Websense V10000 G2 Getting Started

Manual is about: V-Series Appliance

Page of 52

Download

Print this page

Bookmark us

G e t t i n g S t a r t e d

v 7 . 6 . 1 a n d h i g h e r v 7 . 6 . x

W e b s e n s e

V - S e r i e s A p p l i a n c e

V 1 0 0 0 0 G 2 , V 1 0 0 0 0 G 3 , a n d V 5 0 0 0 G 2

1 2 3 4 5 6 7 Next › »

Summary of V10000 G2

Page 1
G e t t i n g s t a r t e d v 7 . 6 . 1 a n d h i g h e r v 7 . 6 . X w e b s e n s e ® v - s e r i e s a p p l i a n c e v 1 0 0 0 0 g 2 , v 1 0 0 0 0 g 3 , a n d v 5 0 0 0 g 2.
Page 2
©1996–2013, websense, inc. 10240 sorrento valley rd., san diego, ca 92121, usa all rights reserved. Published 2013 revision f printed in the united states of america and ireland the products and/or methods of use described in this document are covered by u.S. Patent numbers 5,983,270; 6,606,659; 6,9...
Page 3
Getting started 3 contents topic 1 introducing websense v-series appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 security modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 software provided on the appliance ...
Page 4
4 websense v-series appliance contents v5000 g2: web mode with web security . . . . . . . . . . . . . . . . . . . . 26 v10000 g2 and v10000 g3: email mode . . . . . . . . . . . . . . . . . . . . 30 v5000 g2: email mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 v10000 g2 ...
Page 5
1 getting started 5 introducing websense v-series appliances the websense v-series appliance is a high-performance security appliance with a hardened operating system, optimized for analyzing web and email traffic and content. The appliance offers: a command-line interface for initial appliance sett...
Page 6
Introducing websense v-series appliances 6 websense v-series appliances security modes websense v-series appliances can run in any one of the following security modes. Websense v10000 g2 and v10000 g3 appliances: websense v5000 g2 appliances: you choose the security mode of an appliance during initi...
Page 7
Getting started 7 introducing websense v-series appliances software provided on the appliance web components on an appliance running in either web mode or web and email mode, the following core web security components are pre-loaded for your convenience: policy database policy broker policy server f...
Page 8
Introducing websense v-series appliances 8 websense v-series appliances if your organization generates a high volume of reports, or a lower volume of very large reports, hosting the triton console on the appliance can affect the performance of other appliance modules. Email components on an applianc...
Page 9
Getting started 9 introducing websense v-series appliances sync service (for sites using hybrid web security) linking service (for sites using any integrated data security features) transparent identification agents (to apply user, group, or domain [ou] policies without prompting users for credentia...
Page 10
Introducing websense v-series appliances 10 websense v-series appliances triton unified security center the triton unified security center is the web-browser-based, graphical management application for your entire deployment. It consists of three modules: triton - web security, triton - data securit...
Page 11
Getting started 11 introducing websense v-series appliances on an appliance in web mode, triton unified security center with the web security module only (triton - web security) is pre-installed as a convenience for evaluations and small installations. This component is not installed on an appliance...
Page 12
Introducing websense v-series appliances 12 websense v-series appliances before you install web security log server or email security log server, sql server 2005 or 2008 must be installed and running on a machine in your network. See the websense technical library for important detailed information ...
Page 13
2 getting started 13 setting up websense v-series appliances setting up a websense v-series appliance involves the following tasks. 1. Set up the appliance hardware 2. Perform initial command-line configuration 3. Configure the appliance 4. Install off-appliance or optional components additional ini...
Page 14
Setting up websense v-series appliances 14 websense v-series appliances v10000/v10000 g2/v10000 g3 web mode with web security gateway network interface c must be able to access a dns server. This interface typically has continuous access to the internet. Essential databases are downloaded from webse...
Page 15
Getting started 15 setting up websense v-series appliances v10000 g2/v10000 g3: web and email mode with web security (no gateway) network interfaces c and e1 (and e2, if used) must be able to access a dns server. These interfaces typically have continuous access to the internet. Essential databases ...
Page 16
Setting up websense v-series appliances 16 websense v-series appliances if interface n is used to send blocking information, then it must be connected to a bi-directional mirror port. Through the bi-directional mirror port, interface n not only monitors all client traffic but also sends blocking inf...
Page 17
Getting started 17 setting up websense v-series appliances supply settings for the network interface labeled c enter a few other general items, such as hostname and password you are given the opportunity to review and change these settings before you exit the firstboot script. After you approve the ...
Page 18
Setting up websense v-series appliances 18 websense v-series appliances run the initial command-line configuration script (firstboot) as follows. 1. Access the appliance through a usb keyboard and monitor, or a serial port connection. Tertiary dns server for network interface c (ip address) optional...
Page 19
Getting started 19 setting up websense v-series appliances 2. Accept the subscription agreement when prompted. 3. When asked if you want to begin, enter yes to launch the firstboot activation script. To rerun the script manually, enter the following command: firstboot 4. At the first prompt, select ...
Page 20
Setting up websense v-series appliances 20 websense v-series appliances some of this information may have been written on the quick start poster during hardware setup. Complete only the section that applies to your appliance model and security mode: v10000 g2, v10000 g3, or v5000 g2: web mode with w...
Page 21
Getting started 21 setting up websense v-series appliances subnet mask for network interface p1 subnet mask: default gateway for network interface p1 and p2 (if used) if both p1 and p2 are used, the default gateway is automatically assigned to whichever interface is in the same subnet with it. If bo...
Page 22
Setting up websense v-series appliances 22 websense v-series appliances after collecting the information needed, access the appliance manager through a supported browser. Follow these steps to enable default proxy caching and filtering. See the appliance manager help for detailed instructions on any...
Page 23
Getting started 23 setting up websense v-series appliances • manually set time and date : select this option to enter a system time and date yourself. C. Click save in the time and date area. 5. In the left navigation pane, click configuration > network interfaces . 6. Under websense content gateway...
Page 24
Setting up websense v-series appliances 24 websense v-series appliances manufacturer’s documentation for configuration instructions). For non-http/ https protocols, the n interface can also be used to send block information to enforce policy. To configure the n interface: a. Under send blocking info...
Page 25
Getting started 25 setting up websense v-series appliances a. In the left navigation pane, click configuration > routing . B. Under static routes, use the add/import button to specify customized, static routes. C. Under module routes, use the add button to specify non-management web security or emai...
Page 26
Setting up websense v-series appliances 26 websense v-series appliances machine running policy server. The policy source can also be another appliance running in either full policy source or user directory and filtering mode. In this case, enter the ip address of that appliance’s c network interface...
Page 27
Getting started 27 setting up websense v-series appliances after collecting the information needed, access the appliance manager through a supported browser. Tertiary ntp server optional domain: choose interface for transporting blocking information for traffic. (interface c or interface n) if inter...
Page 28
Setting up websense v-series appliances 28 websense v-series appliances follow these steps to enable default filtering. See the appliance manager help for detailed instructions on any field or area, or for information about other available settings. 1. Open a supported browser, and enter the followi...
Page 29
Getting started 29 setting up websense v-series appliances b. Enter ip address, subnet mask, default gateway (only if you select interface n for sending blocking information), and dns ip addresses for the n interface. C. Click save in the network agent interface (n) area. 7. Configure routes if nece...
Page 30
Setting up websense v-series appliances 30 websense v-series appliances • choose filtering only if the appliance being configured will not run any policy components. (there are some disadvantages to this reduced role, as explained in the appliance manager help system.) then, enter the ip address of ...
Page 31
Getting started 31 setting up websense v-series appliances gather the following information before running the appliance manager. Some of this information may have been written on the quick start during hardware setup. After collecting the information needed, access the appliance manager through a s...
Page 32
Setting up websense v-series appliances 32 websense v-series appliances 1. Open a supported browser, and enter the following url in the address bar: https://:9447/appmng replace ip address > with the address assigned to network interface c during initial configuration of the appliance (see perform i...
Page 33
Getting started 33 setting up websense v-series appliances interfaces p1 and p2 can be cabled to your network and then bonded through software configuration to e1 and e2. If you choose to bond the interfaces, p1 must be bonded to e1 and p2 to e2. No other pairing is possible. You can choose to bond ...
Page 34
Setting up websense v-series appliances 34 websense v-series appliances v5000 g2: email mode after completing the initial configuration required by the firstboot script, use the appliance manager to configure important settings for network interfaces p1 and (optionally) p2. Gather the following info...
Page 35
Getting started 35 setting up websense v-series appliances 1. Open a supported browser, and enter the following url in the address bar: https://:9447/appmng replace with the address assigned to network interface c during initial configuration of the appliance (see perform initial command-line config...
Page 36
Setting up websense v-series appliances 36 websense v-series appliances c. Under module routes, use the add button to specify non-management email security traffic through the c interface. D. For either static or module routes, use the delete button to remove existing routes, if necessary. See the a...
Page 37
Getting started 37 setting up websense v-series appliances subnet mask for network interface p1 subnet mask: default gateway for network interface p1and p2 (if used) if you use both p1 and p2, the default gateway is automatically assigned to p2 (which is bound to eth1). To ensure that outbound packe...
Page 38
Setting up websense v-series appliances 38 websense v-series appliances after collecting the information needed, access the appliance manager through a supported browser. Follow these steps to enable default proxy caching, and web and email filtering. See the appliance manager help for detailed inst...
Page 39
Getting started 39 setting up websense v-series appliances to configure the p interfaces: a. Select p1 only or p1 and p2 . If you choose p1 only, enter configuration information (ip address, subnet mask, default gateway, dns ip addresses) under p1 . If you choose p1 and p2, enter configuration infor...
Page 40
Setting up websense v-series appliances 40 websense v-series appliances to configure the n interface: a. Under send blocking information for non-http/https traffic via , select whether non-http/https blocking information is sent via the c or n interface. B. Enter ip address, subnet mask, default gat...
Page 41
Getting started 41 setting up websense v-series appliances 10. Select the policy mode of this appliance: a. In the left navigation pane, click configuration > web security components . B. Specify the role of this appliance with respect to websense web security policy information. • choose full polic...
Page 42
Setting up websense v-series appliances 42 websense v-series appliances v10000 g2 and v10000 g3: web and email mode with web security after completing the initial configuration required by the firstboot script, use the appliance manager to configure important settings for network interfaces n and e1...
Page 43
Getting started 43 setting up websense v-series appliances after collecting the information needed, access the appliance manager through a supported browser. Follow these steps to enable default proxy caching, and web and email filtering. See the appliance manager help for detailed instructions on a...
Page 44
Setting up websense v-series appliances 44 websense v-series appliances • automatically synchronize with an ntp server : select this option to use a network time protocol server. Specify up to three ntp servers. Use of an ntp server is recommended, to ensure that database downloads and time-based po...
Page 45
Getting started 45 setting up websense v-series appliances b. Click save in the websense email security gateway interfaces (e1 and e2) area when you are done. When only e1 is used, it handles both inbound and outbound traffic. Alternatively, you could use both e1 and e2 such that e1 handles inbound ...
Page 46
Setting up websense v-series appliances 46 websense v-series appliances • choose user directory and filtering if the appliance currently being configured is not the location of the policy information, but will run policy server and user service. Then, enter the ip address of the server that is used ...
Page 47
Getting started 47 setting up websense v-series appliances after collecting the information needed, access the appliance manager through a supported browser. Follow these steps to enable default web and email filtering. See the appliance manager help for detailed instructions on any field or area, o...
Page 48
Setting up websense v-series appliances 48 websense v-series appliances • automatically synchronize with an ntp server : select this option to use a network time protocol server. Specify up to three ntp servers. Use of an ntp server is recommended, to ensure that database downloads and time-based po...
Page 49
Getting started 49 setting up websense v-series appliances b. Click save in the websense email security gateway interfaces (p1 and p2) area when you are done. When only p1 is used, it handles both inbound and outbound traffic. Alternatively, you could use both p1 and p2 such that p1 handles inbound ...
Page 50
Setting up websense v-series appliances 50 websense v-series appliances • choose user directory and filtering if the appliance currently being configured is not the location of the policy information, but will run policy server and user service. Then, enter the ip address of the server that is used ...
Page 51
Getting started 51 setting up websense v-series appliances creating a triton management server the machine on which triton unified security center is installed is referred to as the triton management server . See the websense technical library for instructions on creating a triton management server....
Page 52
Setting up websense v-series appliances 52 websense v-series appliances b. Go to administration > backup utility , and create a full configuration backup. See online help for assistance. Save this backup file to another machine. 3. Go to the machine rack and insert the recovery disk into the applian...