Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Product Glossary Websense Web Security v7 Websense Web Filter v7 A Active Directory® A Microsoft® Windows directory service, used to identify users and resources in a Windows network. Websense software can be configured to retrieve user information from Active Directory via LDAP (native mode) or NTLM (mixed mode). Action The setting that determines how Websense software responds to a user’s request to access a Web site or Internet application. Administrators assign actions to categories and protocols using category and protocol filters. Reports show what action was taken as a result of an Internet request. Actions include block, permit, confirm, and quota, among others. Adware Software designed to include advertisements for third-party products. Advertisements displayed by free or low cost software are used to generate revenue for the developer. Adware may also collect information about users’ Web surfing habits and use the information to target advertisements to each user. Alerts Messages displayed in Websense Manager or sent to administrators to notify them about Websense system issues, or about specific user Internet activity patterns. Alerts can be broadly grouped into three categories: health alerts, system alerts, and usage alerts. Audit log Tracks administrative changes made to filtering configuration and Websense software settings. It also tracks access to Websense Manager. The audit log is only visible to unconditional Super Administrators. The audit log lists the person who made each change, what was changed, what component or area of Websense software was changed, when the change was made, and the machine from which the change was initiated. Authentication The process by which a user name and password are entered and verified as evidence that the requestor has authority to perform an action. Websense software can use transparent identification or manual authentication to verify users’ credentials as they log on to the network or Web browser, in order to provide the proper level of Internet access. B BCP (Bulk Copy Program) A tool used to import or export data from a SQL database. Log Server can be configured to use BCP to insert records into the Log Database in groups (batches). BCP insertion offers better efficiency than ODBC insertion. Bandwidth The amount of data that can be transmitted in a fixed amount of time. Websense software measures bandwidth in bytes per second. Bandwidth Optimizer A Websense tool used to block access to categories and protocols based on overall network bandwidth usage, or on bandwidth usage for a specific protocol. Block An action applied to categories and protocols to prevent users from accessing Web sites and Internet applications. When users request a site in a blocked category, the Web browser displays a message, explaining that the site is blocked. When users request a blocked protocol, a net send message may appear on the desktop, explaining that the protocol or application is blocked. See also confirm, permit, quota. Block file types An action applied to categories to prevent users from accessing certain kinds of files from sites in the category. For example, if file type blocking is applied to the Sports category, and the Video file type is selected, users can access sites in the Sports category, but cannot download or view video files hosted on those sites. Block keywords An action applied to categories to prevent users from accessing sites whose URLs contain a specific character string. Keyword blocking must be enabled at a global level before it can be applied within category filters. When keyword blocking is active and Websense software identifies a keyword string within a URL, the URL is assigned to the category in which the keyword appears, and then blocked. Block with Bandwidth Optimizer An action applied to categories or protocols to prevent users from accessing Web sites or Internet applications when network or protocol bandwidth usage reaches specific limits. Block message 1) The top frame of the block page displayed in the browser when a user requests a blocked site. The default block message displays the requested URL, and the reason the site was blocked. The block message can be customized. See also continue message. 2) A net send pop-up message that is displayed when a non-HTTP protocol is blocked by Websense software. Block page A page that displays in a user’s browser when the user requests a blocked sites. The top frame of the block page is referred to as the block message. Blocked and locked The state of a category or protocol to which a Super Administrator has applied the block, block keyword, block file type, or block based on bandwidth action in the Filter Lock. Delegated administrators cannot change the action applied to categories or protocols that have been blocked and locked by a Super Administrator. Blocking NIC The network card (NIC) that Network Agent uses to communicate with other Websense components and to send protocol block messages. Bot Shortened form of robot, used to identify software that performs automated tasks without human intervention. Bots may be beneficial (for example, searching the Internet to compile data for search engines like Google) or harmful (for example, harvesting email addresses for spammers). Bot Networks A Security subcategory included with Websense Web Security, used to classify sites that host the command-and-control centers for networks of automated programs that have infiltrated users’ computers. BrandWatcher™ A Websense Security Lab™ service that alerts Websense customers if their organization’s Web site or brand has been targeted in a phishing or malicious keylogging code attack. The service provides security intelligence that includes the attack details and other security-related information. Included with Websense Web Security. Browser A software application used to view Web pages, such as Microsoft® Internet Explorer or Mozilla Firefox. Websense Manager, the administrative interface for Websense Web Filter and Websense Web Security, is accessed via a browser. C Cache A temporary storage area used to speed up data transfer. For example, browser caches store temporary copies of Web pages previously visited by users to shorten retrieval time when the same page is requested again. Category A method of grouping of related Web sites. Master Database categories include Adult Material, Gambling, Internet Communication, and Security, among others. Administrators can also define custom categories to further refine filtering for their organization. Category filter A complete list of Master Database and user-defined categories, with an action (permit, block, etc.) applied to each. Websense software includes several predefined category filters, as well as templates that administrators can use to create additional category filters. CGI (Common Gateway Interface) A standard protocol that allows external applications to dynamically interact with a Web server. CGI is often used to support dynamic search functions and Web forms. Client 1) In Websense software, an entity to which a filtering policy can be applied. This can be a computer (IP address) or network (contiguous IP address range), or a user, group, domain, or organizational unit defined in a supported directory service. 2) In general networking terms, a computer that accesses shared information from a server. Conditional Super Administrators A member of the Super Administrators role with policy management permissions who does not have access to the Filter Lock and some Websense software configuration settings. These administrators may or may not have reporting permissions. Contrast unconditional Super Administrator. Confirm An action applied to categories that gives users the choice to access a site that has been blocked by Websense filtering software. When the Confirm action is applied to a category, users requesting sites in that category are given the option to click Continue to confirm that access to the site is necessary. After clicking Continue, they can access sites in all Confirm categories for a limited time. For example, shopping sites are not always business related, but there may be business reasons to access some kinds of shopping sites. If the Confirm action is applied to the Shopping category, users accessing shopping sites for business reasons can click Continue on the block page to perform the required tasks. See also block, permit, quota. Context 1) In an LDAP-based directory service (Windows Active Directory, Novell eDirectory, Sun Java System Directory), the path from the root directory to a specific level or folder in the directory that LDAP accesses. 2) In Websense software, the level or folder within the directory service, not the path to that level or folder. Continue message When the Confirm action is applied to a category, users requesting sites in that category receive a block page that offers the option to click Continue to view the requested site. The continue message provides users with the opportunity to use their own discretion to decide whether or not to access a site. See also block message. Custom URL An individual Web site identified (by IP address or URL) for special filtering and logging as a recategorized URL or unfiltered URL. D DC Agent An optional software component that allows Websense software to transparently identify users in a Windows-based directory service so that they can be filtered by user or group policies. DLC (Data Link Control) Every Network Interface Card (NIC) has a DLC address (also known as the Media Access Control address) or DLC identifier that uniquely identifies the node on the network. DNS (Domain Name System, also Domain Name Service) A system that resolves domain names, such as www.websense.com, into IP addresses, such as 206.3.4.56. The machine running Websense software must be able to resolve domain names into IP addresses to download the Master Database. DSN (Data Source Name) Provides information needed by an ODBC driver to connect to and retrieve information from a database on a different machine. The DSN provides information about the database including, but not limited to, the database name, database driver, user ID, and password. Used by Websense reporting tools. Database A collection of data elements stored in tables in a systematic and logical way. Websense software includes 3 databases: the Websense Master Database, which stores category and protocol information; the Websense Log Database, used in reporting, and the Websense Policy Database, which stores information about filtering policies and Websense software configuration. Database engine In Websense documentation, the database management system used to create and manage the Log Database, used in reporting. Websense software can work with Microsoft® SQL Server™ or Microsoft® SQL Server™ Desktop Engine (MSDE) in Windows environments, or with MySQL in Linux environments. Delegated administration A tool for distributing management of Websense software among multiple administrators. A Super Administrator can create multiple roles, assigning one or more delegated administrators and a group of clients to each role. The Super Administrator can then grant the delegated administrator permission to perform certain administrative or reporting tasks for the clients in a role. Delegated administrator An individual assigned to manage any delegated administration role created by a Super Administrator in Websense Manager. Delegated administrators can be granted policy configuration permissions for managed clients in the role, reporting permissions for either managed clients or all clients, or both policy and reporting permissions. Directory 1) Any user, group, domain, or organizational unit defined in a supported directory service and added as a client in Websense software. 2) A supported directory service being used to identify clients in Websense Manager. Directory service Software that stores information about users, groups, domains, organizational units, and resources (such as printers and fax machines) in a network. When directory services are available, networked users do not have to know where the resource is or how it is physically connected to their machine in order to access it. Websense software can be configured to access a supported directory service to retrieve user, group, domain, and organizational unit information. The supported directory services are Active Directory, Novell eDirectory, and Sun Java System Directory (accessed via LDAP), and Windows NT Directory (accessed via NTLM). Disposition The result of the action Websense software applies to a user request for Internet access. If Websense software applies the Permit action, the disposition (result) is that the site is permitted (the user is allowed to access the site). Used in Websense reporting tools. Domain A group of machines and devices on a network that are administered as a unit with common rules and procedures. All devices sharing a common part of the IP address are said to be in the same domain. Domains identified in a supported directory service can be added as clients and assigned policies. Policies assigned to a domain client can affect all users and groups within the domain. Domain controller In Microsoft Windows networks, a domain controller (DC) is a server that responds to authentication requests within the domain. Domain forest In Windows Active Directory, an organizational group of one or more domain trees. The trees in a domain forest do not need to have contiguous DNS names. A forest shares a schema and Global Catalog Servers. The schema determines what types of objects, classes, and attributes may be created in each of the domain databases in the forest. Domain tree In Windows Active Directory, an organizational group of one or more machines with the same root domain name. For example, there may be a parent domain called websense.com, and a child domain called marketing.websense.com. The machines in a domain tree are administered as a unit with common rules and procedures. Drill-down In Websense investigative reports, the ability to refine report results by creating a new query based on the results of the previous query. E eDirectory A supported LDAP directory service from Novell®. eDirectory Agent An optional software component that allows Websense software to transparently identify users in a Novell eDirectory environment so that they can be filtered by user or group policies. Encryption The translation of data into a form that can only be interpreted by those who possess a specific key. A means of preventing unauthorized parties from accessing data. F FTP (File Transfer Protocol) An Internet communications protocol used to transfer files from one machine to another. Like HTTP, used to transfer Web pages, and SMTP, used to transfer email messages, FTP uses TCP/IP to enable data transfer. File type A grouping of file extensions pertaining to files used for similar purposes. For example, the Audio file type includes the .mp3, .wav, and .midi file extensions, among others. Filter 1) A tool that determines whether a policy permits or blocks a requested sites. There are 3 types of filters: category filters, limited access filters, and protocol filters. 2) A set of details or elements (dates, clients, categories, risk classes, and so on) selected for inclusion in a custom report. Filtering A general term for the way that Websense software responds to Internet requests. When a client requests access to a Web site or Internet application, the policy governing that client determines whether the request is permitted or blocked. The enforcement of the action applied within the policy is called filtering. Filtering Service The Websense component that interacts with a third-party integration product or Network Agent to provide Internet filtering. When a client requests a Web site or Internet application, Filtering Service receives the request and determines the appropriate response. Filter Lock A master category filter, created and maintained by unconditional Super Administrators, that determines which categories delegated administrators can and cannot permit for their managed clients. Categories that a Super Administrator blocks with the Filter Lock are indicated with a blocked and locked icon in category filters created and maintained by any delegated administrator. Firewall A system designed to prevent unauthorized access to or from a private network. All messages entering or leaving the internal network pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. A firewall can be a software program, a hardware device, or a combination of the two. G Gateway A system that joins two networks together. A network gateway can be a software program, a hardware device, or a combination of the two. Global catalog server A domain controller that stores a copy of the global catalog, which contains information about all objects in the directory service and their location, and processes queries of the global catalog. Group 1) A single identifier used to collectively refer to multiple users within a directory service. A group can be added as a client in Websense Manager. Policies applied to the group client have the potential to affect each individual included in the group. 2) A collection of related protocols, and a method for identifying related protocols. For example, the Instant Messaging / Chat protocol group includes protocols like AOL Instant Messenger or ICQ, Gmail Chat, MSN Messenger, and so on. H HTML (Hypertext Markup Language) A common Internet authoring language used to publish pages on the World Wide Web. It includes the ability to create connections (links) within one document or between multiple documents. HTTP (Hypertext Transfer Protocol) A protocol for transferring files on the World Wide Web. HTTP defines message formatting and transmission, and the actions Web servers and browsers should take in response to various commands. HTTPS (Hypertext Transfer Protocol over Secure Socket Layer) A protocol for transmitting data securely over the Internet. HTTPS is similar to HTTP, but adds an additional layer of authentication and encryption. Health alerts Notify administrators of potential problems with monitored Websense software components. These alerts are displayed on the Status > Today and Status > Alerts pages in Websense Manager. Hit A single request for a URL. Because one Web page can include multiple elements, each with a distinct URL, a request for a single page may result in multiple requests for page components (such as images and advertisements). As a result, reporting tools may show multiple hits when a user requested only a single page. See also visit. Hub A hub is a common connection point for network segments and the devices in those segments. A hub contains multiple ports. When a packet arrives at one port, it is copied to the other ports so that all segments of the network can see all packets. I IM Attachment Manager™ An optional Websense add-on module that controls the sending and receiving of files via instant messaging (IM) clients. IP (Internet Protocol) The protocol via which information is transmitted over the Internet. IP provides a delivery service for transport-layer protocols such as TCP and UDP. IP address Uniquely identifies a computer on a TCP/IP network. An IP address is a 32-bit numeric address written as four numbers separated by periods. Each of the four number groups can be zero to 255. For example, 102.3.0.78 can be an IP address. Integration A general term that refers to a firewall, proxy server, caching application, or caching appliance that can send Internet requests to Websense software for filtering. Investigative reports A reporting tool that provides interactive access into Internet activity details. Multiple charts and report formats are available, including reports that show significant variances from average activity. K Keylogger Software that records keystrokes as they are entered from a keyboard, commonly incorporated into spyware to steal confidential information, such as user names and passwords. Keyword A string of characters used to recategorize Web sites on the fly. An administrator defines a keyword, associates it with a category, and then activates keyword blocking. When keyword blocking is active, if Websense software finds the keyword string embedded in a URL, that Web site is recategorized and blocked. Keywords can be associated with any category, including custom categories. L LDAP (Lightweight Directory Access Protocol) A specification for a client-server protocol to retrieve and manage directory information. LDAP looks similar to a file system, and is used by many vendors to provide access to their network users and groups directories. Websense software uses LDAP to access Microsoft Active Directory (native mode), Novell eDirectory, and Sun Java System. Limited access filter A list of individual permitted Web sites, identified by URL, IP address, or regular expression. When a limited access filter is enforced by a policy, clients governed by the policy can visit only sites in the list. All other sites are blocked. Log Database Receives Internet activity and filtering information from Log Server, and stores these records for use in Websense reports. Log Server A Websense component that receives information about users’ Internet activity and filtering results from Websense filtering components. Log Server prepares this information for storage, and then submits it to the Log Database. See also TestLogServer. Log Server Configuration tool Used to define how Log Server interacts with other Websense software components and the Log Database. This is a separate application that runs on the same machine as Log Server. Logging The process of recording Internet filtering activity. When logging is activated, Internet activity information is saved in the Log Database. See also Database engines. Logon Agent An optional Websense component used to improve transparent identification accuracy in Microsoft Windows networks. A logon application on client machines captures individual user logon sessions and sends them to Logon Agent for processing directly by Websense software. Used to enable user- and group-based filtering. M MAC (Media Access Control) address A unique 6-byte number that identifies the Network Interface Card (NIC) on a machine. MSDE (Microsoft SQL Server Desktop Engine) A free, limited version of Microsoft SQL Server that does not include graphical management tools, restricts the maximum size of the database, and limits simultaneous connections. In smaller environments, the Log Database can be created using MSDE. Machine Any computer in a network, including a desktop system, laptop, or server. Machines can be identified by a machine (host) name or an IP address. Malware Any malicious software that is designed specifically to damage, disrupt, or destroy a computer system. Managed clients Clients assigned to a delegated administration role. Manual authentication Prompts users for a user name and password the first time they access the Internet through a newly-opened browser. Websense software then confirms the password with a configured Windows- or LDAP-based directory service, and retrieves information for that user. When manual authentication is enabled, users are prompted to authenticate only if Websense software is not able to identify them transparently by receiving information from one of the transparent identification agents or an integration product. See also transparent identification. Master Database A comprehensive catalog of URLs, protocols, and Internet applications that provides the foundation for Websense filtering. Microsoft SQL Server™ A database management system able to respond to queries formatted using Structured Query Language (SQL). In Windows environments, the Log Database requires either Microsoft SQL Server or Microsoft SQL Server Desktop Engine (MSDE). Monitoring NIC The network card (NIC) that Network Agent uses to track incoming and outgoing network traffic. MySQL In Linux environments, a supported database engine used to create the Log Database. N NIC (Network Interface Card) A circuit board or a similar piece of hardware that acts as an interface between a machine and a network. A machine can have more than one NIC installed. The NIC or NICs in the Network Agent machine must be configured properly to allow the agent to monitor and block network traffic. NNTP (Network News Transfer Protocol) The underlying communications protocol for the USENET worldwide bulletin board system. The protocol is used to post, distribute, and retrieve USENET (news groups) messages. NTLM (NT LAN Manager) A Microsoft authentication protocol used with Windows NT Directory. Also used by Windows Active Directory operating in mixed mode (used when the domain controllers in a network are in the process of being moved from Windows NT to more recent Windows versions). Network 1) A connection between 2 or more computers that enables them to share information and resources. 2) A filtering client composed of a contiguous range of IP addresses. When a policy is applied to a network client, all computers (individual IP addresses) within that network are filtered by that policy. Network Agent The Websense component that enables protocol management, bandwidth management, and logging of bytes transferred. Network Agent can also take the place of an integration product to enable filtering of HTTP requests. Node A PC, printer, or other device connected to a network. Every node has a unique network address, sometimes called a Data Link Control (DLC) address or Media Access Control (MAC) address. O ODBC (Open Database Connectivity) A standard interface used for communication with database management systems. Log Server can use ODBC to communicate with the Log Database. See also BCP. Operating system Software, such as Red Hat Linux or Microsoft Windows, that performs basic tasks required to use a computer, including handling input and output, managing files and directories, and controlling disk drives and printers. In large systems, the operating system controls program access and security. P Packet A formatted block of information transmitted over a network. Each packet includes its source and destination addresses, data, and an error-checking code. Permit An action applied to categories and protocols that allows users to access Web sites and Internet applications. See also block, confirm, quota. Phishing Tricking computer users into providing confidential information by directing them to a counterfeit Web site. Phishing often uses spoofed email messages that appear to originate from a reputable source in order to lure recipients to a malicious/counterfeit/unethical/ Web site that asks for personal information, such as passwords and account numbers. Policy A set of instructions telling Websense software how to filter Internet requests. Policies include a schedule and one or more filters. Policies are assigned to clients to govern the clients’ Internet access. Policy Broker The Websense component that manages requests from other components for software configuration settings and filtering policy information stored in the Policy Database. Policy Database The Websense component that stores software configuration settings and filtering policy information. Policy Server A Websense component that manages local configuration information. Policy Server also identifies other Websense components and tracks the location and status of Websense services. Port The entry or exit point for a logical connection or data channel within a network. Each port is identified by a unique number. Software and hardware devices use port numbers to determine where to send data to, or where to accept data from. Each Websense software component uses one or more specific ports to send and receive information. HTTP traffic uses ports 80 and 8080, by default. Port spanning Also called port mirroring. Cross connections between 2 or more ports on a network switch. This allows traffic on a monitored port to be immediately sent to a network analyzer on another port. When Network Agent is connected to a switch or gateway device, it must be connected to the span (or mirror) port. Presentation reports A reporting tool used to generate graphical and tabular reports on Internet activity. Multiple chart and report types are available. Report filters can be used to define the dates, users, categories, and other elements included in the report. Promiscuous mode A configuration that causes a network device to intercept and read all traffic it receives, rather than just packets addressed to it. The network card that Network Agent uses to monitor traffic must be configured for promiscuous mode. Protocol A set of standards designed to enable machines to communicate with one another, and to exchange information. See also FTP, HTTP, IP, LDAP, SMTP, and TCP/IP. In Websense software, a protocol definition is made up of one or more IP addresses, ports, and transport methods. Protocol filter A complete list of Master Database and user-defined protocols, with an action (permit, block, etc.) applied to each. Websense software includes several predefined protocol filters, as well as templates that administrators can use to create additional protocol filters. Proxy server Software that acts as a relay between one network and another. Proxy servers are frequently implemented on security firewalls as one method of increasing network security, and reducing bandwidth consumption during Internet access. Websense software can be configured to go through a proxy or firewall to access the Internet and download the Websense Master Database. Q Quota An action applied to categories to allow clients to access Web sites for a certain amount of time. See also block, permit, confirm. Quota time A set amount of time that clients can use to access Web sites in categories to which the Quota action has been assigned. A default amount of quota time is set at a global level (initially, 60 minutes). Each client can be allocated the default amount of quota time, or an individual amount. Quota session The period of time during which a client can access sites in Quota categories after selecting the Use Quota Time option on a block page (by default, 10 minutes). During a quota session, clients can access sites in Quota categories without seeing another block page. R RADIUS Agent A component that allows Websense software to use authentication provided by a RADIUS server, allowing transparent identification of users who access the network using a dial-up, Virtual Private Network (VPN), Digital Subscriber Line (DSL), or other remote connection. Recategorized URL Individual sites, identified by IP address or URL, that an administrator moves from one custom or Master Database category to another. Recategorized URLs may be either previously uncategorized sites that an administrator adds to a category, or previously classified sites that are assigned to a new category. Regular expression A template or pattern used to match multiple strings, or groups of characters. Regular expressions may be used in limited access filters, or to define custom URLs or keywords. When regular expressions are used, Websense filtering tries to match the general pattern, rather than a specific, single URL or keyword. Remote Filtering Client An application installed on Windows machines that sometimes operate outside the network firewall to enable remote filtering. Remote Filtering Server A Websense software component that enables filtering of clients outside a network firewall. The client machines must be running Remote Filtering Client to be filtered. Report Administrators Administrative users with permission to create and run reports on some or all filtering clients. Report administrators do not have policy management or Websense software configuration permissions. Risk class A configurable method of classifying categories according to the type of risk they represent. Used in Websense reports as a method for gauging risks introduced by Internet usage. Risk classes include Security Risk, Business Usage, Legal Liability, Network Bandwidth Loss, and Productivity Loss. Roles A method for organizing administrative access to Websense Manager. Roles are made up of administrators and managed clients. Administrators can be granted permissions to manage policies for their managed clients, run reports on some or all clients, or both. See also delegated administrator, Super Administrator, and managed clients. Router A device that forwards data packets along networks. A router is connected to at least two networks, is located at the gateway, and acts as the exit and entry point through which all Internet requests and responses must pass. S SMTP (Simple Mail Transfer Protocol) A protocol for sending email messages between servers on the Internet. Websense software can be configured to use an SMTP server (email server) to send reports and notifications (alerts) to specific recipients. Selective authentication A method for identifying specific machines in the network to which custom authentication settings are applied. For example, if transparent identification is used by default to enable user- and group-based filtering, Websense software can be configured to always require manual authentication on one or more machines, and never use any form of user identification or authentication on other machines (instead applying computer or network policies, or the Default policy). Server 1) A machine that manages network resources, such as a network appliance or firewall machine. 2) A software program that manages network resources, such as Policy Server. SiteWatcher™ A Websense Security Labs service that alerts Websense customers when their organization’s Web site is infected with harmful software. Included with Websense Web Security. Spoofing The practice of falsely representing the origin of an email message or Web site. For example, a scammer might send a spoofed email message that represents itself as originating from a banking institution, with the intent of tricking the recipient into revealing confidential information, such as passwords and account numbers. Stealth mode The operational mode of a program or device that is running but is hidden from other software and devices on the network. When Network Agent is configured to use multiple NICs, the monitoring NIC can be set for stealth mode (no IP address). A blocking NIC, or a single NIC used for both monitoring and blocking, must have an IP address. String A sequence of letters, numbers, and/or symbols, such as a word or phrase. Sun Java System Directory Server A supported LDAP directory service from Sun Microsystems. Super Administrator 1) A special delegated administration role. 2) Administrators within the Super Administrator role. See also Conditional Super Administrator and Unconditional Super Administrator. All Super Administrators can be granted permission to manage policies, reporting, or both for clients assigned to the Super Administrator role. Super Administrators can also create delegated administration roles, and grant limited administrative rights to delegated administrators. System alerts Messages that notify administrators about subscription status issues, Websense Master Database activity, administrator lockouts, and related issues. Administrators can choose when and how to receive these alerts. T TCP (Transmission Control Protocol) A transport layer protocol for the Internet. One of the standard protocols used to transmit text and ASCII data across IP-based networks. See also IP, UDP. TCP/IP (Transmission Control Protocol/Internet Protocol) A suite of communications protocols used to connect host servers on the Internet and exchange streams of data. TCP/IP guarantees delivery of data and guarantees that packets will be delivered in the same order in which they were sent. Template In Websense Manager, an optional foundation for a new category or protocol filter. Templates cannot be edited. Administrators can choose between using templates and using existing filters as the basis for creating new filters. TestLogServer A command line utility that displays log traffic sent from Filtering Service to Log Server, used to diagnose policy, filtering, and logging problems. Top N Appears in Websense reports to indicate that administrators can select the number of items to include in the report (for example, the top 5, top 10, or top 50 results). Transparent identification Allows Websense software to filter Internet requests without prompting users to log on to a Web browser. Transparent identification requires the presence of a supported directory service, as well as installation of at least one of the following optional components: DC Agent, eDirectory Agent, Logon Agent, or RADIUS Agent. See also manual authentication. Transport method The transport protocol (TCP or UDP) used by an Internet communications protocol to deliver data to the appropriate destination process. Trojan horse A piece of malicious programming code that can be inserted by programmers into a harmless program or data, or can be hidden on Web sites or in email attachments. Some Trojan horses have the ability to create copies of sensitive files and forward them to the creator of the Trojan horse. U UDP (User Datagram Protocol) A transport layer protocol defined by the US Department of Defense for use with Internet Protocol (IP). It does not provide full reliability, but relies on IP network layer protocol for added services and security. UDP does not guarantee delivery and does not stop duplication of packets. See also IP, TCP/IP. UDP broadcasts The process of simultaneously sending a same message to multiple machines via UDP. These broadcasts are legitimately used by email systems, fax systems, and some online games. UDP broadcasts may also be used by viruses and other malware to propagate rapidly across networks. URL (Uniform Resource Locator) A World Wide Web address, used to identify HTTP, Gopher, and FTP sites, among others. For example, the corporate URL for Websense, Inc., is http://www.websense.com. Unconditional Super Administrator A member of the Super Administrators role with full policy and reporting permissions who can also access the Filter Lock and all Websense software configuration settings. Contrast conditional Super Administrator. Unfiltered URLs Individual sites, identified by URL or IP address, that are permitted for all clients, with the following exceptions: Clients governed by the Block All category filter Clients governed by a limited access filter Usage alerts Messages that notify administrators when Internet activity for particular categories or protocols reaches configured threshold limits. Administrators can choose when and how to receive these alerts. Usage Monitor The Websense software component that tracks client category and protocol access, enabling usage alerts. User An individual person, identified by a user name, defined in a supported directory service. When Websense software is configured to communicate with a directory service, users can be added as clients in Websense Manager, and then assigned a policy. User Service The Websense software component that communicates with supported directory services to retrieve user information for use in applying filtering policies. User Service retrieves user-to-group and user-to-domain relationships. If a transparent identification agent is installed, User Service helps to interpret user logon session information for Websense software. V Virus A piece of programming code that attaches itself to a program or file to spread from machine to machine. A virus requires human intervention (like launching an executable) to replicate itself and infect a machine. Visit Each distinct instance of access to a Web page. Each visit may represent multiple hits. W Web server Software that returns files (typically Web pages) to clients when requested. Websense software uses Apache HTTP Server and Apache Tomcat to send block pages to clients and display the Websense Manager interface. WebCatcher™ A tool that sends unrecognized and security risk URLs to Websense, Inc. A response team analyzes the information, and then categorizes the Web sites. Once analysis is complete, the response team adds the new information to the Master Database. WebsenseAdministrator The default administrative user account for Websense Manager. WebsenseAdministrator has unlimited access to Websense Manager, and is equivalent to an unconditional Super Administrator. Websense Content Gateway A Websense software component (included in Websense Web Security Gateway) that serves as a high-performance Web proxy cache (caching frequently accessed information). Websense Content Gateway can be integrated with Websense Web Filter or Websense Web Security. Websense Manager The graphical interface to Websense software, used to configure filtering policies, create, schedule, and distribute reports, and manage Websense software configuration. Websense Master Database See Master Database. Websense software A general term used to refer to multiple versions and implementations of Websense filtering software, including Websense Web Filter, Websense Web Security, and Websense Web Security Gateway. Websense Web Filter A Websense software product used to manage and report on Internet access. Allows administrators to create policies to determine which types of sites and which Internet applications members of the organization can access. Websense Web Security Like Websense Web Filter, a Websense software product used to manage and report on Internet access. Includes extended security-related categories and protocol definitions to help organizations protect their members and networks from malicious software, phishing attacks, and related Internet threats. Websense Web Security Gateway A Websense software product that integrates with Websense Web Security and analyzes Web traffic in real-time, categorizing new sites and dynamic content, discovering security risks, and blocking malware. Websense Security Labs™ The division of Websense, Inc., that continuously monitors malicious events on the Internet to deliver timely product and information updates to Websense customers and the security community. Windows NT Directory This supported directory service is a predecessor to Active Directory, and is used in Windows NT networks. Worm A self-replicating virus subtype that resides in active memory is capable of traveling between machines without human assistance.