I have a customer that has a strange combination of a product called WebSense (filter) on an ISA box. This server doesn’t seem to be in line of traffic (i.e. it’s not the designated default gateway, nor is it directly connected to their external firewall).
My question to anyone familiar with this product is…how does it work exactly? I can see that it’s acting as a proxy gateway (the proxy info for the server is automatically being put into the users browsers on start up), and I can see that it’s using AD groups to segregate access. But when I created a test user (without being in any of the WebSense access groups) and basically turned off the proxy I seemed to be able to get out to the internet (unfiltered) just fine.
Also, is the ISA Server required for WebSense at all? As far as I can tell looking at the ISA firewall policies it’s not doing much (if anything)…unless it’s some how tied into WebSense. They have a hardware firewall that connects them to the internet…the ISA basically has a policy something like Allow all Inbound and Outbound traffic from any port…and then the default policy that denies all after this.
I’ve looked on WebSenses home page but I can’t get a good explanation on how the product is supposed to be integrated into a network. Any help by anyone who has used this in the past would be greatly appreciated.
-XT