We are running reports using Reporting Tools, and only have the ability to select up to 2015, even though we have extended our subscription through Dec. 2016.
What actions do we need to take in order to view and select the year 2016?
Thank you,
Salma O.
Normal 0 false false false EN-US X-NONE X-NONE
My customer wants to host the PAC file on a web server in their DMZ, so it is visible both internally and externally. We are using split-horizon DNS with a domain name owned by the customer. This functions well, and we have a working PAC file.
The problem we have is when using the Websense endpoint, it ignores the location of the PAC file that we specify, and points all browsers to the Websense-hosted PAC file (eg http://hybrid-web.global.blackspider.com:8082/proxy.pac?p=xxxxxxx).
The Websense-hosted PAC file is not visible from the customer's internal networks, and will prevent the endpoint devices from roaming freely between internal and external networks. Their security policy forbids granting all internal clients to access the Websense-hosted PAC file through the firewall (for obvious reasons).
Is there any way of forcing the Websense endpoint to use a PAC file that is not hosted by Websense?
Hi,
We get URL's blocked by the Malicious Website rule that we believe are not in actuality malicious.
Case in point is the following: www.fordservicecontent.com/ford_content/downloads/svgview.exe
My users believe this to be a valid site that they access to get repair information on ford vehicles. I have done some investigation and find little evidence to make me believe it is malicious.
I do not want to waste tickets reporting these as we are on a Standard support package and have a limited number of tickets/cases.
How can we report these without using all of our cases up?
Thanks,
Richard
I am trying to install Websense WebSecurity on a Centos OS 5.10 i686, when I try to install it gives me an error:
/root/Websense_Setup/Setup.bin line 3319: /tmp/install.dir.5218/Linux/resource/jre/bin/java: cannot execute binary file
Hi Websense,
Some feedback for the upgrade process from 7.8.4 to 8.1. On the whole it has been a great experience. The documentation is excellent and almost everything went as planned, but!
When I upgraded my Linux WCG I couldn't get the management UI to open. After several re-installations (thank goodness for VM snapshots) I worked out that the custom SSL cert I had configured for the Web UI was not preserved during the upgrade. I had copied in a new cert named differently than "server.pem". The config to use this cert was copied across, but the certificate itself was lost.
If I backed up the certificate from /opt/WCG/config and restored it after the install and restarted WCG everything else worked.
Perhaps you could update the documentation to reflect this.
Regards,
Jeremy Hagan
Dear All,
Please let us know the details for content_gateway.out logs and also whether We can delete these old log files.
Regards
Hello we are planning to upgrade our WebSecurity 7.7 VM guest with everything on it to the latest 7.8.4. On the upgrade documentation it states to do this upgrade in off hours as filtering and logging will stop and it may impact users. Should we be concerned with brief lack of filtering and logging during business hours and how long should we expect this machine to be passing thru web traffic w/o filtering during the upgrade?
Thanks
We have a Limited Access Filter(YES list) with a number of URLs included that can be accessed by those users with restricted Internet access. However one user in particular is not able to access any of those sites. The result= "This category is blocked" for every website on the list. Other users that have the same restricted access and group memberships are able to access them. We are using Websense Security v7.8.1, and the user access is based on what membership policy is configured in Active Directory for each user. Can anyone help with this?
Thanks,
Pat
Hi,
I'm trying to work out what happens if a client that uses DHCP lease accesses the Internet and gets logged in the subscription table as a license count, but then what if another device gets the same IP address (due to really short DHCP lease times). Will the 'new' client still be filtered if within the subscription level?
Basically the question is if another device uses the same IP address that is in the subscription table will it counted as a single license?
Thanks,
James.
Hi,
We've just deployed the hosted solution with Websense and are having problems with credentials prompts from Office 2013 applications. If we stop Office from going online it stops but we need the features.
We basically get a proxy credential prompt for "office15client.microsoft".
If I browse the transaction viewer on the portal it shows these requests as action "authentication required". I've added the URL's to a custom whitelist and still no joy.
Several posts online suggest putting them into the bypass or non-proxy address list, this wont work for us as our firewall prevents all outbound connections on 80 and 443 (amongst others), so web traffic HAS to go through the proxy.
Is there a way of having it go through the proxy but not having it modified in any way? I thought that's what the custom category being set to allow would do.
Thanks
Dave
Is there any URL that can tell based on a given IP Address which International cluster will be used for websecurity in the cloud.
We have a US based users using AT&T as an ISP is being served by UK cluster, I wanted to find out if there is any tool that can tell this mapping.
Regards
-Khalid
So we had an old DC Agent that no longer exists, and we removed it from the config in Triton. However, its entries still show up in "View Domain List" and are duplicate with the entries for the DC's on the new Agent. How can I remove the old DC agent entries?
Hi All,
Please let me know the procedure to export list of registered end users of a policy from Cloud Websense console.
We have configured based on IP addresses/subnets/ranges but not integrated with AD.
Thanks & Regards
Krishna
Hello all:
Using 7.7.3.
Trying to configure Websense to use Radius Agent.
I've configured my Wireless controller (which uses 802.1x, so it authenticates against FreeRadius) to send the request to the Radius Agent.
When I run the Radius Agent in console mode, it cannot connect to the Radius Server.
Has anyone configured this successfully?
it says:
RadiusHost: 480264356
AuthInPort: 12345
AuthOutPort: 1812
AccInPort: 12346
AccOutPort: 1813
XidPort: 30800
DiagPort: 30801
Timeout: 5000
HTTPAuth: 0
There is no password in ini file
Done getting RadiusAgent configurations!
DiagnosticManager listening oERROR Ran port diusAgentService.WsRRASInspector - Unable to connect to RRAS server [x.x.x.x]: 1722
30801
Hello All,
In the process of upgrading two v10k appliances, utilising web,email, dlp and email hybrid.
The upgrade process seems self explanatory in the upgrade center. I do have few question, after the upgrade do i need to re-register the hybird service or anything i should be aware of?
Thank You
Hi,
We are migrating to 8.1. Just want to know whether we need to change any setting in ASA . Currently we have this. Also want to know whether we need these setting in ASA? Any cam explain the last 4 lines what is that for?
Url-server (inside) vendor websense host *.*.*.* timeout 10 protocol UDP version 4
filter url http 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow longurl-truncate cgi-truncate
filter https 443 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 allow
url-block url-mempool 10240
url-block url-size 4
url-block block 128
url-cache dst 100
I was wondering if it would be possible to configure our appliances to act as a MTA for an external partner of our organisation. We need the partner to relay email via us but do not want to give them a direct route onto our mail servers. We ideally want their mail servers to hit our appliances, which will route the mail onto our Exchange servers and then let Exchange figure out the delivery either local or back out to the internet.
I had a user report that they were unable to access a talent scouting agency's website. I received additional information from them, and it appeared that the site was being blocked by the 'Games' category. I tried to access the site myself to confirm that. I used Chrome, and the site appeared normally to me. This was unusual, because I am also blocked from Game sites. I tried several hard refreshes, I confirmed from the page source code that Websense was correctly identifying me. I then tried using IE 11, and was promptly blocked under the 'Games' category.
This was beyond strange, so I used the Investigative Reports to figure out how Websense was categorizing the URL. Here are the results:
15:33:42 encoretalent-hawaii.com Miscellaneous: Uncategorized
15:33:43 encoretalent-hawaii.com Miscellaneous: Uncategorized
15:33:46 encoretalent-hawaii.com Miscellaneous: Uncategorized
15:33:47 encoretalent-hawaii.com Miscellaneous: Uncategorized
15:33:54 encoretalent-hawaii.com Miscellaneous: Dynamic Content
15:35:08 encoretalent-hawaii.com Games
I understand that the category can change as Websense investigates URLs and updates their filters. However, these different categories were identified over the course of a couple of minutes, on the same day.
Has anyone else seen this behavior before? Is this expected behavior? I expected that the category would remain the same between browsers, that it would be agnostic. Is that not the case? Any help or insight into this behavior would be appreciated.
Here's my Version information if it's needed:
| Unified Security Center build: | 7.7.0.59 |
| Web Security build: | 7.7.0.1483 |
| Thanks, | |
| FreelancerMSC |
Hey guys,
Has anyone experienced the links in the notification emails that users get to access their blocked emails not working? It seems as though this has become a problem ever since upgrading from 7.8.4 to 8.1.
This is what they receive when the message preview is clicked or the deliver button in a new web browser page.
"Cannot complete the specified operation
Logging into the full blown email manager allows people to manage their email normally.
New install of 8.1 and getting the error
"The ARM has been disabled, which is an unsupported configuration. Re-enable the ARM to regain full proxy functionality"
Install log shows ARM installed and /sbin/lsmod | grep arm shows the armlkm26 service running. We are running redhat 2.6.32-504.30.3. I don't see anything under Configure to re-enable ARM.
Any ideas?