I currently have Websense WebSecurity deployed in my environment, and I'm several versions behind, currently on Websense Manager 7.1.
Frequently, we'll have issues with bandwidth being chewed up, or suspicions about inappropriate usage of our bandwidth, but are unable to obtain useful information from reports. Our largest bandwidth hogs will frequently be reporting as visiting https IP ranges, and we really have no idea what these are, or what's coming across the wire. Sometimes, we'll be able to run a WHOIS and get something like Limelight, but that still doesn't really tell me what's happening. More frequently, you'll be unable to determine the destination, what kind of traffic is coming across, or anything else that would give you political reason to investigate the user more thoroughly, or get their manager to actually back you.
So, how can I actually find useful data? How can I generate a report that allows me to have any kind of real visibility into where the user is going, or what kind of traffic they're using?
Attached is a screenshot to show the typical return I get on investigative reports.
If it has any relevance, the Websense server sits on a 2008 server (R1) VM, on an ESX host. The initial config took multiple days back when Websense was still willing to assist with deployment. I'm understaffed, and the upgrade project appears sufficiently complex enough to be very intimidating.
”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
-Mike Kapnisakis, Warner Bros
With your subscription - you'll gain access to our exclusive IT community of thousands of IT pros. You'll also be able to connect with highly specified Experts to get personalized solutions to your troubleshooting & research questions. It’s like crowd-sourced consulting.
We can't always guarantee that the perfect solution to your specific problem will be waiting for you. If you ask your own question - our Certified Experts will team up with you to help you get the answers you need.
Our certified Experts are CTOs, CISOs, and Technical Architects who answer questions, write articles, and produce videos on Experts Exchange. 99% of them have full time tech jobs - they volunteer their time to help other people in the technology industry learn and succeed.
We can't guarantee quick solutions - Experts Exchange isn't a help desk. We're a community of IT professionals committed to sharing knowledge. Our experts volunteer their time to help other people in the technology industry learn and succeed.