Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications



Similar documents
A Websense White Paper Implementing Best Practices for Web 2.0 Security with the Websense Web Security Gateway

Using TestLogServer for Web Security Troubleshooting

A Buyer's Guide to Data Loss Protection Solutions

Websense Web Security Gateway: What to do when a Web site does not load as expected

Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway

ProxySG ICAP Integration

Quick Start 5: Introducing and configuring Websense Cloud Web Security solution

Preventing credit card numbers from escaping your network

User Guide. You will be presented with a login screen which will ask you for your username and password.

Deploying F5 to Replace Microsoft TMG or ISA Server

Integrated Citrix Servers

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

F-Secure Messaging Security Gateway. Deployment Guide

Secure Web Gateway 11.5 Release Notes

Integrated SSL Scanning

User Identification and Authentication

V Series Rapid Deployment Version 7.5

Configuring Security for FTP Traffic

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

Deploying with Websense Content Gateway

Websense Content Gateway HTTPS Configuration

SOA Software API Gateway Appliance 7.1.x Administration Guide

DEPLOYMENT OF I M INTOUCH (IIT) IN TYPICAL NETWORK ENVIRONMENTS. Single Computer running I m InTouch with a DSL or Cable Modem Internet Connection

ISA Server Plugins Setup Guide

Networking for Caribbean Development

TROUBLESHOOTING RSA ACCESS MANAGER SINGLE SIGN-ON FOR WEB-BASED APPLICATIONS

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

Sophos for Microsoft SharePoint startup guide

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

SnapLogic Sidekick Guide

Websense Content Gateway v7.x: Troubleshooting

SECURE Web Gateway. HTTPS/SSL Technical FAQ. Version 1.1. Date 04/10/12

Integrated SSL Scanning

Five Tips to Ensure Data Loss Prevention Success

Install an SSL Certificate onto SilverStream. Sender Recipient Attached FIles Pages Date. Development Internal/External None 5 6/16/08

Installation Guide Supplement

Cyan Networks Secure Web vs. Websense Security Gateway Battle card

Quick Start for Network Agent. 5-Step Quick Start. What is Network Agent?

Firewall Firewall August, 2003

Setting Up Scan to SMB on TaskALFA series MFP s.

HTTPS HTTP. ProxySG Web Server. Client. ProxySG TechBrief Reverse Proxy with SSL. 1 Technical Brief

NETWORKS AND THE INTERNET

Owner of the content within this article is Written by Marc Grote

ez Agent Administrator s Guide

OpenText Secure MFT Network and Firewall Requirements

Proxy Blocking: Preventing Tunnels Around Your Web Filter. Information Paper August 2009

Changing the C Interface IP Address: step-by-step

Version 1.0 January Xerox Phaser 3635MFP Extensible Interface Platform

Quick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at

Deploying the BIG-IP System with Oracle E-Business Suite 11i

Blue Coat Security First Steps Solution for Deploying an Explicit Proxy

Working With Virtual Hosts on Pramati Server

Network Agent Quick Start

Configuring Security for SMTP Traffic

F-SECURE MESSAGING SECURITY GATEWAY

Implementing SSL Offload with JAGUAR Ver.1.0

Remote Filtering Software

Virtual Managment Appliance Setup Guide

Filtering remote users with Websense remote filtering software v7.6

Configuration Guide. Websense Web Security Solutions Version 7.8.1

Installing and Configuring vcenter Support Assistant

VoIPon Tel: +44 (0) Fax: +44 (0)

CumuLogic Load Balancer Overview Guide. March CumuLogic Load Balancer Overview Guide 1

Installing and Configuring vcloud Connector

Technical Brief ActiveSync Configuration for WatchGuard SSL 100

Secure Web Appliance. SSL Intercept

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5

Websense Appliance Manager Help

fåíéêåéí=péêîéê=^çãáåáëíê~íçêûë=dìáçé

Web Security Firewall Setup. Administrator Guide

Deployment for Network Proxy in Simpana Environment

StreamServe Persuasion SP5 StreamStudio

Networks and the Internet A Primer for Prosecutors and Investigators

Preparing for GO!Enterprise MDM On-Demand Service

Virtual Web Appliance Setup Guide

Network Configuration Settings

DEPLOYMENT GUIDE DEPLOYING F5 WITH VMWARE VIRTUAL DESKTOP INFRASTRUCTURE (VDI)

App Orchestration 2.5

Configuring IBM HTTP Server as a Reverse Proxy Server for SAS 9.3 Web Applications Deployed on IBM WebSphere Application Server

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario

Intro to Firewalls. Summary

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

DIGIPASS Authentication for Check Point Security Gateways

Deploying RSA ClearTrust with the FirePass controller

How to configure the Panda GateDefender Performa explicit proxy in a Local User Database or in a LDAP server

Security Overview Enterprise-Class Secure Mobile File Sharing

Using SonicWALL NetExtender to Access FTP Servers

Please evaluate this documentation on the following site:

AXIS 70U - Using Scan-to-File

axsguard Gatekeeper Internet Redundancy How To v1.2

Log Server Error Reference for Web Protection Solutions

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v9.x with Microsoft IIS 7.0 and 7.5

SSL Decryption: Benefits, Configuration and Best Practices

App Orchestration 2.0

Server Installation ZENworks Mobile Management 2.7.x August 2013

ProxySG TechBrief Implementing a Reverse Proxy

DEPLOYMENT GUIDE. Deploying F5 for High Availability and Scalability of Microsoft Dynamics 4.0

Direct or Transparent Proxy?

App Orchestration 2.5

Transcription:

Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications November, 2010 2010 Websense, Inc. All rights reserved. Websense is a registered trademark of Websense, Inc. in the United States and certain international markets. Websense has numerous other registered and unregistered trademarks in the United States and internationally. All other trademarks are the property of their respective owner.

Contents Solution Summary... 3 Solution Diagram... 3 Intro duction... 4 How it works:... 4 Before You Begin... 4 Configuring the Websense Content Gateway ICAP Client... 5 Configuring the ICAP Server... 7 2

Solution Summary Websense Web Security Gateway provides real time content scanning and Web site classification to protect network computers from malicious Web content while controlling employee access to dynamic, user generated Web 2.0 content. Web content has evolved from a static information source to a sophisticated platform for 2 way communications, which can be a valuable productivity tool when adequately secured. The dilemma for administrators is how much access to allow. Web 2.0 sites rely primarily on HTTP/HTTPS protocols, which cannot be blocked without halting all Internet traffic. Malicious content can use this means of entry into a company network. Websense Web Security Gateway contains a high performance Web proxy Websense Content Gateway, that supports deep content inspection. The Websense Content Gateway module offers: Automatic categorization of dynamic Web 2.0 sites Automatic categorization of new, unclassified sites HTTPS content inspection Enterprise proxy caching capabilities Websense Content Gateway supports the ICAP v1 protocol for integration with third party data loss prevention (DLP) applications, such as Symantec Data Loss Prevention (formerly Vontu Data Loss Prevention), and RSA Data Loss Prevention. Data loss prevention applications deliver multi protocol monitoring and blocking of sensitive data leaving the network. DLP is available in various configurations, one of which utilizes a HTTP/HTTPS/FTP proxy with ICAP client such as the Websense Content Gateway for monitoring and blocking of sensitive data. This document provides instructions on configuring Websense Content Gateway as an ICAP client for non Websense DLP products acting as the ICAP server. Solution Diagram 3

Introduction Websense Content Gateway supports integration with Symantec Data Loss Prevention and RSA Data Loss Prevention through the ICAP v1 (Internet Content Adaptation Protocol) interface. Symantec and RSA sites can apply their DLP tools to the flow of traffic that transits Content Gateway on its way to the Internet. The integration facilitates off loading of HTTP POST, HTTPS POST (if SSL Manager is enabled), and FTP PUT to a designated DLP server for content analysis and policy enforcement. In this configuration, Content Gateway acts as an ICAP client communicating with the DLP application, which acts as an ICAP server. How it works: 1. Content Gateway intercepts outbound content and provides that content to the DLP application via ICAP v1. 2. The DLP application determines if the Web posting or FTP upload is allowed or blocked. The determination is based on policy. The disposition is communicated to Content Gateway. The DLP application logs the transaction. 3. Content Gateway acts on the determination. a. If the content is blocked, it is not transmitted to the remote host and the DLP application returns a block page to the sender.* b. If the content is allowed, it is forwarded to its destination. Transaction details are logged by the DLP application, per its configuration. *Block page handling When a request is blocked and the DLP server sends a block page in response: Content Gateway forwards the block page to the sender in a 403 Forbidden message. The block page must be larger than 512 bytes or some user agents (e.g., Internet Explorer) will substitute a generic error message. Before You Begin This section provides instructions for integrating with the third party DLP application. This document is not intended to suggest optimum installations or configurations. It is assumed that the reader has working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All vendor products and components must be installed and working prior to the integration. Perform the necessary tests to confirm that this is true before proceeding. 4

Configuring the Websense Content Gateway ICAP Client Note: This document assumes that the administrator has deployed and configured Websense Content Gateway to proxy HTTP(S) and/or FTP traffic as outlined in the Deploying with Websense Content Gateway Guide. Ensure that all proxy traffic is working properly before beginning any of the procedures listed below. The Content Gateway ICAP v1 interface supports Websense Data Security Suite, Symantec Data Loss Prevention, RSA Data Loss Prevention, and other applications that act as ICAP servers. To configure integration with ICAP, log on to Content Gateway Manager and go to the Configure > My Proxy > Basic > General page. 1. In the Networking section of the Features table, select Data Security On, and select ICAP. 2. Click Apply, and then click Restart (top of page). 5

3. Navigate to Configure > Networking > ICAP > General. 6

4. In the ICAP Service URI field, enter the Uniform Resource Identifier (URI) for the ICAP server. A URI is similar to a URL, but the URI ends with a directory, rather than a page. Obtain the identifier from your DLP application administrator. Enter the URI in the following format: icap://hostname:port/path For hostname, enter the IP address or hostname of the DLP server. The default ICAP port is 1344. Path is the path of the ICAP service on the host machine. For example: icap://icap_machine:1344/reqmod You do not need to specify the port if you are using the default ICAP port 1344. 5. Under Analyze HTTPS Content, indicate if decrypted traffic should be sent to the DLP server for analysis or sent directly to the destination. You must be running SSL Manager to send HTTPS traffic to the DLP server. 6. Under Analyze FTP Uploads, select whether to send FTP upload requests to the DLP server for analysis. The FTP proxy feature must be enabled to send FTP traffic to the DLP server. 7. Under Action for Communication Errors, select whether to permit traffic or send a block page if Content Gateway encounters an error while communicating with the DLP server. 8. Under Action for Large Files, select whether to permit traffic or send a block page if a file larger than the size limit specified by the DLP server is sent. 9. Click Apply. NOTE: If you change the URI, you must restart Content Gateway. Other changes do not require a restart. Configuring the ICAP Server Configure the Symantec or RSA DLP server for ICAP per the vendor s product documentation. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information