Choose from several options for complete web, email and data security.
Learn more
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Come work for the global leader in unified information security. Go
Hi all...Websense 6.2 (in proccess of upgrade)Let me explain my cenary...1 - AD users associated with custom department policies;2 - Network Range associated with Default-Company policy (custom unrestricted), enabled between 12:00 to 13:00 time.3 - Default Websense defined with "Block All" category and protocol filter.Users associated with department policies can´t access categories enabled in Default-Company at the allowed time. I know this is because filtering order (users / IP machine / Range IP ...). I need find a way to permit users to access categories enabled in either Default-Company and Department Policies, without creating new policies...Any idea?
Tks in advance.Dan PinheiroRJ - Brasil
Dan_Pinheiro:without creating new policies
Not possible.
Dan_Pinheiro:I need find a way to permit users to access categories enabled in either Default-Company and Department Policies
Use policies based on User Groups instead, and the user groups would combine to create an "effective policy".
JACOB SLOAN, CCNA, WCSE
Hi J Sloan, tks for your answer...
I can´t use User Groups because Websense reads first policies associated to IP.
In my case, If I use UserGroups, the Default-Company policy (associated with IP Range) would be applied to user first. This doesn´t meets my goal.
I need apply to user the department policies first and after the Defautl-Company policy.
Ops, just correcting, I know a user can´t be associated with more than one policy... I need to mix the policies, as I said in the first message.
Suggestion: Filtering order could be a parameter defined by the Administrator. This way we could design the best way that fits our needs.
Dan Pinheiro.
Brasil
Do you have "Enable more restrictive blocking" enabled? If so try turning it off... then you should end up with users getting the better policy by group instead of IP (I think)
Make sure your "Default-Company policy" blocks all internet access by having a category set where every category is blocked. This way any other policy will be considered more access.
Dan_Pinheiro:In my case, If I use UserGroups, the Default-Company policy (associated with IP Range) would be applied to user first. This doesn´t meets my goal.
I think you misunderstood me. I said to use User Groups. I probably should have added that you need to remove your specific users and ip ranges and ONLY USE USER GROUPS.
Yes, you should... now I get the idea... :)
I will try...
Tks...
