partner guide to whats new in 7.8.2.pdf

2014 Websense, Inc. All rights reserved. Websense is a registered trademark of Websense, Inc. in the United States and certain international markets. Websense has numerous other registered and unregistered trademarks in the United States and internationally. All other trademarks are the property of their respective owner.

WEBSENSE CONFIDENTIAL | INTERNAL AND CHANNEL USE ONLY Page 1 of 5

Partner Guide to Whats New in R 7.8.2 February, 2014

Websense Release 7.8.2 Overview

Welcome to Websense Release 7.8.2! This release offers new features, enhancements and performance improvements for Websense web, email, and data security products. This document highlights the most noteworthy content in the release. For a complete list please refer to the Release Notes on the Support page at www.websense.com or contact your Websense Sales Representative.

4 Strategic Focus Areas for 2014

In 2014, Websense has moved to an agile release schedule. Each year will consist of 4

releases (2014 R1, 2014 R2, 2014 R3, and 2014 R4). Websense Release 7.8.2 is the equivalent

of 2014 R1

All product enhancements, new features, or changes will fall into one or more of 4 strategic

product focus areas or pillars.

1. Network of One Providing a unified security solution down to individual users,

regardless of where their business takes them. This includes extending security to

mobile devices, convergence of cloud and on-premises capabilities and more, to offer

seamless protection for multiple use cases.

2. Combating the Insider Threat Intellectual property theft is a major issue and most organizations dont know its happening to

them. Websense addresses the need for outbound data theft defenses with leading data protection technology that identifies

sophisticated malicious activity.

3. Raising the Human Security IQ Offering solutions that provide predictive, actionable intelligence across the entire threat

lifecycle which add value and education that is delivered fast and in easy-to-read-and-share formats.

4. Built to Last Developing product offerings that are enterprise-grade, reliable, and adaptable in your customers network or in

the Websense Cloud.




The graphic next to each feature below indicates the strategic focus area to which each feature maps:

New For Web Security On Premises

Latest Platform/Browser Support 7.8.2 is widely compatible with the latest OS and browser versions

New OS support includes:

o Windows 2012 R2

o Red Hat Enterprise Linux (RHEL) 6.5

New browser support includes:

o Internet Explorer 11

o Chrome 32

o Firefox 27

IP Address Soft Enforcement

On February 3rd 2014, Websense TRITON solutions that include Web Security Gateway stopped hard

enforcement of IP-address-based subscription limits. Subscription count is still based on IP addresses,

but requests from IP addresses exceeding the count are no longer denied security protection.

This change should be transparent for both administrators and users. Full security protection

capabilities are maintained even after the licensed IP levels are exceeded.

WCG configuration file refactoring

A new structure for Web Content Gateway has been configured.

This provides the following benefits

o Saves runtime memory

o Improves product stability

o Increases performance

Integrate 2014 category update

New categories in the Websense master database are available for enhanced security protection and

intelligence:

o New category: Compromised Websites

o New category: Newly Registered Websites

These new URL categories provide better granularity for policies and reporting

Other Changes/Upgrades

Simplified migration from prior software releases (7.6 and beyond)

New logon app support includes:

o Mac OSX 10.9

o Microsoft Windows 8.1




New for Web Security Cloud

Datacenter auto-selection improvement

Cloud Web Datacenters (clusters) can now optionally be selected based on their proximity to the end

users egress IP address as opposed to their DNS servers egress IP address.

This feature is also known as Client IP-Based Web Traffic Routing

This feature ensures that the nearest data center is selected which in turn ensures the minimum latency

between user and cloud proxy leading to the best browsing experience.

This is especially important when the DNS servers being used are hosted in a different geographic

location to the end user. This applies to both on-premises and roaming users.

Minimizes latency and optimizes browsing experience by ensuring automatic selection of the nearest data center

Roaming User auto-provisioning default policy

The administrator can now define a default policy that will be applied when new Endpoints are deployed

to roaming users that are not synchronized to the cloud service.

Ensures predictable policies, minimizes admin efforts, increases reporting accuracy, and improves end

user experience when setting up the endpoint. (CWS/CWSG only).

End user bypass for Certificate Errors

A trusted end user can now be given the ability to dismiss/click-through a certificate error when they

access a web site and continue browsing.

This saves administrator time while improving end browsing experience and productivity. Previously

this would require a call from the end user to the administrator to set a bypass for the website.

This feature is available through the service portal for CWS/CWSG customers but only via request to

Technical Support for WSGA customers.

Other Changes/Upgrades

Bypass Certificate Verification by IP Address

o Admins can configure service to bypass certificate checks for trusted IP address. This is

primarily a benefit for Citrix/remote desktop users

CSV import for Custom Categories

o Simpler migration from other products to CWS/CWSG

New and updated categories

o New URL categories in Websense Master DB provide better granularity for policies and

reporting




New For Email Security

On-Premises Encryption for ESG/ESGA

Park and pull secure message delivery WITHOUT cloud or partner for ESG/A

Complete park/pull on-premises solution for those customers that cant/wont go to a cloud

solution.

Integrates with DSS policy for compliance and IP protection.

A third party end users can self-register with the system.

Password set/reset can be done by end user.

Notification email is customizable and brandable. The portal itself will be Websense branded for

now.

End user portal shows historic emails. Includes Inbox, Sent items folders.

Retention policies can be set by the admin.

Admin can define if end users will be able to reply-all, forward, compose, add attachments etc.

New Dashboard for ESG/ESGA

Improved layout, flexibility, and a more unified look and feel similar to WSG/A

Fully customizable dashboard; drag drop chart positions

Create and customize your own dashboard tab.

Customizations are saved for each admin user.

Over 50 charts to pick from. Chart picker shows a preview.

Zoom-in and take a close-up view of each of the charts.

Customize the chart type, time period and labels.

Data categories can be customized in select charts. ThreatScope

Phishing Education support extended to ESG and ESGA, in addition to CES

Provides risk exposure insight to the organization.

o Value reports

o Top phishing campaigns

o Targeted attacks

o Top repeat phishing victims etc.

Pre-build educational material template

Customizable notification pages for phishing education

Local language support

RiskVision for Email

ESG via SPAM port for sniffing SMTP traffic

Requires dedicated V-series appliance

This is a POC version to enable sales to perform POCs and competitive bake-offs.

The product is designed to hook on to the customers existing infrastructure without the need to

disrupt the existing email flow.

Leverage ACE engine for threat detection includes all analytics including Anti-malware,

Threatscope file sandboxing




Image Analysis risk can be measured before enforcing corporate compliance policies.

Data loss prevention with incident management and reporting get complete visibility of time stamps, policies violated, source,

destination

HR and regulatory compliance policies including PCI, PHI can be monitored as well.

New for Data Security

Data Discovery for Microsoft Office 365 services (Exchange/SharePoint Online)

Secures IP or other sensitive information in Exchange Online and SharePoint Online through Data

Discovery

Data Security can now perform discovery on data residing in the cloud as well as on local or network

machines.

Discovery on SharePoint Online data and Exchange Online data (Office 365).

Enhanced identification of Malware Communications

New polices and classifiers enhance proactive data theft defenses

Windows 8.1 and Mac OS X 10.9 (Mavericks) Support

Enables customer Data Security policy implementation on the latest operating systems

Mac OS X Endpoint support for copy / cut / paste

Secure IP or sensitive information exfiltration through copy/cut-n-paste operations, including IM and email clients.

Citrix XenDesktop VDI support

Support for the DSS endpoint agent on Citrix XenDesktop V5.6 and V7

Enhanced administrator and incident analysis auditing

Primarily for EU compliance

Data Security offers a variety of new ways to protect employees' right to privacy and ensure that your organizations IT security

compliance policy is not being breached.

New For X10G Appliances

User Interface Update

Command Line Interface (CLI) replaces Graphical User Interface (GUI)

Sentence CLI is easier to understand and integrate with other tools/scripts

Architecture Upgrades

Hardware has been re-partitioned for performance optimization

Operating System is upgraded to Cent OS 6.5 64 bit

Network Agent is not supported in this release (If user has NA on blades it needs to be copied to

another server)

Migration from prior software version to 7.8.2

It is complicated and we need to provide support for every migration case.

Technical documentation available for existing X10G customers for how to back up the configuration files and migrate them to

re-imaged X10G

partner guide to whats new in 7.8.2.pdf

Documents