I am running ISA 2006 and Websense 7.5. Filtering works as expected, but I need a way to exclude a certain range of IP addresses. Those excluded machines are handled through a firewall rule in ISA limiting them to a few web sites.
While there is a place in Websense to do this, it does not work (according to their support). They instructed me to create an exception on ISA and not send filter requests to Websense. Is there a way to do that? It looks to me like that WS filter is tied to the HTTP protocol, therefore it is on or off.
Thanks, but I have been down that path already. These machines are not on our domain, though that doesn't seem to be required. I would expect to see the local username in Websense, but I don't. I see requests coming from my 10.101.x.x subnet, but the username in Websense is a number like 93.
Ideally, I need a way to exclude an IP range. Here is what the Websense engineer said in her reply (I have Websense set to ignore the IP addresses):
You have network agent configured to ignore those IP, but since you're integrated with ISA you have to tell the proxy to not send that traffic as well otherwise it will. We don't have any documentation on creating an exception with ISA, you may have to contact Microsoft for those steps. Once you have that exception on the proxy then those IPs will be ignored. Until then the Proxy is still sending Websense that traffic.