Download Webinar Title - Websense Knowledge Bases

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
Document related concepts

Citizen Lab wikipedia , lookup

Cross-site scripting wikipedia , lookup

Distributed firewall wikipedia , lookup

Unix security wikipedia , lookup

Proxy server wikipedia , lookup

Content-control software wikipedia , lookup

Transcript 
Webinar Title: Configuring and Troubleshooting Websense Solutions for Filtering Off-Site Users
1.
How long has the hybrid solution been out?
Since the release of version 7.5
2. Does remote filtering have to be on a separate server?
Websense server in the DMZ?
Can you put the main
Yes remote filtering should be installed on a dedicated server. It is
recommended that you do not put the main Websense server in DMZ.
3.
How much additional data is sent across a mobile data card to check websites?
The request sent by the RF client is a HTTP POST request. You can run
wireshark to check the actual size of the request.
4.
Is the Hybrid Configuration Settings part of the Gateway Anywhere service?
Yes you will get Hybrid service as a part of Websense Security Gateway
Anywhere license.
5.
Is that Hybrid option an additional cost?
It is included in the WSGA license.
6. Is the hybrid config a free solution included with my license?
It is a part of WSGA license
7. Hybrid Sync Service requires the purchase of Remote Filtering subscription
key as well as Hosted Web Security subscription?
No Hybrid service is included with WSGA license, however for Remote
Filtering separate licenses have to be purchased. These can be added on
the same license key.
8. Can the client bypass the filtering by blocking the remote filtering server
using a location (on the client FW, windows fw, ect.)?
User cannot bypass filtering unless they know how to stop the Desktop
client service.
9. For the .ini file, what if you have multiple Filtering services, i.e. two
V10K. Can you put multiple Filtering services in that file?
You need to have a Primary Remote filtering server per Filtering service.
10. A User in an external location is not authorized to bypass the filtering (by
close the client f.e.) even if he's a local admin?
They can only bypass filtering if they remove the Desktop client or stop
the desktop client service (or rename WDC.exe).
11.
For upgrading to 7.5 from 7.1, do we need to upgrade the clients also?
Remote filtering server can be backwards compatible with previous two
version of clients, so with 7.5 you should be ok to have 7.1 clients,
however you may need to apply a hotfix to ensure clients are filtered
correctly. Please check hotfixes section for more details.
12. Does UAC on Windows 7 need to be disabled to install the client as it does
in Vista?
Yes it is recommended.
13. Once the client is installed and configured, is the configuration valid for
all users of the computer?
Yes.
14. Is there any reporting with this feature?
Yes any traffic that is sent to the remote filtering server this is logged
back to your normal reporting. To see these requests you can select in the
drop down menu in the reporting for "Source Server" you will then see the
IP of your RFS server as one of the entries and can drill down further
15. For external and internal IP, are DNS names allowed rather than IP address?
Yes you can use DNS names
16. Since we have 4 policies/filtering servers, we would need 4 RFS's, correct?
Yes you will need 4 Primary Remote Filtering servers.
17. For VPN connections should you allow or disallow the hearbeat port?
If the client connects using a non split-tunnelled VPN then the RF client
is able to send heartbeat to Remote Filtering Server. So the client would
behave as if it was inside the network and it will become passive. In this
scenario filtering would happen via Network Agent or an integration
product.
If the clients connect using split-tunnelled VPN client, then RF client
will detect this and it will not send heartbeat to Remote Filtering
server. In this scenario client will act as if it is external and request
will go through Remote filtering server.
18. Do you need an RFS? Can't you just install the client on a pc and have it
cache the filtering/policy information?
No there is no caching that takes place on the client. Each request has to
go through Remote Filtering server.
19. If you don't have a backup server can the remote clients be configured to
bypass filtering if the remote filtering server is not available?
Yes you can choose the option in Websense Manager that says if Remote
Filtering Server is not available then allow access.
20. Can the remote filtering server be virtualised?
Yes
21.
The remote filtering services are present on Websense Web filter 7.5?
Yes but Remote Filtering server should be installed separately on a
dedicated machine.
22. Can I push the necessary configs in the .msi without manually entering the
.ini.
The parameters can be entered via command line as well during
installation. Please review the Remote filtering document for more
details.
23. Are the remote clients filtered based on the same exact rules as if they were
local?
Yes provided you have configured policy based on their Username and users
connect using cached domain credentials. In this case they will be
filtered by the user based policy, or else default policy will apply when
username cannot be identified.
24. Is the PAC file the only thing needed for the client side?
would this be the solution for Windows 7 64-bit clients?
If so, then
Yes you could use Hybrid solution for the Windows 7 64 bit users.
Configuring the PAC file for hybrid service should work fine.
25. Is it safe to say that there will be delays in web page load times with
either the Remote filtering solution as well as the hybrid solution?
Usually you should not notice delays, but depending on your network
infrastructure you may get delays.
26. If all else fails when uninstalling the remote client, is there a manual way
to remove it from an XP PX?
Yes you could remove the registry entries for the client.
27. We have specific sites allowed and blocked, when using the hybrid service are
these block/permit filtering configurations included when using hybrid
configuration?
Yes provided you have correctly configured the Sync service for this
information to be pushed to the Hosted Hybrid service.
28. Can the category rules be more relaxed when the users are remote?
Allow Social Networking when they are travelling vs. in the office?
Example:
This completely depends on your company policy and how you would like to
configure your policies. However this will mean that you will have to
apply different policies on them when
29. Is the basic auth on http or https protocol?
Basic auth for any requests coming from roaming users that are coming from
a location not in the Filtered Destinations.
30. You may want to mention the required hotfix for remote filtering on windows
XP sp3 machines to prevent the remote filtering client from blue screening at
random intervals... (as a troubleshooting step)
Yes this hotfix is available now for RF clients.
31. Is Hybrid service the server configuration side of remote client?
No Hybrid service is Hosted Web Service that remote users can use if they
don’t have the Remote client installed.
32. Can logging on the remote clients be broken down by name in reporting?
Yes it is possible to run reports based on user names for Remote clients.
33. Can you just set the proxy IP in the Internet Explorer to send the requests
to the Websense machine without installing software on the remote users computer?
No Websense server does not act as a proxy.
34. If the computer is on a public internet, would Websense filter based on its
current policy?
If the username is not identified it will filter on the Default Policy.
35.
How to check for number of licenses used by RF clients?
You can run console client utility on filtering service troubleshooting
port 15869 and select the option for Subscription Tracker.
36. We have Websense Web Security V 7.0 and a RFServer. When we had Windows XP
Clients all worked fine but when we introduce Win7 Clients the Remote clients
stops filtering. Is there a special installation for Win 7 or we need to upgrade
to latest version?
Windows 7 clients are supported with version 7.1, Hotfix 66
37. What are the specifications required for the remote filtering (proxy) server
with respect to capacity?
Please look at minimum requirements in the Remote Filtering deployment
guide on the website.
38. Is Windows XP SP3 compulsory requirement for Websense RF client in v7.5?
Yes for version 7.5
39.
Is Websense will support in Cisco ASA Firewall?
Websense supports Cisco ASA as an integration product.
40. How does this work if a person is in a hotel which make you accept a license
agreement or enter credit card info to get on the internet?
As long as the Remote filtering client is installed, every internet
request would go through the RFS server.
41. What is the encrypted key option besides the passphrase option?
It is the same as the passphrase.
42.
Will Websense support Cisco ASA Firewall?
Cisco ASA is a supported integration product.
43. If I was on a remote company's internal network and their firewall blocked
all but port 80, would this filter work?
When you are on the internal network the client tries to heartbeat to the
RFS server. Because the heart beat port will be allowed on the internal
firewall, the Remote filtering client becomes passive and request would go
through the normal integration product. So in this scenario you will be
filtered just as any other internal user.
44. Can you run 7.5 remote filter server if you’re on a 7.1 console?
Remote Filtering Server and the Filtering server should be on the same
version. However your RF clients can be backwards compatible with the
previous two versions of the software. So if you had 7.5 Remote Filtering
server, you need to make sure the Filtering server is 7.5, you could have
clients on 7.1 version. However there may be a need to apply a hotfix on
these clients. Please check with Technical support for more information.
45.
Can a 6.3.1 RF server be upgraded directly to 7.5?
No you need to upgrade to a 7.x version first in order to upgrade to 7.5
46. Does manual authentication support eDirectory auth?
Yes
47. Can I use websense remote filtering for on-premises users, as they are
bypassing websense web suite use by using different proxy or direct internet
connection?
No remote filtering solution is for offsite users. When users are internal
they can be filtered by your integration product.
48. Is there an easy way to install and configure RFC's on all machines in the
corporate?
Deploy using third party tools or via command line. Please see Remote
filtering document for more details.
49. Is Off-Site filtering built into the V10000 or will it have to be installed
on a separate machine?
Remote filtering component has to be installed separately; it is not built
into the V10k. It has to be installed on a dedicated server.
50. Is it mandatory that the Remote Filtering Service has to be configured
apart from the Filtering Service?
Yes
51. Remote filter support all kind of internet browser? Like chrome and safari?
Yes
Related documents
Safe Internet Usage in the Classroom
Safe Internet Usage in the Classroom
Safe internet Network Base for schools and business use: Οδηγός
Safe internet Network Base for schools and business use: Οδηγός
here - Penndel Mental Health Center
here - Penndel Mental Health Center
View Report - PDF
View Report - PDF
to the Fact Sheet.
to the Fact Sheet.
Functions taking functions
Functions taking functions
A5: Machine Learning Machine Learning deals with building
A5: Machine Learning Machine Learning deals with building
1 *Programming .12 †*Software systems analysis and design
1 *Programming .12 †*Software systems analysis and design
Collaborative Filtering
Collaborative Filtering
Efficient Computation of Range Aggregates against Uncertain
Efficient Computation of Range Aggregates against Uncertain
Misleading Water Testing Sales Tactics
Misleading Water Testing Sales Tactics
Image noise filterin..
Image noise filterin..
Product Glossary - Websense Knowledge Bases
Product Glossary - Websense Knowledge Bases