Quantcast
Channel: Forcepoint Community
Viewing all 2011 articles
Browse latest View live

Reporting thoughts

March 8, 2016, 7:35 am
$
0
0

Hi,

We've recently pushed the masses of our users traffic out to the Websense\Forcepoint cloud security.

Our head of department is naturally interested in the reporting.  Whilst the block based approach to building custom reports is very useful, we are finding the actual content quite misleading.

Let's say for example, that we are interested in behaviour of social media sites.  Whilst we could see that user A has, according to the websense reports been to twitter and amassed many hits, one could initially think that the user is not working.  However it can be that a page with a twitter link\video is logging hits, without the user actually performing any actions.  Therefore with regard to HR purposes, this information is not usable.  Whilst I appreciate that a website is constructed from many components, which create an "active content", the active content naturally creates hits, which amass bandwidth, which attributes to time spent.

With this in mind, what's the general consensus & attitudes towards Websense\Forcepoint Reporting?  Is it that you can't use this stuff to enforce an acceptable usage policy?  I like that you can see trends of social media categories access times through the day, but it all seems a bit moot.

Discuss :)

Search

Outlook on the Web not prompting for credentials

March 8, 2016, 5:05 pm
$
0
0

We have a number of shared systems that use a shared machine login account. On these systems people would like to use OWA to read their work email as they may not have a dedicated PC. What we are encountering is an issue that with a shared machine login, people are not being redirected to our sts authentication server, for their proper email login credentials; instead they receive an error that indicates that the federation realm was not found. Has anyone seen this issue and know the resolution?

Reporting all users with access to a specific category

March 10, 2016, 11:01 am
$
0
0

 

How would I create a report of all users that have access to a specific Web category like Personal Network Storage, or Streaming Media?

Or, how to list all users who have access to a specific URL.

Thanks

Websense Authentification

March 11, 2016, 1:59 am
$
0
0

Hi;

I have Triton Manager v8.1 and 2 appliances V5000.

My v5000 are integrated with AD, all users are authentified through AD.

For some other remote subnets, I want that users can get through my proxies without AD authentification.

The problem they are always asked for a user name/password.

What should I do to disable authentification for some subnets ?

Thanks

Notification Email links not working

December 22, 2015, 8:55 am
$
0
0

Hey guys,

 

Has anyone experienced the links in the notification emails that users get to access their blocked emails not working? It seems as though this has become a problem ever since upgrading from 7.8.4 to 8.1.

 

This is what they receive when the message preview is clicked or the deliver button in a new web browser page.

"Cannot complete the specified operation

Reason: Cannot preview the message.
To see all available message options or change preferences for your account, "login to your personal email manager"
For more information, please contact your Personal Email Manager administrator."

 

Logging into the full blown email manager allows people to manage their email normally.

AP-WEB with DLP

March 14, 2016, 5:25 pm
$
0
0

Hello All,

 

I have one question. My current license with websense AP-Web includes DLP. I have installed AP-DATA module; but I can't seem enforce rules I create there. Does the Ap-DATA module require endpoints to be installed on the local computer or does it directly work with AP-WEB components?

 

Thanks.

Regards,

Jit

404 Website Error Even After Exception

March 15, 2016, 8:16 am
$
0
0

My staff cannot seem to get logged in at www.fpin.org/institute . Could anyone else running 8.1 or otherwise try logging in (bogus password should work fine) to this site and see if they get an invalid password OR instead get a 404? If I completely bypass WS by sending my WCCP traffic around it the site works fine, but when it goes through WS (even with an exception set) the site just throws a 404 error in the center frame.

I've opened up a ticket with support, but they state there isn't an issue on their end.

URL Categorization question

March 16, 2016, 11:30 am
$
0
0

The business side administrator of Websense poised a question regarding how a URL gets initially categorized and whether an explanation of why a website was determined to be in a specific category.  The URL in question is myClarkInfo.org    It appears to be a benign land use website originating in Japan.  However, it is categorized as a Malicious website by Websense.   The business side administrator would like to open the site up to the requesting user, but is looking for information as to WHY the site was categorized as such.  Is there a protocol that defines the process of categorization and is there a way to determine if it is in fact malicious or was it mis-categorized.

Search

Blocking .js javascript files

March 16, 2016, 1:28 pm
$
0
0

How do I go about blocking javascript files with .js file extension that were embedded inside compressed files (.zip)? Our on-prem ESGA appliance is letting many of these malicious files pass through. Data Security does not appear to be able to identify .js file extensions, and I can't find a way to create a custom rule to detect them.


Thanks in advance.

allow certain AD group policy members to blocked site

March 18, 2016, 3:59 am
$
0
0

wondering if anyone can help,

 

by default we block webmail,  but we have a AD policy/group for webmail

 

so we would like anyone in the webmail group to be allowed and everyone else blocked

 

i ahve enabled "Use most restrictive group policy"

Regular Expression (regex) to permit domain and all subdomains with or without www

March 18, 2016, 9:51 am
$
0
0

Dear All,

I need to permit with a regex the website.com entire domain and subdomains.

  • http://xxxx.website.com
  • https://xxxx.website.com
  • http://website.com
  • https://website.com

I don't want domains that contain the phrase "website.com", e.g. http(s)://phishingWEBSITE.com

I create a regex (It works fine in other systems wich manage regex expressions) that permit the access but Websense says an error in Triton:

The following regular expressions contain syntax errors: ^((http|https)://)(((.*)\.website.com)|website.com).

^((http|https)://)(((.*)\.website.com)|website.com)

In Websense Technical Documents says this:

http://www.websense.com/support/article/kbarticle/Regular-Expressions-in-Websense-Software

############################################################################

Notes & Warnings

Important Note:

When using regex generator such as Google's generator (see link below), you must add a pipe "|" between each successive parentheses. For example, "(( or ))" must be edited to be "(|( or )|)" for the Websense engine to understand the expression.

############################################################################

If I use "|" between each successive parentheses the regex works, but for all websites, and permit all access to all urls:

^(|(http|https)://)(|(|(.*)\.website.com)|website.com)

Works for all websites:

http://xxxx.website.com   
https://xxxx.website.com   
http://website.com   
https://website.com   
http://xxxxxxWEBSITE.com    ==> not website.com domain
https://phishingWEBSITE.com    ==> not website.com domain
https://www.clarin.com.ar ==> not website.com domain
http://lanacion.com ==> not website.com domain

 

Thanks.

ZIP files created on MAC OS detected as executable files. (_MACOSX)

March 21, 2016, 6:00 am
$
0
0

Compressed files created on MAC OS have a folder added automatically named: _MACOSX that contains files that are detected by the Websense/Forcepoint gateways as executable files.

I don't think that these are executable files but having logged a support call the outcome is that this is how it is and it  won't be changing.

We block executables to our users by default but don't want to block these MAC compressed files.

Has anyone else experienced this problem and if so have you managed to work around it?

 

Allowing SFTP in 8.1

March 22, 2016, 7:58 am
$
0
0

We're running the 8.1 WSG appliance. We have a user who's trying to access an SFTP bank site. I don't see the traffic either by desination domain, destination IP, source IP or source name. I've tried the KB article that says it applies to versions up to 7.8 which mentions to add 22 to the tunnel ports on the Content GW but that appears to make no difference.

Priority of Clients

March 23, 2016, 12:18 pm
$
0
0

I want to control access to a URL by a network.

If a user logs on to a computer within a network, and on the ADS, they will get access to this URL/Policy

If a user logs on to their other computer on another network, client setup by ADS group, block access to URL/Policy

 

 

My questions which client policy takes precedent?

 

Unable to access JOIN.ME

March 24, 2016, 1:33 pm
$
0
0

Having a problem allowing access to join.me. When I specify that my client has unrestricted access (by IP) I am able to get to the site with no problems. However, when I remove my client I get the message "This Page can't be displayed" in Internet Explorer 11. No Websense block page or any information on what is causing the block. The funny thing is, if I use the "Test Filtering" tool in the console, it says "permitted"

Other things I've tried are:

I tried using testlogserver and get no results when trying to get to join.me.

I tried using chrome with no luck.

We are on version 7.7 and only using Web Security.

Thank you -
Grant

Search

Not filtering clients

March 25, 2016, 3:52 am
$
0
0

Guys,

We have a customer where someone was in and raised the functional level of the Domain and added a 2012 DC.
They have several 2008 DC's
Filtering appeared to fail around this time with users falling back to the Default Policy.

I deleted all the Clients (AD groups) and readded them again.
I removed and readded the DC Agent and ensured it was pointing at one of the existing 2008 DC's.
Flushed the user cache and restarted Websnese and everything was fine.

Got told the next day that filtering was broken again and everyone was getting the Default Policy.


Any ideas?  Where can I look to get more info / logs?

Thanks!

Subscription exceeded but my clients number is the same...

March 25, 2016, 12:56 pm
$
0
0

Hi guys,

I started getting "subscription exceeded" message but we never changed the amount of clients that we had. Every now and then we add a computer but we remove some too.

Thoughts?

 

Site Lookup Tool

March 28, 2016, 11:21 am
$
0
0

Is there an issue with the Site Lookup Tool this morning.  Several attempts to research URLS have returned the error 'The Site Lookup service is having a problem, or one or more URL's entered is invalid. Please try again later.'.  We utilize this tool extensively during the day and for it to be down for too long will cause issues.

The Websense TRITON - Email Security service terminated with service-specific error The system cannot open the file.

March 28, 2016, 3:40 pm
$
0
0

After upgrading Data Security, the Email Security service now won't start (even though they are different products). I keep getting the following error:

The Websense TRITON - Email Security service terminated with service-specific error The system cannot open the file..

It won't let me run a Repair, because it says t's already installed, but I uninstalled and reinstalled, but still the same error (I left the log server installed).  I already tried uninstalling and reinstalling the service, using the batch files, but no luck.

I've already opened 2 other cases with problems trying to upgrade to 8.1, so I'm trying to avoid a 3rd case, so if anyone can help, that would be greatly appreciated.

Thanks.

 

 

Site Lookup Tool

March 29, 2016, 4:21 am
$
0
0

This tool does not seem to be working yesterday and today so far.

 

An error has occurred that has prevented us from processing your request.

Thank you for your interest in Websense. Unfortunately, the page that you requested has generated an error. Our webmaster has been notified of this error.

We apologize for the inconvenience.

- Websense Team

Viewing all 2011 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>