Upload
duongtruc
View
218
Download
1
Embed Size (px)
Citation preview
web security | data security | email security © 2010 Websense, Inc. All rights reserved.
Support Webinars
Websense Web Security Gateway Anywhere v7.5
Webinar Presenter
Title: Tech Support SpecialistCisco Certified Network Associate
4 Years with Websense
Richard Guerrero
2
Goals and Objectives
Websense Web Security Gateway Anywhere
Overview (Features and Benefits)
Pre-installation Considerations (Upgrade Path,
Requirements)
Deployment Planning and Installation
3
What is it?
Websense Web Security
Websense Content Gateway
Web Data Loss Prevention (DLP)
TruHybrid™ Security
4
What is Hybrid Filtering?
Combines on premise Websense Web Security
Gateway functionality with the ability to filter remote
offices and mobile workers
5
What is Hybrid Filtering?
• Manage policies and configure Web Security behavior in
one place
• Reduce IT Support and Equipment Costs
• Select which user requests are filtered by on-premises
components and which are filtered in the cloud by
security-as-a-service components
• Use centralized reporting to review Internet activity for all
users, regardless of how they are filtered
6
What is Web-DLP?
Data Security is a comprehensive data loss
prevention (DLP) system that discovers, monitors,
and protects your critical information holdings,
whether that data is stored on your servers,
currently in use or located in off-network endpoints.
7
What is Web-DLP?
Monitored Destinations WEB-DLP Full DSS
Web
HTTP
HTTPS
FTP
FTP over HTTP
Chat
Plain Text
Email (SMTP)
Printing (Network, Endpoint)
Endpoint (App., Rem. Media, LAN)
Discovery (Network, Endpoint)
Remediation Scripts
Export Incidents to a File
8
Sample Hybrid Deployment
Hybrid Filtering
9
Head Office
Websense
Content
Gateway
Off-site Users
Branch
Internet
web security | data security | email security © 2010 Websense, Inc. All rights reserved.
Support Webinars
7.5 Features and Benefits
Client Proxy Ports
8080
8070
Websense Content Gateway
HTTP HTTPS
11
Client Proxy Ports
Example from IE
12
Tunneled Protocol Detection
Analyzes traffic to discover protocols that are
tunneled over HTTP and HTTPS
Scanning is performed on both inbound and
outbound traffic
Can be used to block instant messaging, peer-to-
peer, and proxy avoidance
13
Tunneled Protocol Detection
Tunneling occurs when applications that use
custom protocols for communication are wrapped
in HTTP and HTTPS
Example:
- Youtube.com
14
Tunneled Protocol Detection
Allows proxy to perform some network
agent functions
- Bandwidth Management
- Google Wave and Gmail Chat
Network Agent
Websense Content Gateway
15
Tunneled Protocol Detection
16
Sensitivity Levels
Content Categorization Sensitivity Level
- Allows you to tune the sensitivity of the methods used to
classify content and ultimately determine a category
Optimization
- Algorithms used to perform content categorization are tuned
by Websense Security Labs to provide optimal results
17
Sensitivity Levels
18
Sensitivity Levels
Five Levels
• Optimized
• Higher
• Highest
• Lower
• Lowest
19
Sensitivity Levels
20
URL Link Analysis
It is an optional additional element of content
categorization that proactively classifies unknown
content by categories of its links
Can provide more accurate categorization of
certain types of content
Can find malicious links embedded in hidden parts
of page
21
URL Link Analysis
Examples:
• Security
• Image Search
• Objectionable Content
• Powered by the ThreatSeeker™ Network
22
URL Link Analysis
23
Outbound Scanning
Scanning option that supports the scanning of
outbound Web content for bot and spyware phone
home traffic.
Can help identify machines that are infected with
bots and spyware
Scan infected files going outbound
24
Outbound Scanning
25
RIA Scanning
Rich Internet Application Scanning
• Adobe Flash (.swf)
• Microsoft Silverlight
26
RIA Scanning
27
SSL Category Bypass
Supports organizations using SSL Manager in
Content Gateway to manage encrypted traffic, and
who do not want to decrypt HTTPS sessions that
users establish with sensitive sites:
- Banking
- Government
- Business
- Education
28
SSL Category Bypass
29
Authentication Enhancements
Authentication Realms
- In networks with multiple authentication realms, rules can
be defined to direct sets of IP addresses to distinct
authentication servers (domain controllers)
Support for NTLM and LDAP
- Active Directory 2000, 2003, 2008
- Client side NTLMv1 and NTLMv2 (Active Directory 2003)
Authentication Profiles
- Set of authentication rules
30
Authentication Enhancements
31
Authentication Enhancements
32
TRITON Unified Security Center
Combines management
For:
• Web Security
• Data Security
• Email Security
Provides centralized policy
configuration for on-
premise and in-the-cloud
filtering
TRITON Unified Security Center
34
TRITON Unified Security Center
35
TRITON Unified Security Center
36
Reporting Features
History page
• New Top 5 Web 2.0 Categories by Requests
• New Top 5 Web 2.0 Sites by Bandwidth
37
Reporting Features
38
Reporting Features
Presentation Reports
• Now includes reports
on Web 2.0 sites
• Reports on URL link
analysis
39
Reporting Features
Full reporting now available on Linux
• Today and History page charts, as well as investigative
and presentation reports are available on Linux
installations of TRITON – Web Security
• Log Server Service must be on a Windows box
• Log Database must be hosted on supported version of
MS SQL Server or MSDE
40
web security | data security | email security © 2010 Websense, Inc. All rights reserved.
V-Series Appliance
V5000/V10000
V5000
- Geared towards small business organizations
V10000 G1
- High performance platform appliance
V10000 G2
- More CPU and RAM resources
42
On-Box Appliance Components
43
Appliance Manager
Clarification of Settings
NIC Enhancements
NIC Enhancements
NIC Teaming Example
Custom Block Pages
Upload/download function to custom directory
Command Line Utility
For security reasons, fixed command parameters can be ran
Safe and helpful in debugging
Can run Linux commands on different modules
- Appliance
- Websense Content Gateway
- Websense Web Security
- Network Agent
Command Line Utility
Network Agent Resources
• CPU • RAM
• CPU• RAM
Network AgentOther V10000 Modules
V10000
50
Full Backup and Restore
51
web security | data security | email security © 2010 Websense, Inc. All rights reserved.
Support Webinars
Pre-Installation Considerations
Web Security Platforms
Operating systems
• Windows Server 2003 and 2008
• Red Hat Enterprise Linux 4.3 and 5.3
• 32 bit
Database Management Systems
• Microsoft SQL Server 2008, 2005 SP 3, and MSDE
Browsers support for management UI
• Firefox 3.0.x – 3.5.x
• Internet Explorer 7 and 8
53
Content Gateway Platforms
Operating Systems
• Red Hat Enterprise Linux 5 Update 3 or Later, base or
Advanced Platform (32-bit only)
• PAE (Physical Address Extension) – enabled kernel
required
V10000
- Virtualized environment with Xen
54
Upgrade Options
Websense Web Security
• Supports direct upgrade from v7.0 or later
• v5.5 > v6.1 > v6.3 > v7.1 > v7.5
• Earlier than 5.5 should have a clean installation
Websense Content Gateway
• Upgrades require moving from RHEL 4.5 or 4.8 to RHEL 5.3
• Fresh install is needed
V10000
• Must be on patch 1.2.2
55
web security | data security | email security © 2010 Websense, Inc. All rights reserved.
Support Webinars
Deployment Planning & Installation
Deployment Options
Sync Service
- Communication is handled between the on-premises and
hybrid side
- Installed off-box with V10000
- Can be installed on same box as Web Filtering
Components if using software only solution
Linking Service
- Links Data Security software
Trition Unified Security Center
57
Deployment Options
Custom Install – True Hybrid Security
58
Deployment Options
59
Deployment Options
Full Policy Source
- All Websense Web Security services run locally
User Directory and Filtering
- Policy Server, User Service, Filtering Service point to an
off-box policy source (Policy Database, Policy Broker)
Filtering Only
- Filtering service point to an off-box policy source
60
Deployment Options
61
Deployment Options
V10K-A
V10K-E
V10K-C V10K-D
V10K-B
Support Online ResourcesKnowledge Base
– Search or browse the knowledge base for documentation, downloads, top
knowledge base articles, and solutions specific to your product.
Support Forums
– Share questions, offer solutions and suggestions with experienced Websense
Customers regarding product Best Practices, Deployment, Installation,
Configuration, and other product topics.
Tech Alerts
– Subscribe to receive product specific alerts that automatically notify you anytime
Websense issues new releases, critical hot-fixes, or other technical information.
• ask.websense.com
– Create and manage support service requests using our online portal.
63
Customer Training Options
To find Websense classes
offered by Authorized
Training Partners in your
area, visit:http://www.websense.com/findaclass
Websense Training Partners
also offer classes online and
onsite at your location.
For more information, please
send email to:
64
Webinar Announcement
Title: Configuring Websense Web Security Gateway
v7.5
Date: June 16, 2010
Time: 8:30 A.M. PDT (GMT -7)
How to register:
http://www.websense.com/content/
SupportWebinars.aspx
Webinar
Update
65
Questions?
66