Cloud Web Security Implementation Checklist [PDF]

Websense Cloud Web Security Implementation Checklist

Topic 45056 / Updated: 15-Mar-2013 Applies To:

Websense Cloud Web Security

This document outlines the implementation steps required to deploy the Websense Cloud Web Security service.

Resources The following resources should be used in conjunction with the implementation steps: 

Cloud Web Security Getting Started Guide http://www.websense.com/content/support/library/web/hosted/getting_started/ first.aspx



Websense URL Categories http://www.websense.com/content/URLCategories.aspx



Websense Master Database test pages http://testdatabase.websense.com



Cloud service proxy query page http://query.webdefence.global.blackspider.com/



Cloud Web Security monitoring tool http://www.mailcontrol.com/utility/WDmonitor/monitor.mhtml

Implementation Steps The following sequence of steps should be treated as a guide, and may need to be varied according to circumstances. The chapter numbers in the list below refer to the Websense Cloud Web Security Getting Started Guide.

Step

Comments

A

Request a Cloud Web Security account

This can be done by visiting http://www.websense.com/evaluations/HWP/ form.aspx and following the instructions. See Chapter 2.

B

Select your deployment method

For example, direct connection or proxy chaining. See Chapter 3. Note: For direct connections, MS Group Policy objects can be used.

C

Configure your firewall to allow and enforce Cloud Web Security

This ensures that client systems can access the cloud service data centers on appropriate ports. See Chapter 4.

D

Identify your site IP addresses to the cloud service policy

See Chapter 7.

E

Configure end user authentication

Load user details via directory synchronization (for example, Active Directory). Roaming user setup. See Chapter 8.

F

Convert existing Web filtering security policy for use in the cloud service

Cloud Web Security URL categories are the same as those used for Websense on-premises Web filtering products. Use the Websense URL Categories page for detailed definitions of each category. Cloud Web Security policies are defined according to site and then by exception.

G

Run a pilot

Run a small pilot to get the service up and running using a restricted set of users. Run acceptance/proof of concept tests (see Typical Test Structure in the text below). Use the Websense Master Database Test Pages for reference. Tune connectivity with assistance from Websense Technical Support if required. See chapter 11.

H

Prepare end users

Set up and communicate acceptable use policy. Email communications to end users (sample text provided). See Chapter 12.

I

Roll out to further sites

Typical test structure Test plans for each site rollout typically cover the following areas.

Step

Details

Filtering setup

Business critical sites HTTP normal usage sites FTP sites HTTPS Applications Software updates AV signatures RSS feeds File downloads White/black list Group exceptions

Access control

Authentication/identification setup Directory synchronization (LDAP)

Reporting

Presentation reports Forensics reports

Performance monitoring (if required)

Performance monitor tool

Document the configuration

Common administrator activities On-premises group policy settings for end clients