Using MSN Messenger involves making more than one type of Internet request. To ensure that MSN Messenger is permitted, you must configure Websense Express to permit all of the following: Websense protocol MSN Messenger Websense protocol HTTPS Websense Master Database category Search Engines and Portals (in addition to Web Chat and Internet Communication) The “MSN Messenger protocol” must be permitted for [...]

Log entries show permitted permitted protocol requests (for example, RTSP) even though all protocols are configured to be blocked. Even if all protocols are configured as blocked, Real-Time Streaming Protocol (RTSP) and Windows Media requests are occasionally permitted and logged. This also affects report output generated by Websense Explorer. This behavior has to do with [...]

The Websense Master Database includes the Bandwidth Premium Group (also known asBandwidth Categories), which includes the category Internet Radio and TV. As with any other Websense category, you can add this category to your policy in Websense Manager, and then block users from access.

Configure Network Agent to block HTTPS traffic by configuring the HTTPS option in the Protocol set. Select Edit in the Protocol Set pane. In the Edit Protocol Set window, expand Web and select HTTPS. Select Block. Click OK. See the Websense Web Security Suite and Websense Enterprise Administrator’s Guide chapter on blocking protocols. The link is provided below. Websense Documentation:   Websense Web Security Suite [...]

Skype is blocked by default after installation of Websense Express. In the Websense Master Database, Skype is assigned to the protocol category called P2P File Sharing. This category is blocked by the policy Basic Security, which is set by default after Websense Express is installed. The Basic Security policy uses the Typical protocol filter by [...]

If peer-to-peer traffic is not blocked on your network as you believe it should be, then the protocol may be encrypted. Examples of applications using encryption include WinMX and Ares. Websense is actively researching solutions for monitoring and managing encrypted network traffic that are accurate, scalable, and secure. While decrypting encrypted traffic is possible through [...]

The Advanced TCP/IP dialog will allow you to configure settings relative to DNS, WINS and specify multiple IP Addresses and Gateways. To bring up the Advanced TCP/IP Settings dialog, simply right click the desired connection from the Network Connections folder, and choose properties to open the Properties dialog of the selected connection. Now select Internet [...]

This article uses postfix as the mail transport agent (MTA), as opposed to sendmail, the default MTA for CentOS. Dovecot is used to allow users to access their email by either imap or pop protocols. We assume a domain name of example.com which should be changed by the reader and can be either a real [...]

Amavisd-new is a reliable high-performance interface between an email server (MTA) and content checkers such as virus scanners (ClamAV), and/or SpamAssassin. Amavisd-new supports both (E)SMTP and LMTP protocols as well as UNIX sockets for communicating with the MTA and content checkers. In addition, it may also use dedicated helper programs such as the Mail::SpamAssassin Perl [...]

This allows full access through our firewall to certain trusted sources (host PCs). Now we’ll look at how we can filter against protocols and ports to further refine what incoming packets we allow and what we block. Before we can begin, we need to know what protocol and port number a given service uses. For [...]

I can use tcpdump to verify that encryption is working. Here is what a plain unencrypted POP mail session looks like. This is an abbreviated example showing only the initial three-way TCP handshake. You can do this yourself by firing up tcpdump, then checking mail. Ctrl+C stops it: # tcpdump port 110 15:04:49.050227 windbag.34348 > [...]