Choose from several options for complete web, email and data security.
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Stay informed on the latest security exploits, industry news, research, solutions, and more.
As a Government customer, we receive sites to block from numerous dispirate sources. This requires a lot of manual labor to merge and then dedupe with the websense lists. We also have lists of sites that are updated multiple times a day. Having an API that allows us to write scripts to dynamically add these URLs to blocked lists is very important to us, and I think other users of your product. Ideally we see this as a SOAP API so we could add URI's either individually or in bulk with a SOAP response showing us which ones were or were not successful. This allows for other technologies we use that detect zero-day malware to automatically block before other users become infected. If a SOAP interface is not possible, a command line interface would at least allow us to accomplish the same goal. Please consider this or we will have to strongly revisit whether this is the right solution for us going forward. Thanks!
I have to ask... if you're going through all of this why do you use Websense? Most customers purchase Websense so that they do NOT need to do any of what you describe on their own... so why reinvent the wheel? If they're only malicious URLs you're worried about then I would hope Websense is just as quick in finding / blocking them too with a RTU as you are... if not then that's a different issue. I'd recommend using the Site Lookup Tool for getting those kind of sites recategorized... normally they're pretty quick about turnaround. Otherwise you're talking about a recategorized list that's going to quickly rival the size of Websense's own master database and there's no way to easily go back and remove recategorizations that aren't needed anymore.
It just seems odd to ask for all this functionality so you can do the product's job for it.
Thank you for inquiring about a new feature in Websense Web Security. Your request has been entered into our Feature Request tracking system, and our Product Management team will review it within the next 30 days. If you need a response sooner, we recommend that you open a case with Technical Support. When the request is reviewed, the product manager will decide whether to accept this for future consideration or ask for more information. Please note that Websense receives a high volume of feature requests, and as such Websense cannot include all of these requests in the next product release. That said, the product team is constantly revisiting the list of requests to determine the features that have been most frequently requested, so that the highest priority features are addressed.
We look forward to your continued participation in the Websense community and welcome your active involvement in our product direction.
I think you have an oversimplified view of at least some of your customer's needs. By your line of thinking, websense wouldn't need any custom categories at all and we could simply rely solely on Websense in-house DB to do all the work. The fact is that some sources of sites to be blocked are not open to the general public. We also have automated tools (honeypots, zero-day malware detection) that will detect certain activity automatically. We have a database (and method) which keeps track of when we add a site to block into websense, and then 90 days later (unless there is additional activity) is removed. These lists are not in replacement of the websense database, but rather in addition to (added protection against specific threats).
Another example of this would be a workstation that downloads malware from a zero-day site, our malware detector adds it to a database list until someone can manually add it to websense to block. Instead, if an API was available, we could easily have it automatically block that URL so that the rest of our enterprise does not also download it.
While I'm sure several of your customers are perfectly happy with only counting on Websense's database, our network requires more due diligence. I've also noticed that I've not been the only one to ask of a similar feature in the forums area.
In general, we believe websense is a great tool, but this lack in functionality (available in some competitors' products) along with the inability to easily search on a specific URL (not just a domain) causes a lot of extra work for larger enterprises.
Thanks for your time.
Hi Vinh -- I just want to make it clear that I am NOT an employee of Websense; I am a customer just like you. I was just curious to learn more about where your request was coming from.
You raise good points about allowing integration with other security products to help Websense respond quicker to new threats. One thing I'd recommend adding to this request then is the ability to clean out any URLs whose recategorized category is the same as it shows in the Master Database. For example I would assume over time that Websense's own database would catch up to your zero day modifications, so this would help keep your recategorized list down to a managable size, otherwise something like this would cause it to grow exponentially and eventually I fear you'd have performance issues. I've done this manually myself in the past and it's not fun.
Glitch:I have to ask... if you're going through all of this why do you use Websense? Most customers purchase Websense so that they do NOT need to do any of what you describe on their own
There are certainly some customers who come in and say "I just need a checkbox that says I have a web filter. I don't want to have to touch it". But they're also the customers who buy whatever is cheapest and easiest, which isn't usually Websense. That said, why would someone want to do this?
Glitch:It just seems odd to ask for all this functionality so you can do the product's job for it.
With all due respect, it's clear you have a very different view of the scope of problems this product solves than those of us with broader experience in the space.
kjs3, you could have read the entire thread before replying. Vinh responded to my questions a year ago and I did not disagree with the points he brought up. You're re-arguing an old thread that came to an agreement long ago.
I did read it all. While I didn't note it was a year old, I did note a continued reductionist understanding of the use cases where one would want to do this. But fair enough...agreement reached.