• Advertisement
Preserving the Apple IIGS

Windows Server 2008,2012+ - Websense Web Filter 7.6x+ - Installation

Any software title released for Windows. Articles are posted in "Windows Version - Software Title - Subject" format.

Windows Server 2008,2012+ - Websense Web Filter 7.6x+ - Installation

Postby lmmtux » Fri Apr 25, 2014 10:32 am

This walks through installing Websense Web Filter 7.6-7.82 and higher (versions that include the Triton management interface). Official documentation can be conflicting and confusing, so these steps cover everything needed for a successful installation.


Requirements

  • Two Windows Server 64-bit servers or virtual machines (Server 2008 R2 and 2012 R2 supported). Check the Websense website for current compatibility.
  • SQL Express or SQL Standard/Enterprise 2005-2008.


Pre-Installation steps

  • Assuming you will place the Websense database on a dedicated SQL server with NT authentication, create an AD user for Websense (i.e. "websense"). SQL authentication is also supported however we will not be covering that scenario here.
  • On the SQL server:
    • Create the "DOMAIN\websense" user account, and grant it the system-wide "dbcreator" role.
      triton0a.jpg
      triton0a.jpg (29.28 KiB) Viewed 3848 times
    • For the "msdb" system database, grant "DOMAIN\websense" these roles: "SQLAgentUserRole", and "db_datareader".
      triton0c.jpg
      triton0c.jpg (66.79 KiB) Viewed 3848 times
  • On each Windows server:
    • Download the installation file from Websense to the local drive.
    • Install Microsoft .NET Framework 3.5.
    • Set the IP address to static.
  • Websense recommends installing the management and policy components on one server, and the log server service on its own separate server. This is how we will be proceeding. You will need two Windows server computers (or virtual machines).


Installation of the Management, Policy and Reporting server (Server #1)

Triton is the central management interface for all Websense products. It is required to administer Web Filter as well as additional components which will be installed below.

  • Run the installer and wait while it unpacks.
  • Accept the end user agreement and click Next.
  • At the main installation screen, click "Install" next to "Triton Infrastructure" to launch the Triton installer.
  • Click Next.
  • Installation Directory: Verify installation path and click Next.
  • Microsoft SQL Server Tools: Click Next to being the SQL native client installation. Click Next twice to accept the defaults and click Finish to complete the SQL native client installation.
  • Database Information: Enter in the dedicated SQL server name, and select "Trusted connection" to use an NT account for SQL authentication. Enter in the Websense AD account credentials, and click Next.
    triton39.jpg
    triton39.jpg (58.21 KiB) Viewed 3848 times
  • Server and Credentials: Verify server and enter in the Websense AD account credentials and click Next.
    triton04.jpg
    triton04.jpg (56.9 KiB) Viewed 3848 times
  • Administrator Account: Enter the email address for the admin account and click Next.
  • Email Settings: Configure for your SMTP server.
  • Pre-Installation Summary: Verify and click Next.
  • Wait while components are installed. When installation is complete, you will be prompted for additional components to install.
  • Select Components: Select the components "Linking Service", "Real-Time Monitor", and "Policy Broker and Policy Server". Click Next.
    triton10.jpg
    triton10.jpg (79.11 KiB) Viewed 3848 times
  • Policy Broker Replication: Select "Standalone" if you only need one policy server, or "Primary" if you need more than one policy server in your environment. In most cases, one Standalone policy server is the recommended option. Check the Websense documentation for further details on this. Click Next.
  • Pre-Installation Summary: verify and click Next.
  • Wait while components are installed. When installation is complete, you will be returned to the main installation screen.

The Log Server is typically installed on the same server as the management services. The steps below follow this design. Please note that the Log Server installation will initialize the Websense database (named "wslogdb70").

  • Run the installer and wait while it unpacks.
  • Accept the end user agreement and click Next.
  • At the main installation screen, click "Modify" next to "Web Security or RiskVision".
  • Select Components: Select "Log Server" and click Next.
    triton32.jpg
    triton32.jpg (67.86 KiB) Viewed 3848 times
  • Policy Server Connection: Enter in the IP address of the Policy server (first server or VM). The port should be 55806. Click Next and it should test connect and go to the next step. If it fails, verify the Windows Firewall settings above on the Policy server (first server or VM).
    triton33.jpg
    triton33.jpg (52.67 KiB) Viewed 3848 times
  • Microsoft SQL Server Tools: Click Next to being the SQL native client installation. Click Next twice to accept the defaults and click Finish to complete the SQL native client installation.
  • Database Information: Enter in the dedicated SQL server name, and select "Trusted connection" to use an NT account for SQL authentication. Enter in the Websense AD account credentials, and click Next.
    triton39.jpg
    triton39.jpg (58.21 KiB) Viewed 3848 times
  • Log Database Location (Remote): Enter in a specific path on the SQL server (if needed). Click Next.
  • Optimize Log Database Size: In most cases, select "Log Web page visits", and click Next. Check the Websense documentation for more details.
    triton41.jpg
    triton41.jpg (60.88 KiB) Viewed 3848 times
  • Installation Directory: Verify installation path and click Next.
  • Pre-Installation Summary: Verify and click Next.
  • Wait while components are installed. When installation is complete, click Next and you will be returned to the main installation screen.
  • Close the installation screen.
  • Open the Windows Firewall control panel and select "Advanced settings". Add new entries for the following:
    • Websense Control Service: Port 55869 TCP
    • Websense Log Server: Port 55805 TCP
    • Websense Log Server 2: Port 55885 TCP
    • Websense Policy Broker: Port 55880 TCP
    • Websense Policy Server: Port 55806 TCP
    • Websense Policy Server 2: Port 40000 TCP
  • Enable these existing rules:
    • File and Printer Sharing (LLMNR-UDP-In)
    • File and Printer Sharing (NB-Name-In)
      triton30.jpg
      triton30.jpg (113.07 KiB) Viewed 3848 times
    Note: these rules are necessary for the Filtering Server (which will be installed below) to connect to this server.


Installation of the Filtering Server (Server #2)

Best practice is to keep the filtering server separate from the Reporting services which were installed above. This will ensure filtering can take place if the management server is experiencing issues or lagging due to running reports.

  • Run the installer and wait while it unpacks.
  • Accept the end user agreement and click Next.
  • At the main installation screen, click "Install" next to "Triton Infrastructure" to launch the Triton installer.
  • Click on "Modify" next to "Web Security or RiskVision".
  • Add Components: Select "Install additional components..." and click Next.
  • Select Components: Select "Filtering Service", "Usage Monitor", "User Service", and "DC Agent". Check the Websense documentation for further details for your environment. In this case we are running Active Directory so the components above are required.
    triton18.jpg
    triton18.jpg (72.91 KiB) Viewed 3848 times

    triton19.jpg
    triton19.jpg (71.4 KiB) Viewed 3848 times
  • Active Directory: Select "Yes" and click Next.
  • Windows Computer Browser Service: Select "Yes" and click Next.
  • Integration Option: Select "Integrated with another application or device" and click Next.
  • Select Integration: Select your firewall device from the list and click Next.
    triton52.jpg
    triton52.jpg (56.47 KiB) Viewed 3840 times
  • Filtering Feedback: Select your choice of feedback and click Next.
  • Directory Service Access: Enter in the credentials of the Websense AD account and click Next.
    triton24.jpg
    triton24.jpg (61.96 KiB) Viewed 3848 times
  • Pre-Installation Summary: verify components and click Next.
  • Wait while components are installed. When installation is complete, click Next and you will be returned to the main installation screen.
  • Close the installation screen.
  • Open the Windows Firewall control panel and select "Advanced settings". Add new entries for the following:
    • Websense Control Service: Port 55869 TCP
    • Websense DC Agent: Port 30600, 55823 TCP
    • Websense Filtering Service: Port 15868, 15871, 15872, 55807 TCP
    • Websense Logon Agent: Port 55819 TCP
    • Websense Network Agent: Port 55811 TCP
    • Websense Usage Monitor: Port 55813 TCP
    • Websense User Service: Port 15872, 55815 TCP


Additional Configuration

  • Verify that you can log in to the Triton console. Connect to the URL in your browser: "https://policy_server:9443/triton".
  • If you need to change the location on the SQL server for the database logs, go to: Settings / Reporting / Log Database, and select the local path(s).
    triton48.jpg
    triton48.jpg (75.92 KiB) Viewed 3847 times
lmmtux
 
Posts: 55
Joined: Mon Jul 30, 2012 9:40 pm
Reputation: 0

Return to Microsoft Windows

 


  • Related topics
    Replies
    Views
    Last post
cron