Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Websense and Fortinet

Posted on 2014-03-04
1
Medium Priority
?
2,586 Views
Last Modified: 2014-04-03
I'm trying to setup web filtering with Websense appliance and a fortinet 300c firewall.   I have had several long conference calls with both companies and it's still not working.  Websense said they will only support policy based routing with the Fortinet.  They only support WCCP with Cisco.  Fortinet put in the rule, yet NO traffic is  hitting the websense appliance.  When we put websense appliance as a proxy in IE it works fine.  That's not a solution though as we have people using every browser out there.  Does anybody have an experience with this or suggestions?
0
Comment
Question by:rsl-nsg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 10

Accepted Solution

by:
0xSaPx0 earned 1500 total points
ID: 39942607
First off you will need to make sure you have both websense configured and the fortinet.

Here is a quick guide for the fortinet : http://kb.fortinet.com/kb/viewContent.do?externalId=FD32926

 WCCP on Websense can be found in the Content gateway documentation:
http://www.websense.com/content/support/library/web/v78/wcg_help/first.aspx


The next step is to setup debugs on the firewall to see if packets are redirecting to the appliance properly.

If thats working, you can use tcpdump from the Websense toolbox to see if packets are getting to websense and what responses are being sent out. That should help isolate the cause and make it possible to engage the correct support team.

Beyond that, I can say Websense WCCP support i designed for Cisco, and can work with other vendors but they must be RFC complaint to the T. Best of luck and if nothing works remember there are other ways to do Transparent proxying using websense such as using the network agent.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
What we learned in Webroot's webinar on multi-vector protection.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question