Websense question

Posted on 2008-06-20
Medium Priority
Last Modified: 2012-05-05
I have close to no experience with Websense, and I dont really plan on learning anything about it since this is not administrated by my department. Still, without a slight bit off knowledge about the subject, I am in an "argument" about the use of the solution in my organization. :)

What I want to know is; Is it possible to set up a block in Websense that blocks EVERYTHING that ends with, say *.tv , and set up a whitelist for legit sites that gets through? There is allready a custom filter in place, which is why I can't belive this "option" is impossible to set up.

If it is possible, could you provide me with a short explanation or link to a howto on the subject.

Question by:oyvindha
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3

Expert Comment

ID: 21835531
I beleive you'd use a protocol filter for streaming media - and then re-catoragise any sites with explicit permit.

Author Comment

ID: 21835546
I'm afraid you misunderstood me.. *.tv was just an example.. I wan't to close down all but certain sites in a specific country.

Author Comment

ID: 21835561
To be a bit more specific;

I would like to block all *.ru sites besides a whitelist that is approved
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more


Expert Comment

ID: 21839127
I would create a keyword - .ru
i would then create a user defined category - called Keyword.  apply the keyword filter to this.
then block the category for the relevant policy, then apply the policy to the user / group / network segment required.

Author Comment

ID: 21844785
Thanks for the suggestion Naughton. So the keyword filter will work on the URL's only or does it also affect content of the website? And adding sites to a white-list to get around this block would work?
LVL 14

Accepted Solution

Ehab Salem earned 375 total points
ID: 21854937
I would make the following:
1- create a user defined category and name it say blocked root domain and set it to blocked by default
2- Goto custom URLs/recategorized, click on the created category and click add
3- In Enter URLs to permit enter just ".ru" (without the quotes)
Now all .ru is blocked
4- In Recategorized click on the category of the site you want to allow (say news), and add the site(s) you want to permit (provided News is allowed)
Now all .ru sites are blocked except the recategorized sites.
You can also add to Not filtered, but i prefer to recat as to appear in the reports.

Author Comment

ID: 21855063
Thanks ehabsalem.

I assume this is the way to go as it's pretty similar to the solution to Naughton's. So if I understand this right; settng the category to blocked by default, and adding a permitted URL to it in step 3, you are actually not permitting it but blocking?

Assuming there are no other solutions or tips other then this method, I'll close the question by the end of the day.

Assisted Solution

naughton earned 375 total points
ID: 21861255
correct - you can set each user / group / computer / network as either blocked or not.  and then recategorise any sites you explicitly want to allow into a different / permitted group to allow access if there is a need.


Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question