Websense question

I have close to no experience with Websense, and I dont really plan on learning anything about it since this is not administrated by my department. Still, without a slight bit off knowledge about the subject, I am in an "argument" about the use of the solution in my organization. :)

What I want to know is; Is it possible to set up a block in Websense that blocks EVERYTHING that ends with, say *.tv , and set up a whitelist for legit sites that gets through? There is allready a custom filter in place, which is why I can't belive this "option" is impossible to set up.

If it is possible, could you provide me with a short explanation or link to a howto on the subject.

Who is Participating?
Ehab SalemConnect With a Mentor IT ManagerCommented:
I would make the following:
1- create a user defined category and name it say blocked root domain and set it to blocked by default
2- Goto custom URLs/recategorized, click on the created category and click add
3- In Enter URLs to permit enter just ".ru" (without the quotes)
Now all .ru is blocked
4- In Recategorized click on the category of the site you want to allow (say news), and add the site(s) you want to permit (provided News is allowed)
Now all .ru sites are blocked except the recategorized sites.
You can also add to Not filtered, but i prefer to recat as to appear in the reports.
I beleive you'd use a protocol filter for streaming media - and then re-catoragise any sites with explicit permit.
oyvindhaAuthor Commented:
I'm afraid you misunderstood me.. *.tv was just an example.. I wan't to close down all but certain sites in a specific country.
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

oyvindhaAuthor Commented:
To be a bit more specific;

I would like to block all *.ru sites besides a whitelist that is approved
I would create a keyword - .ru
i would then create a user defined category - called Keyword.  apply the keyword filter to this.
then block the category for the relevant policy, then apply the policy to the user / group / network segment required.
oyvindhaAuthor Commented:
Thanks for the suggestion Naughton. So the keyword filter will work on the URL's only or does it also affect content of the website? And adding sites to a white-list to get around this block would work?
oyvindhaAuthor Commented:
Thanks ehabsalem.

I assume this is the way to go as it's pretty similar to the solution to Naughton's. So if I understand this right; settng the category to blocked by default, and adding a permitted URL to it in step 3, you are actually not permitting it but blocking?

Assuming there are no other solutions or tips other then this method, I'll close the question by the end of the day.
naughtonConnect With a Mentor Commented:
correct - you can set each user / group / computer / network as either blocked or not.  and then recategorise any sites you explicitly want to allow into a different / permitted group to allow access if there is a need.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.