websense V10000 G2 User manual
Getting Started
v7.6.1 and higher v7.6.x
Websense®V-Series Appliance
V10000 G2, V10000 G3, and V5000 G2
©1996–2013, Websense, Inc.
10240 Sorrento Valley Rd., San Diego, CA 92121, USA
All rights reserved.
Published 2013 Revision F
Printed in the United States of America and Ireland
The products and/or methods of use described in this document are covered by U.S. Patent Numbers 5,983,270; 6,606,659; 6,947,985; 7,185,015;
7,194,464 and RE40,187 and other patents pending.
This document may not, in whole or in part, be copied, photocopied, reproduced, translated, or reduced to any electronic medium or machine-
readable form without prior consent in writing from Websense, Inc.
Every effort has been made to ensure the accuracy of this manual. However, Websense, Inc., makes no warranties with respect to this
documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose. Websense, Inc., shall not be liable for
any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the examples herein.
The information in this documentation is subject to change without notice.
Trademarks
Websense is a registered trademark of Websense, Inc., in the United States and certain international markets. Websense has numerous other
unregistered trademarks in the United States and internationally. All other trademarks are the property of their respective owners.
Microsoft, Windows, Windows NT, Windows Server, Windows Vista and Active Directory are either registered trademarks or trademarks of
Microsoft Corporation in the United States and/or other countries.
Novell, Novell Directory Services, eDirectory, and ZENworks are trademarks or registered trademarks of Novell, Inc., in the United States and
other countries.
Pentium and Xeon are registered trademarks of Intel Corporation.
This product includes software developed by the Apache Software Foundation (www.apache.org).
Copyright (c) 2000 The Apache Software Foundation. All rights reserved.
Other product names mentioned in this manual may be trademarks or registered trademarks of their respective companies and are the sole property
of their respective manufacturers.
WinPcap
Copyright (c) 1999 - 2010 NetGroup, Politecnico di Torino (Italy).
Copyright (c) 2010 CACE Technologies, Davis (California).
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
• Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
• Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
• Neither the name of the Politecnico di Torino, CACE Technologies nor the names of its contributors may be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Getting Started 3
Contents
Topic 1 Introducing Websense
V-Series Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Security Modes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Software provided on the appliance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Web components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Web Security Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Email components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Software that runs off-appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Web components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Data Security components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Email components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
TRITON Unified Security Center. . . . . . . . . . . . . . . . . . . . . . . . . . . 10
TRITON Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
TRITON - Web Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
TRITON - Data Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
TRITON - Email Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Database management software . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Topic 2 Setting Up Websense V-Series Appliances. . . . . . . . . . . . . . . . . . . . . 13
Set up the appliance hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
V10000, V10000 G2, and V10000 G3 hardware setup . . . . . . . . . . 13
V10000/V10000 G2/V10000 G3 Web mode with
Web Security Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
V10000 G2/V10000 G3 Email mode . . . . . . . . . . . . . . . . . . . . . 14
V10000 G2 and V10000 G3: Web and Email mode with
Web Security Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
V10000 G2/V10000 G3: Web and Email mode with
Web Security (no gateway) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
V5000 G2 hardware setup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
V5000 G2: Web mode with Web Security Gateway. . . . . . . . . . 15
V5000 G2: Web mode with Web Security (no gateway) . . . . . . 15
V5000 G2: Web and Email mode with
Web Security (no gateway) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
V5000 G2: Email mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Serial port activation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Perform initial command-line configuration . . . . . . . . . . . . . . . . . . . . . 16
Configure the appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
V10000 G2, V10000 G3, or V5000 G2: Web mode with
Web Security Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
4 Websense V-Series Appliance
Contents
V5000 G2: Web mode with Web Security . . . . . . . . . . . . . . . . . . . . 26
V10000 G2 and V10000 G3: Email mode . . . . . . . . . . . . . . . . . . . . 30
V5000 G2: Email mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
V10000 G2 and V10000 G3: Web and Email mode with
Web Security Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
V10000 G2 and V10000 G3: Web and Email mode with
Web Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
V5000 G2: Web and Email mode with Web Security . . . . . . . . . . . 46
Install off-appliance or optional components. . . . . . . . . . . . . . . . . . . . . 50
Creating a TRITON management server . . . . . . . . . . . . . . . . . . . . . 51
Restoring to Factory Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
1
Getting Started 5
Introducing Websense
V-Series Appliances
The Websense V-Series appliance is a high-performance security appliance with a
hardened operating system, optimized for analyzing Web and email traffic and
content.
The appliance offers:
A command-line interface for initial appliance settings, available through a USB
keyboard and monitor or a serial port connection, providing basic appliance
control commands
Appliance Manager, a Web-based configuration interface that provides
management features:
System dashboard, with up-to-the-minute status of the software modules and
system resources on the appliance
Appliance configuration and network settings
System administration tools for patch management, troubleshooting, and
backup and restore
Customization of subscribed features, such as proxy caching, Web filtering, and
email filtering, available through Web-based configuration interfaces
Event logging for appliance configuration and patching. Log entries can be
viewed in Appliance Manager, and log files can be downloaded for later viewing.
Web filtering and integrated proxy caching (if subscribed) after minimal initial
configuration (Web mode)
Configurable links to hybrid Web filtering and off-appliance Data Security
features (if subscribed, Web mode)
Robust antivirus and antispam scanning and filtering of email (Email mode)
Personal Email Manager facility allowing end users to manage quarantined
messages and individual permit/block lists (Email mode)
Introducing Websense V-Series Appliances
6 Websense V-Series Appliances
Security Modes
Websense V-Series appliances can run in any one of the following security modes.
Websense V10000 G2 and V10000 G3 appliances:
Websense V5000 G2 appliances:
You choose the security mode of an appliance during initial firstboot configuration.
See Perform initial command-line configuration for more information about firstboot.
Choosing a security mode in firstboot does not automatically enable the associated
features. The features become fully enabled only when you enter a valid subscription
key in the TRITON Unified Security Center. See TRITON Unified Security Center for
more information.
Once firstboot has been completed, if you want to change the security mode of an
appliance, you must first restore it to its factory image. Then, run firstboot after re-
imaging, and select a different security mode. See Restoring to Factory Image.
It is always a best practice to perform a full backup of the appliance and of each
module prior to restoring to factory image. Note that if you change the security mode
of an appliance after backing it up, the backup may or may not be applicable to the
new mode. For example, you cannot restore from a backup file taken from Web
Security (no proxy) to an appliance running Web Security Gateway (includes proxy).
Security mode Module name
Web Web Security Gateway / Anywhere
Email Email Security Gateway / Anywhere
Web and Email Web Security Gateway / Anywhere and Email
Security Gateway / Anywhere
Web Security and Email Security Gateway /
Anywhere
Security mode Module name
Web Web Security
Web Security Gateway / Anywhere
Email Email Security Gateway / Anywhere
Web and Email Web Security and Email Security Gateway /
Anywhere
Getting Started 7
Introducing Websense V-Series Appliances
Software provided on the appliance
Web components
On an appliance running in either Web mode or Web and Email mode, the following
core Web security components are pre-loaded for your convenience:
Policy Database
Policy Broker
Policy Server
Filtering Service
User Service
Usage Monitor
Control Service
Directory Agent
TRITON Unified Security Center (Web mode only), includes:
• Central Access
• Unified Security Center
• Settings Database
• Investigative Reports Scheduler
• Manager Web Server
• Reporting Web Server
• Reports Information Service
Network Agent
Web Security Gateway
If you configure Web Security Gateway during firstboot, then your appliance also
includes:
Websense Content Gateway
On an appliance in Web mode (only), TRITON Unified Security Center is installed on
the appliance by default, and only its Web security functions are enabled. However,
using the TRITON console on the appliance is optional and is typically only for
convenience during evaluations. In production environments, it is best practice to run
TRITON Unified Security Center off-appliance on a separate Windows machine.
[Even for evaluations, TRITON Unified Security Center can run on the appliance only
if the appliance runs in full policy source mode.] See the Websense Appliance
Manager Help for more information about the policy source.
Introducing Websense V-Series Appliances
8 Websense V-Series Appliances
If your organization generates a high volume of reports, or a lower volume of very
large reports, hosting the TRITON console on the appliance can affect the
performance of other appliance modules.
Email components
On an appliance running in Email mode or Web and Email mode, the appliance
contains the majority of email security features, including the following services:
Configuration Service
Authentication Service
Quarantine Service
Log Service
Update Service
Filtering Service
Mail Transfer Agent
Only management (via the TRITON Unified Security Center), and logging (via Email
Security Log Server) are performed by off-appliance components.
Software that runs off-appliance
The Websense components mentioned in this section must be installed off-appliance.
Additionally, Microsoft SQL Server must be installed off-appliance.
Use the Websense Installer to install any of the components mentioned here. See the
Websense Technical Library for more information about components and installation
instructions.
Web components
The following Web components never run on the appliance. Some are Windows-only
components.
Web Security Log Server
Real-Time Monitor
Important
If it is running on an appliance, TRITON Unified Security
Center has only its Web security functions enabled. If you
want to use more than the Web security functions—for
example, TRITON - Data Security—then TRITON
Unified Security Center must be installed off-appliance on
a Windows Server 2008 R2 machine.
Getting Started 9
Introducing Websense V-Series Appliances
Sync Service (for sites using hybrid Web security)
Linking Service (for sites using any integrated Data Security features)
Transparent identification agents (to apply user, group, or domain [OU] policies
without prompting users for credentials)
DC Agent
Logon Agent
eDirectory Agent
RADIUS Agent
Data Security components
The following Data Security components run off-appliance.
TRITON - Data Security
Protector
SMTP agent
Microsoft ISA/TMG agent
Endpoint agent
Printer agent
The crawler
Integration agent
Email components
The following Email Security Gateway components never run on the appliance. They
are Windows-only components.
TRITON - Email Security (the Email Security module of the TRITON Unified
Security Center; see TRITON Unified Security Center)
TRITON - Data Security (the Data Security module of the TRITON Unified
Security Center; see TRITON Unified Security Center). The Data Security module
is required for email DLP (data leakage prevention) features.
Email Security Log Server
Note
If your subscription includes Websense Web Security
Gateway Anywhere, TRITON Unified Security Center
must run off-appliance, on a Windows Server 2008 R2
machine.
Introducing Websense V-Series Appliances
10 Websense V-Series Appliances
TRITON Unified Security Center
The TRITON Unified Security Center is the Web-browser-based, graphical
management application for your entire deployment. It consists of three modules:
TRITON - Web Security, TRITON - Data Security, and TRITON - Email Security.
Each module is used to configure and manage its respective product features.
Depending on your subscription, not all of these modules may be enabled.
To enable more than one module of the TRITON Unified Security Center—for
example, both Web Security and Data Security—you must install TRITON Unified
Security Center on a Windows Server 2008 R2 machine. TRITON Unified Security
Center must be able to reach the appliance’s C interface (and E1 interface, if the
appliance is in Email mode or Web and Email mode).
For more information about the TRITON Unified Security Center and its modules, see
the Websense Technical Library.
TRITON Infrastructure
TRITON Infrastructure is comprised of common user interface, logging, and reporting
components required by the TRITON modules.
TRITON Infrastructure also (optionally) includes SQL Server 2008 R2 Express that
may be used for Websense logging data. As a best practice, SQL Server 2008 R2
Express should be used only in non-production or evaluation environments. Full SQL
Server should be used in production environments.
TRITON Infrastructure services include:
Websense TRITON Unified Security Center
Websense TRITON Central Access
Websense TRITON Settings Database
Websense TRITON Reporting Database (if using SQL Server 2008 R2 Express)
TRITON - Web Security
TRITON - Web Security is used to perform general configuration tasks, set up
filtering policies, assign policies to users and groups, run reports, and other
management tasks.
TRITON - Web Security services include:
Websense TRITON - Web Security (formerly ApacheTomcatWebsense)
Websense Web Reporting Tools (formerly Apache2Websense)
Investigative Reports Scheduler
Reports Information Service
Websense RTM Client (if Real-Time Monitor is used)
Websense RTM Database (if Real-Time Monitor is used)
Websense RTM Server (if Real-Time Monitor is used)
Getting Started 11
Introducing Websense V-Series Appliances
On an appliance in Web mode, TRITON Unified Security Center with the Web
Security module only (TRITON - Web Security) is pre-installed as a convenience for
evaluations and small installations. This component is not installed on an appliance
that is in Web and Email mode.
TRITON - Data Security
TRITON - Data Security consolidates all aspects of Websense Data Security setup and
configuration, incident management, system status reports, and role-based
administration.
TRITON - Data Security services include:
Websense Data Security Management Server
Websense TRITON - Data Security
Websense Data Policy Engine
Websense Data Fingerprint Database
Websense Data Discovery and Fingerprint Crawler
Websense PreciseID and Data Endpoint Server
TRITON - Email Security
TRITON - Email Security is used to configure and manage general system properties,
administrator roles, user directories, email filtering, email policies, and Personal
Email Manager end-user facility options. It is also used to generate and view email
activity reports.
The off-appliance Websense Email Security management console consists of one
service:
Websense TRITON - Email Security
Database management software
Websense Web security and Email security products require Microsoft SQL Server to
host their reporting database, called the Log Database. Both the Web Security Log
Database and the Email Security Database can be hosted by the same database engine
instance. Information stored in the Log Database is used to create Web security and
Email security reports.
Note
The above service names are for an off-appliance
installation of TRITON - Web Security. When on-
appliance, Websense TRITON - Web Security has this
service name: Manager Web Server, and Websense Web
Reporting Tools has this service name: Reporting Web
Server.
Introducing Websense V-Series Appliances
12 Websense V-Series Appliances
Before you install Web Security Log Server or Email Security Log Server, SQL
Server 2005 or 2008 must be installed and running on a machine in your network. See
the Websense Technical Library for important detailed information about supported
versions of SQL Server. Note that SQL Server must be obtained separately; it is not
included with your Websense subscription. Refer to Microsoft documentation for
installation and configuration instructions.
If you do not have SQL Server, you can use the Websense Installer to install SQL
Server 2008 R2 Express for evaluations. SQL Server 2008 R2 Express can be installed
either on the same machine as TRITON Unified Security Center or on a separate
machine. See the Deployment and Installation Center for installation instructions.
Note
It is a best practice to use full SQL Server in production
environments. SQL Server 2008 R2 Express is most
appropriate for non-production or evaluation
environments.
2
Getting Started 13
Setting Up Websense
V-Series Appliances
Setting up a Websense V-Series appliance involves the following tasks.
1. Set up the appliance hardware
2. Perform initial command-line configuration
3. Configure the appliance
4. Install off-appliance or optional components
Additional initial configuration steps may be necessary for your particular
deployment. See the Deployment and Installation Center in the Websense Technical
Library for more information.
Set up the appliance hardware
The Quick Start poster, which comes in the appliance shipping box, shows you all
items included in each Websense appliance shipment. The 2-page Quick Start poster
explains how to set up the hardware and shows how to connect cables to the appliance
and to your network.
Read the sections that apply to your Websense appliance model.
V10000, V10000 G2, and V10000 G3 hardware setup
V5000 G2 hardware setup
Serial port activation
V10000, V10000 G2, and V10000 G3 hardware setup
The appliance’s network interfaces must be able to access a DNS server and the
Internet, as described below. This information varies slightly depending on the
security mode you choose for the appliance.
Setting Up Websense V-Series Appliances
14 Websense V-Series Appliances
V10000/V10000 G2/V10000 G3 Web mode with Web Security
Gateway
Network interface C must be able to access a DNS server. This interface typically has
continuous access to the Internet. Essential databases are downloaded from Websense
servers through interface C.
Ensure that interface C is able to access the download servers at
download.websense.com. (As an alternative, some sites configure the P1 proxy
interface to download the Websense Master Database as well as other security
updates. This change must be made in the TRITON - Web Security console. In
that situation, interface C does not require Internet access.)
Make sure the above address is permitted by all firewalls, proxy servers, routers,
or host files controlling the URLs that the C interface can access.
V10000 G2/V10000 G3 Email mode
Network interface E1 (and E2, if used) must be able to access a DNS server. These
interfaces typically have continuous access to the Internet once the appliance is
operational. Essential databases are downloaded from Websense servers through these
interfaces.
Ensure that E1 (and E2, if used) is able to access the download servers at
download.websense.com.
Make sure the above address is permitted by all firewalls, proxy servers, routers,
or host files controlling the URLs that the E1 (and E2) interfaces can access.
V10000 G2 and V10000 G3: Web and Email mode with Web Security
Gateway
Network interfaces C and E1 (and E2, if used) must be able to access a DNS server.
These interfaces typically have continuous access to the Internet. Essential databases
are downloaded from Websense servers through these interfaces.
Ensure that interfaces C and E1 (and E2, if used) are able to access the download
servers at download.websense.com. (As an alternative, some sites configure the
P1 proxy interface to download the Websense Master Database as well as other
security updates. This change must be made in the TRITON - Web Security
console. In that situation, interface C does not require Internet access.)
Make sure the above address is permitted by all firewalls, proxy servers, routers,
or host files controlling the URLs that the C and E1 (and E2, if used) interfaces
can access.
Network interface E1 (and E2, if used) must be able to access the mail server.
Getting Started 15
Setting Up Websense V-Series Appliances
V10000 G2/V10000 G3: Web and Email mode with Web Security (no
gateway)
Network interfaces C and E1 (and E2, if used) must be able to access a DNS server.
These interfaces typically have continuous access to the Internet. Essential databases
are downloaded from Websense servers through these interfaces.
Ensure that interfaces C and E1 (and E2, if used) are able to access the download
servers at download.websense.com.
Make sure the above address is permitted by all firewalls, proxy servers, routers,
or host files controlling the URLs that the C, E1, and E2 interfaces can access.
Network interfaces E1 and E2 (if used) must be able to access the mail server.
Network interface N must be connected to a mirror port on a router or switch.
If interface N is used to send blocking information, then it must be connected to a
bi-directional mirror port. Through the bi-directional mirror port, interface N not
only monitors all client traffic but also sends blocking information if needed.
V5000 G2 hardware setup
The appliance’s network interfaces must be able to access a DNS server and the
Internet, as described below. This information varies slightly depending on the
security mode you choose for the appliance.
V5000 G2: Web mode with Web Security Gateway
Network interface C must be able to access a DNS server. This interface typically has
continuous access to the Internet. Essential databases are downloaded from Websense
servers through interface C.
Ensure that interface C is able to access the download servers at
download.websense.com. (As an alternative, some sites configure the P1 proxy
interface to download the Websense Master Database as well as other security
updates. This change must be made in the TRITON - Web Security console. In
that situation, interface C does not require Internet access.)
Make sure the above address is permitted by all firewalls, proxy servers, routers,
or host files controlling the URLs that the C interface can access.
V5000 G2: Web mode with Web Security (no gateway)
Network interface C must be able to access a DNS server. Interface C must have
continuous access to the Internet. Essential databases are downloaded from Websense
servers through this interface.
Ensure that interface C is able to access the download servers at
download.websense.com.
Make sure the above address is permitted by all firewalls, proxy servers, routers,
or host files controlling the URLs that the C interface can access.
Network interface N must be connected to a mirror port on a router or switch.
Setting Up Websense V-Series Appliances
16 Websense V-Series Appliances
If interface N is used to send blocking information, then it must be connected to a
bi-directional mirror port. Through the bi-directional mirror port, interface N not
only monitors all client traffic but also sends blocking information if needed.
V5000 G2: Web and Email mode with Web Security (no gateway)
Interfaces C and P1 (and P2, if used) must be able to access a DNS server. These
interfaces typically have continuous access to the Internet once the appliance is
operational. Essential databases are downloaded from Websense servers through these
interfaces.
Ensure that C and P1 (and P2, if used) are able to access the download servers at
download.websense.com.
Make sure the above address is permitted by all firewalls, proxy servers, routers,
or host files controlling the URLs that the C, P1, and P2 interfaces can access.
Network interfaces P1 and P2 (if used) must be able to access the mail server.
V5000 G2: Email mode
Interface P1 (and P2, if used) must be able to access a DNS server. These interfaces
typically have continuous access to the Internet once the appliance is operational.
Essential databases are downloaded from Websense servers through these interfaces.
Ensure that P1 (and P2, if used) is able to access the download servers at
download.websense.com.
Make sure the above address is permitted by all firewalls, proxy servers, routers,
or host files controlling the URLs that the P1 and P2 interfaces can access.
Network interfaces P1 and P2 (if used) must be able to access the mail server.
Serial port activation
After hardware setup, connect directly to the appliance through the serial port or the
monitor and keyboard ports. For serial port activation, use:
9600 bits per second
8 data bits
no parity
The activation script, called firstboot, runs when you start the appliance.
See Perform initial command-line configuration.
Perform initial command-line configuration
The first time you start a Websense appliance, a brief script (firstboot) prompts you to:
select the security mode for the appliance
Getting Started 17
Setting Up Websense V-Series Appliances
supply settings for the network interface labeled C
enter a few other general items, such as hostname and password
You are given the opportunity to review and change these settings before you exit the
firstboot script. After you approve the settings, the appliance mode is configured.
Later, if you want to change settings (except the security mode), you can do so
through the Appliance Manager user interface.
To change the security mode, re-image the appliance and then run the firstboot script
again.
Gather the following information before running the script. Some of this information
may have been written down on the Quick Start poster during hardware setup.
Security mode Choose one:
Web
Email
Web and Email
Which Web subscription?
(if prompted in Web mode) Choose one:
Websense Web Security
Web Security Gateway
Web Security Gateway Anywhere
Hostname (example: appliance.domain.com)
IP address for network interface C
Subnet mask for network interface C
Default gateway for network interface C
(IP address) Optional
NOTE: If you do not provide access to the Internet
for interface C, use the TRITON - Web Security
console to configure P1 to download Master URL
Database updates from Websense (Web mode)
Configure E1 or P1* to download antispam and
antivirus database updates from Websense (Email
mode)
Configuring these interfaces to access the Internet
for database downloads is done through the
Appliance Manager and through the TRITON
Unified Security Center. See the Appliance
Manager Help for information about configuring
the interfaces. See the TRITON - Web Security and
- Email Security Help for information about
configuring database downloads.
* On a V5000 G2, use P1; there is no E1 interface.
Primary DNS server for network interface C
(IP address)
Secondary DNS server for network interface C
(IP address) Optional
Setting Up Websense V-Series Appliances
18 Websense V-Series Appliances
Run the initial command-line configuration script (firstboot) as follows.
1. Access the appliance through a USB keyboard and monitor, or a serial port
connection.
Tertiary DNS server for network interface C
(IP address) Optional
Unified password (8 to 15 characters, at least 1
letter and 1 number)
This password is for the following, depending on
the security mode of the appliance:
Web mode
Appliance Manager
TRITON - Web Security
Content Gateway Manager (for sites using Web
Security Gateway)
Email mode
Appliance Manager
Web and Email mode
Appliance Manager
Content Gateway Manager (for sites using Web
Security Gateway)
Integration method for this appliance (for sites
using Web Security. Choose one):
Standalone (Network Agent only)
Microsoft ISA or TMG
Cisco PIX
Cisco ASA
Citrix
Choose your third-party integration
product (if any).
Send usage statistics? Usage statistics from appliance
modules can optionally be sent to
Websense to help improve the
accuracy of filtering and
categorization.
Note
To configure the appliance, connect through the serial port
or the keyboard/video ports and complete the firstboot
script. For serial port activation, use:
9600 bits per second
8 data bits
no parity
Getting Started 19
Setting Up Websense V-Series Appliances
2. Accept the subscription agreement when prompted.
3. When asked if you want to begin, enter yes to launch the firstboot activation
script.
To rerun the script manually, enter the following command:
firstboot
4. At the first prompt, select a security mode:
Web: On models V10000 G2 and V10000 G3, this mode provides Web
Security Gateway. On model V5000 G2, Web mode provides either Web
Security or Web Security Gateway, at your choice.
Email: provides Email Security Gateway features.
Web and Email: provides Email Security Gateway features and either Web
Security Gateway (V10000 G2 and V10000 G3) or Web Security (V10000
G2, V10000 G3, or V5000 G2).
5. Follow the on-screen instructions to provide the information collected above.
After the activation script has been completed successfully, use the Logon Portal to
access the Appliance Manager. To reach the Logon Portal, open a supported browser,
and enter this URL in the address bar:
http://<IP address>
Replace <IP address> with the address assigned to network interface C during initial
configuration of the appliance.
For information about supported browsers, see the Websense Technical Library.
Configure the appliance
The Appliance Manager is the Web-based configuration interface for the appliance.
Through it you can view system status, configure network and communication
settings, and perform general appliance administration tasks.
After completing the initial configuration required by the firstboot script, use the
Appliance Manager to configure important settings for network interfaces P1, P2, N,
E1, and E2 (some interfaces are optional in some modes). Note that on a V5000 G2,
there are no E1 and E2 interfaces.
Gather information as described in the following sections before running the
Appliance Manager.
Note
On an appliance in Email mode, there is no Logon Portal.
The above URL takes you directly to the Appliance
Manager.
Setting Up Websense V-Series Appliances
20 Websense V-Series Appliances
Some of this information may have been written on the Quick Start poster during
hardware setup. Complete only the section that applies to your appliance model and
security mode:
V10000 G2, V10000 G3, or V5000 G2: Web mode with Web Security Gateway
V5000 G2: Web mode with Web Security
V10000 G2 and V10000 G3: Email mode
V5000 G2: Email mode
V10000 G2 and V10000 G3: Web and Email mode with Web Security
Gateway
V10000 G2 and V10000 G3: Web and Email mode with Web Security
V5000 G2: Web and Email mode with Web Security
V10000 G2, V10000 G3, or V5000 G2: Web mode with Web
Security Gateway
After completing the initial configuration required by the firstboot script, use the
Appliance Manager to configure important settings for network interfaces N and P1
(and optionally P2), which are used for communications by Network Agent and
Websense Content Gateway. Models V10000 G2 and V10000 G3 also offer expansion
interfaces (E1 and E2) that can be bonded with P1 and P2, respectively, either for load
balancing or active/standby.
If you use the P2 interface, the P1 interface is bound to eth0, and the P2 interface is
bound to eth1. Keep this in mind when you configure Websense Content Gateway. For
example, suppose you are using a transparent proxy deployment, and the P1 interface
is connected to a WCCP router. In this case, you must configure Websense Content
Gateway to use eth0 for WCCP communications (in Content Gateway Manager, see
Configure > Networking > WCCP, General tab).
Gather the following information before running the Appliance Manager. Some of this
information may have been written on the Quick Start during hardware setup.
Primary NTP server
Optional
Be sure that interface C can access the NTP server.
Ifinterface C does not have Internet access, you can
install an NTP server locally on a subnet that can be
accessed by interface C.
Domain:
Secondary NTP server
Optional Domain:
Tertiary NTP server
Optional Domain:
IP address for network interface P1 IP address:
This manual suits for next models
2
Table of contents
Other websense Firewall manuals
