/2015 12:29:03.297] (2576): Adding protocol Skype (id: 53)
[11/19/2015 12:29:03.297] (2576): Adding protocol GigaTribe (id: 114)
[11/19/2015 12:29:03.297] (2576): Adding protocol EZPeer (id: 58)
[11/19/2015 12:29:03.297] (2576): Adding protocol Hamachi (id: 89)
[11/19/2015 12:29:03.297] (2576): Adding protocol Raketu (id: 122)
[11/19/2015 12:29:03.297] (2576): Adding protocol Onshare (id: 117)
[11/19/2015 12:29:03.297] (2576): Adding protocol Qnext (id: 73)
[11/19/2015 12:29:03.297] (2576): Adding protocol Project Neon (id: 83)
[11/19/2015 12:29:03.297] (2576): Adding protocol SQL Net (id: 20)
[11/19/2015 12:29:03.297] (2576): Adding protocol POP3 (id: 15)
[11/19/2015 12:29:03.297] (2576): Adding protocol IMAP (id: 47)
[11/19/2015 12:29:03.297] (2576): Adding protocol Microsoft HTTPMail (id: 78)
[11/19/2015 12:29:03.297] (2576): Adding protocol ident (id: 28)
[11/19/2015 12:29:03.297] (2576): Adding protocol daytime (id: 26)
[11/19/2015 12:29:03.297] (2576): Adding protocol Gopher (id: 13)
[11/19/2015 12:29:03.297] (2576): Adding protocol Lotus Notes (id: 23)
[11/19/2015 12:29:03.297] (2576): Adding protocol WAIS (id: 41)
[11/19/2015 12:29:03.297] (2576): Adding protocol SMTP (id: 14)
[11/19/2015 12:29:03.297] (2576): Adding protocol NetMeeting (id: 25)
[11/19/2015 12:29:03.297] (2576): Adding protocol finger (id: 27)
[11/19/2015 12:29:03.297] (2576): Adding protocol LDAP (id: 29)
[11/19/2015 12:29:03.297] (2576): Adding protocol NTP (id: 30)
[11/19/2015 12:29:03.297] (2576): Adding protocol OpenWindows (id: 31)
[11/19/2015 12:29:03.297] (2576): Adding protocol SOCKS 5 (id: 18)
[11/19/2015 12:29:03.297] (2576): Adding protocol NFS (id: 34)
[11/19/2015 12:29:03.297] (2576): Adding protocol NNTP (id: 19)
[11/19/2015 12:29:03.297] (2576): Adding protocol Orsiso (id: 172)
[11/19/2015 12:29:03.297] (2576): Adding protocol MyGreenPC (id: 173)
[11/19/2015 12:29:03.297] (2576): Adding protocol Access Grid (id: 178)
[11/19/2015 12:29:03.297] (2576): Adding protocol Remote Control PC (id: 174)
[11/19/2015 12:29:03.297] (2576): Adding protocol Ares (id: 62)
[11/19/2015 12:29:03.297] (2576): Adding protocol MySpace Player (id: 176)
[11/19/2015 12:29:03.297] (2576): Adding protocol Baidu Hi (id: 171)
[11/19/2015 12:29:03.297] (2576): Adding protocol Nimbuzz (id: 170)
[11/19/2015 12:29:03.297] (2576): Adding protocol Gmail Chat (WSG Only) (id: 98)
[11/19/2015 12:29:03.297] (2576): Adding protocol BBC iPlayer (id: 179)
[11/19/2015 12:29:03.297] (2576): Adding protocol Google Wave (WSG Only) (id: 169)
[11/19/2015 12:29:03.297] (2576): Adding protocol Adobe Updater (WSG Only) (id: 175)
[11/19/2015 12:29:03.297] (2576): Adding protocol Solid State Delivery Platform (id: 177)
[11/19/2015 12:29:03.297] (2576): Total m_criteria is 422
[11/19/2015 12:29:03.297] (2576): Set protocol cache rules
[11/19/2015 12:29:03.312] (2576): Before load EIM uid:
[11/19/2015 12:29:03.312] (2576): After load EIM uid:aa974909-d4b6-11e4-b088-c9f0f895fb98
[11/19/2015 12:29:03.312] (2576): error: 0, before: FFFFFFFF, get uintIP = A1201E1
[11/19/2015 12:29:03.343] (2576): WARNING : WsNetworkAgent::GetThreadNumber() - Thread Number = 8 are decided by CPU number.
[11/19/2015 12:29:03.343] (2576): WsNetworkAgent::Start - Need reallocate memory for NA.
[11/19/2015 12:29:03.343] (2576): GENERAL : WsNetworkAgent::ReallocateMemoryResource() - monitor nic = 1.
[11/19/2015 12:29:03.343] (2576): WARNING : WsNetworkAgent::GetThreadNumber() - Thread Number = 8 are decided by CPU number.
[11/19/2015 12:29:03.343] (2576): GENERAL : WsNetworkAgent::ReallocateMemoryResource() - Thread Count = 8.
[11/19/2015 12:29:03.343] (2576): WARNING : WsNetworkAgent::GetThreadNumber() - Thread Number = 8 are decided by CPU number.
[11/19/2015 12:29:03.343] (2576): WsNetworkAgent::GetThreadByOptimizeSocket() - SocketPerThread = 15, Thread Count = 8.
[11/19/2015 12:29:03.343] (2576): WARNING : WsNetworkAgent::ReallocateMemoryResource() - Update  Monitor NIC = 1, Thread Count = 8, SocketPerThread = 15 .
[11/19/2015 12:29:03.343] (2576): WsNetworkAgent::ReallocateMemoryResource() - Memory : Packet = 13194240, SessionSize = 7517888 and Transaction = 122434176
[11/19/2015 12:29:03.343] (2576): Entering UpdateCaptureConfig(NIC-1)
[11/19/2015 12:29:03.343] (2576): Enable capturing for NIC-1:
OperationMode: 3 (StandAlone: 1)
InjectNIC: NIC-2 (Dest MAC: auto)
HTTPOnAnyPort: 1 (Purchased: 1)
[11/19/2015 12:29:03.359] (2576): WsNICInject:: Destination MAC: auto (Type: 3)
[11/19/2015 12:29:03.359] (2576): WsNICInject::Device: \Device\Packet40_{F3B856A3-CBED-4326-BF39-88FFA0439201}
[11/19/2015 12:29:03.359] (2576): WsNICInject::Mac Spoofing: false
[11/19/2015 12:29:03.359] (2576): Inject NIC MAC: 98:be:94:3d:09:a3
[11/19/2015 12:29:03.359] (2576): Inject NIC's gateway MAC: 00:07:b4:00:02:02
[11/19/2015 12:29:03.359] (2576): Inject NIC's subnet: 10.18.1.0
[11/19/2015 12:29:03.359] (2576): Inject NIC of IPv6 MAC: 98:be:94:3d:09:a3
[11/19/2015 12:29:03.359] (2576): WsNICInject: IPv6 addr: 0000:0000:0000:0000:0000:0000:0000:0000, gateway addr: 0000:0000:0000:0000:0000:0000:0000:0000.
[11/19/2015 12:29:03.359] (2576): bind to local 0000:0000:0000:0000:0000:0000:0000:0000!
[11/19/2015 12:29:03.359] (2576): WSAIoctl SIO_RCVALL failed: 10022

Hi,

We have a websense appliance (V5000G2) running code version 7.8.1.

On our Windows Domain Controllers, I frequently see these two events:
Event 4776:
The computer attempted to validate the credentials for an account.
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon Account: admin
Source Workstation: APPLIANCE-WSE
Error Code: 0xc0000234

followed by Event 4625:
An account failed to log on.

Subject:
 Security ID:  NULL SID
 Account Name:  -
 Account Domain:  -
 Logon ID:  0x0
Logon Type:   3

Account For Which Logon Failed:
 Security ID:  NULL SID
 Account Name:  admin
 Account Domain:  zzz

Failure Information:
 Failure Reason:  Account locked out.
 Status:   0xc0000234
 Sub Status:  0x0

Process Information:
 Caller Process ID: 0x0
 Caller Process Name: -

Network Information:
 Workstation Name: APPLIANCE-WSE
 Source Network Address: xxx.xxx.xxx.120
 Source Port:  33548

Detailed Authentication Information:
 Logon Process:  NtLmSsp
 Authentication Package: NTLM
 Transited Services: -
 Package Name (NTLM only): -
 Key Length:  0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
 - Transited services indicate which intermediate services have participated in this logon request.
 - Package name indicates which sub-protocol was used among the NTLM protocols.
 - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

The offending device is the V5000, but I have no idea where this 'admin' ID is configured on the appliance, or why it's contacting our DCs for authentication. I'd love to reconfigure it so it's not hammering AD with authentication noise... Can anyone help me out?

Thanks,

Greg

I find that in my Cloud Web Security portal that version 1145 is the most recent version available (1.4.7.6.1145) and the Release Notes do not mention explicitly supporting Windows 8 or 8.1 (but there is a mention that "…endpoint does not support Windows 8 Metro apps…")  Which seems to indicate that there may be some level of support on Windows 8.

Page 3 of 1145 Release notes do explicitly note:

Supported operating systems

 Windows XP with Service Pack 2 or higher (32-bit and 64-bit)

  Windows Vista with Service Pack 1 or higher (32-bit and 64-bit)

  Windows 7 (32-bit and 64-bit)

My question is are there folks out there with 8 or more specifically 8.1 running with Web endpoint?

thanks

Hi,

is it possible to integrate TMG 2010 with TRITON AP-WEB 8.0 without the requirement

of the Content Gateway on Linux platform?

Or is the Web Security 7.8.4 the last version, where the all Websense components can reside on

the Windows OS servers only?

Thanks.

R.

Hi,

I was wondering if there was a way to change the default timeout of 30 minutes to something more reasonable? 30 minutes is rediculous. It also times out the Investigative Reports when open in a new window causing me to lose what I had on the screen.

At least in Websense 6 you could change the timeout to something more reasonable.

Thank you,

Steve

Websense is able to restrict access to the main youtube website.  However when a user clicks on an specific video url websense identifies it as google and lets the traffic go through.

any idea how to fix this.

Word mentioning i have not allowed specific youtube urls or recategorized it.  I am also able to block https traffic from other restricted sites such as facebook.

This is my first attempt in filtering HTTPS sites with 7.8.4. My last attempt with 7.1.1 blocked ALL traffic (http and https) so the project was back burnered. We have since upgraded to a newer firewall and a new version of WebSense Filter. Instead of upgrading and Migrating from 7.1.1 I simply copied/recreated all my settings into 7.8.4. One notable difference is I had to run AD Native mode vs Mixed mode as for some unexplained reason it authenticated all users as Guests.

Here is my setup: WebSense Web Filter 7.8.4 on a 2008 Std R2 SP1 VMWare VM, (1 NIC). My installation is integrated with Cisco ASA 5505 (Soft Ver 8.2 Dev Mgr Ver 6.3).

PROBLEM: My HTTP traffic is being filtered as expected but when I try to add/enable an HTTPS filter rule in the ASA all HTTPS traffic is blocked. I've added an HTTPS site into one of my Limited Access Filter lists that apply to my test user and the related protocol filter is set to allow all HTTPS traffic.

I have tried entering the site into the Limited Access Filter in the following variations: https://www.websiteexample.com, https://www.websiteexample.com/fistpage/,  https://www.websiteexample.com:443 and https://123.456.789.123:443

I must be missing something? Any help would be greatly appreciated.

I have also considered the better route to go would be with a WebSense Content Gateway as I would gain the HTTPS block page...any thoughts experiences with a Content Gateway or alternate solution would be helpful

Thanks

Matt

I want to enable WCCP but I also need to bypass the web filtering for a set of websites. Currently we use IE to proxy web traffic and use the bypass to do sites such as *.surveymonkey.com;*.lpl.com;*.decisivereports.com, I am unable to find where to create a list such as this for Triton APX Web, the Exceptions list does not work all the time. 

Does anyone know if it's possible to recategorize URLs for the Cloud product? I know it could be easily accomplished with the appliance, but I haven't seen an option for the Cloud solution. 

Thanks,

Andrew

Just wanted to write this up for anyone else in the future.

After deploying Endpoint to many machines we started noticing that we couldn't activate Windows 7 / Office anymore.  The error was pretty obvious about it being a connectivity issue with Websense.  Found it was trying to go to https://activation.sls.microsoft.com so I added "activation.sls.microsoft.com" into the SSL Decryption Bypass list and that fixed our problem.

Increasingly we see http://www.youtube.com/xxxxx get a 301 re-direct from youtube and send us secure, to https://www.youtube.com/xxxxx.    We permit "standard" internet users NOT to have full access to youtube, but we permit some specific youtube videos via a custom category which works nicely.    Problem now with the re-direct to https is that they get blocked on www.youtube.com:443 as we can't see inside the https request for full URL.   We can't open up www.youtube.com:443 as this would give everyone access to youtube which we don't want to do.   Would enabling SSL decryption for youtube category be the only option available to fix this ?

We are using the Cloud Web Security Gateway, and I can't figure out how to schedule reports.  Here are the steps I am taking:

1) Click Reporting and then Report Catalog.

2) Under Standard Reports > Web Security > Misconduct, I am clicking Top Users of Adult Material Sites.

3) Click the report to generate it.

4) From the list of Top 10 users, I click the hits counter to see the detail.

5) I see the individual offending hits.

At every step, I see what looks like a grayed out calendar button in the toolbar which I assume is used to schedule reports.  Any idea why it might be grayed out?  I can export reports just fine, but I want the to export regularly and automatically.

Thank you!

Good morning,

we would like to create a report for one particular user of his internet activity over a certain period of time.

We can't however find out if we can filter the report so it would only show certain parameters so the report shown to his managers is more readable and understandable.

For example he is allowed to use social media or private email outside of his working hours so this should not be shown on the report.

Also, filtering out, advertisements, scripts etc coming from other domains other than the one he was surfing to would be great.

I hope you get my point :) Is there such a way in websense reporting to be able to achieve that?

Thanks in advance and kind Regards,

Stefan

Hi Team !!!

I'm facing a problem with Skype. Takes too long to connect successfully, the user needs to click several times at "Login" to connect, the only error it's that Skype could not connect.

At Proxy it's already at tunnel mode.

And the filter ""Internet Telephony" and "Uncategorized" it's Allow.

Can you guys help me please!! Thanks.

Hi We have installed Hybrid client and also we have in-premises content gateway when user roam from outside to inside network everytime user is getting default policy applied and it is taking lot of time to apply user based policy. kindly help us in resolving the same.

I'm currently using the Web Security 7.8 and want to send the logs to a SIEM. It says the Websense Multiplexer is not installed. Do I have to go through the installation process of the whole product to get this functionality or is there an add on I can download to give me this capability?

Simple question.  Is it possible to backup and restore your configuration on the Cloud Web Security portal?

I want to make quite a lot of changes but with the option to rollback the configuration.

Thanks,
Stewart

Hey there,

I'm running version 7.1 and noticed a problem this morning. When I look up a user and try to view what they've access today, I receive a "Requested "to" date was later than the last available day" error. I can change the date to yesterday and veiw the log. The Log Server Service is running and connecting to a SQL DB on another machine. I have tmp files in the Websense\bin\cache folder that are from today and yesterday. Looking at the SQL DB, there was a WSLog created this morning around 3:00 AM. I rebooted the server just to try to get it going but that was unsuccessful.

Any help would be appreciated.

Thank you.

Hi,

I have Websense with SPAN port and want to know if I need another license if I want to go with the Content Gateway.

And I want to know if I go with the gateway if I will lost my log

Or I need to reinstall everything

THX

We started receiving this message this morning. Websense support suggested adding the following domains in as an  ALLOW SSL exception.

*.google.com
*.gstatic.com
*.googleapis.com

WS comment:

"Google appear to have made a change wherebyGoogle certificates are not passing a full chain check :

https://www.ssllabs.com/ssltest/analyze.html?d=maps.googleapis.com&s=216.58.216.138&latest
The resolution is to add SSL incidents of type Allow (not Tunnel) "

So far I have added the following domains:

*.google.co.uk
*.google.com
*.youtube.com
*.gstatic.com
*.googleapis.com:443
*.google-analytics.com:443
*.googletagmanager.com:443
*.ytimg.com:443
*.youtube-nocookie.com:443
*.google.ca:443
*.googlecommerce.com:443
*.google.co.in:443
*.youtube.be:443

And the list is likely to grow.

is anyone else having this issue? I'd be surprised if it's just us.

if so, how have you worked around it?