Choose from several options for complete web, email and data security.
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Stay informed on the latest security exploits, industry news, research, solutions, and more.
We currently have Websense Web Security installed on our MS ISA server as a plugin on which we also have installed Trend Interscan Webprotect.
We now have to replace Webprotect as it is end of life, and the new product comes as a virtual appliance with Squid installed and can function as a proxy in its own right.
We are therefore looking to get rid of MS ISA server and just have this Trend Virtual appliance as the proxy and a standalone Websense server. We are not able to install the Websense Squid plugin on the virtual appliance as it is not supported by Trend.
So we will have clients connecting to the Trend VA and we have tested that the proxy part works ok, but I do not know how to integrate the standalone Websense server into the setup so that it does the web filtering. There is an option in the Trend VA to send traffic to an upstream proxy and I have put the IP address of the standalone Websense server in there, but that does not work.
Can anyone advise me if it is possible to do what I want to do please?
If you want to use that "upstream proxy" option, you'd need to integrate Websense with a 2nd, separate, proxy server (could be another squid proxy, or a Content Gateway) and filter that way. Not sure how well chaining proxies works though so I can't tell if that's a viable option.
Alternatively, depending on how they set up that virtual appliance I'd be tempted to install the Squid proxy plugin on it anyway. Is Trend supporting the OS and Squid proxy in addition to their software, or did they just give you the software and say you were responsible for installing Squid and an OS? If the latter then throw the Websense plugin on for sure, it's your Squid and OS. If instead they handed you an image that contained the OS, Squid, and their software and are supporting everything then you could probably still do it anyway but might have trouble with support later.
If you don't want to do that, you'd need to look at what other integration options you have depending on what you have in your environment in terms of firewalls and such. There's always Standalone mode too, but with all these integrations I'm not sure how they'd interact having another proxy in path and if it's best for Websense to filter before or after that proxy (probably before).