Quick Start for Network Agent 5-Step Quick Start See - Websense ...

More documents

Recommendations

Info

Quick Start for Network AgentTop Troubleshooting TipsNetwork Agent cannot communicate with Filtering Service after it has been reinstalledWhen Filtering Service has been uninstalled and reinstalled, the Network Agent does notautomatically update the internal identifier (UID) for Filtering Service. After the new installation iscomplete, Websense Manager attempts to query Filtering Service using the old UID, which no longerexists.To re-establish connection to Filtering Service:1. Open Websense Manager.An error message is displayed stating Network Agent is unable to connect withFiltering Service.2. Clear the message and select Server > Settings.The same error message is displayed.3. Clear the message again and select Network Agent from the Settings Selections list.4. Click Local Settings.5. Select the IP address listed above the NIC for the Network Agent.6. Click Edit Selection.The Filtering Service Connection dialog box appears.7. Select the IP address of the Filtering Service machine from the Server IP Address drop-downlist.8. Click Finish.9. Click OK in the Local Settings dialog box.10. Click OK in the Settings dialog box to save the changes.Network Agent fails to start with stealth mode NICIP address removed from Linux configuration fileNetwork Agent can monitor (not block) with a stealth mode NIC if the interface retains its old IPaddress in the Linux system configuration file. If you have bound the Network Agent to a networkinterface card configured for stealth mode, and then removed the IP address of the NIC from theLinux configuration file (/etc/sysconfig/network-scripts/ifcfg-), Network Agent will not start.An interface without an IP address will not appear in the list of adapters displayed in the installer or inWebsense Manager and will be unavailable for use. To reconnect Network Agent to the NIC, restorethe IP address in the configuration file.Stealth mode NIC selected for Websense communications in Solaris and LinuxNetwork interface cards configured for stealth mode in Solaris and Linux are displayed in theWebsense Enterprise installer as choices for Websense communication (blocking). If you haveinadvertently selected a stealth mode NIC for communication (blocking), Network Agent will notstart, and Websense services will not work. Select a different NIC in Websense Manager.Quick Start 16 Network Agent
Quick Start for Network AgentSpanning or mirroring has not been turned onThe switch port connected to the Network Agent machine must see all traffic.On most switches, you can change the port mode to spanning, mirroring, or monitoring mode (theterm varies with the manufacturer; the function is the same). Cicso uses the term spanning. 3Com,DLink, and others use mirroring. HP and some other manufacturers call it monitoring.To connect Network Agent to the network using a switch, plug the Network Agent machine into theport on the switch that mirrors (spans, monitors) the traffic going to the gateway or firewall port.The span port mirrors all the traffic that leaves the network segment, so traffic is simultaneously sentto the monitoring port to which Network Agent is connected.Spanning or mirroring is set on the wrong portMonitor (span, mirror) only the port going to the firewall or router port, not the entire network.Router or Firewall traffic is being monitored in the wrong directionMonitor (span, mirror) the traffic going to the firewall/router. On Cicso switches, this means you needto specify Tx. On HP and 3Com switches, you need to specify Egress.To log bytes sent and received, set both Tx and Rx (Cisco) or both Egress and Ingress (HP, 3Com).Mono-directional spanning (mirroring, monitoring) is used with a single NICWebsense strongly recommends using a switch that supports bi-directional spanning. If such a switchis used, Network Agent can function successfully with a single Network Interface Card (NIC)performing both monitoring and blocking.If the switch does not support bi-directional spanning, Network Agent must use separate NICs formonitoring and blocking.How do I set up Network Agent on a machine with teamed NICs (TNICs)?TNICs share the load under one common identity, with four adapters load-balancing under a single IPaddress. This is also known as link aggregation or trunking.Websense recommends against using teamed NICs for Network Agent.An anti-spoofing mechanism has been used in the switchEither disable the anti-spoofing mechanism or contact Websense Technical Support for additionaloptions.Are other tools available for verifying that the Network Agent machine sees the traffic?Yes. Contact a Websense Technical Support specialist or Sales Engineer for information aboutnetwork tools that can help verify Network Agent behavior.Can a network tap be used with Network Agent?Yes. A tap can be used with the Network Agent machine. Network Agent must be able to see thetraffic in both directionsQuick Start 17 Network Agent
Page 1 and 2: Quick Start for Network AgentWhat i
Page 3 and 4: Network Agent’s special roleQuick
Page 5 and 6: Quick Start for Network AgentWorksh
Page 7 and 8: Quick Start for Network AgentWorksh
Page 9 and 10: Quick Start for Network AgentHubsIf
Page 11 and 12: Quick Start for Network AgentIntern
Page 13 and 14: Quick Start for Network AgentNetwor
Page 15: Quick Start for Network AgentFieldN
Page 19 and 20: Quick Start for Network AgentSwitch
Page 21 and 22: Quick Start for Network AgentThe fo
Page 23: Gateway ConfigurationQuick Start fo

Quick Start for Network Agent 5-Step Quick Start See - Websense ...

Create successful ePaper yourself

Delete template?

Save as template?