I've got a question about Websense. I'm running Firewall/VPN-1 v4.1 SP3 on
NTv4.0 SP5. I'm currently evaluating Websense because some porn showed up
at one of our public PC kiosk for employees. The kiosk has thin-clients
running with a Citrix server. When an HTTP request hits the firewall from
any of these thin-clients, it appears to be coming from the Citrix server
as far as workstation IP address.
Right now I have a rule setup on the firewall with a group called
web-block. Any WS in this group would be sent to the Websense server via
UFP for web-site checking. All other WS would drop down to the next rule
and have full access to the Internet.
I guess I'm confused about Websense licensing. From what I understand,
because these 10-12 thin-clients running with my Citrix server appear as 1
IP address, that would be only 1 license to the Websense server.
Is there any advantage to sending all HTTP traffic through the Websense
server and setup rules there? If that is the case, I would probably need a
1000 user license from Websense?
Any help or direction would be greatly appreciated!
Stewart
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
