Web Security Service

help Help pdfs
English

Verify
WSS
 Connections

After configuring access to the
Web Security Service
, verify that the service is receiving and processing content requests.
This is a generic section that demonstrates connection by multiple connectivity methods. Also see Verify Mobile Connections.

Verify Client Protection

From a client system that has web access (or the specific test client if so configured), browse to the following site: 
test.threatpulse.com
The test is successful if you see the following webpage.
Verify Web Connection

Fixed Locations

  1. Navigate to
    Connectivity > Locations
    .
  2. Verify the status of each location.
    Verify Connections
    • A—If the location is currently is referenced in an Authentication Location or Content Filtering policy, click the
      references
       link to see which ones. From the dialog, you can go directly to the reference in the portal.
    • B—Click the
      Data Center Connections
       link to view Location Status Monitoring details, such as connection date and bandwidth use.

About Location Status Monitoring

WSS
 can receive multiple tunnels from each of your locations. Location Status Monitoring provides the current connection status for each tunnel. Consider the following example.
Location
Corporate-A
 has recently connected through two tunnels: one to the
San Jose
 datacenter and one to
Seattle
. Currently, the San Jose tunnel is connected, but the Seattle tunnel is not. Click each link to learn more details.
In these examples, we see the following:
  • The San Jose tunnel is active and receiving data.
  • The date and time when the Seattle disconnected.

Connection Icons

Location Service Monitoring is not designed to be a complete connection diagnostic tool. Tunnels connect to WSS as necessary. A disconnect does not mean there is an issue. 
Icon
Connection Status Description
Green Check Mark
WSS
 recognizes the location and accepts web traffic.
Disconnected Icon
A previously successful web gateway to
WSS
 configuration is currently not connected. If you suspect there is an issue on the client side, check the following.
  • Firewall/VPN
    • Verify your firewall’s public gateway address.
    • Verify that the Preshared Key (PSK) in the portal matches that of your firewall configuration.
    • Verify that the server authentication mode is set to PSK.
  • Explicit Proxy
    • Verify the PAC file installation and deployment.
    • Verify that your network allows outbound requests on port
      8080
      .
    • Do not attempt to use Explicit Proxy in conjunction with the
      WSS Agent
       as the client will detect that a proxy is in effect, assume a man-in-the-middle attack, and fail (open or closed depending on the settings).
  • Proxy Forwarding—Verify that the gateway address in the forwarding host is correct.
  • Remote Users—Verify the
    WSS Agent
     installation. See the section below for more information.

Remote Users

Navigate to 
Connectivity > Agents
.
WSS Agent
To further verify that the agent in running on remote clients and communicating with
WSS
:
  • For
    WSS Agent
    , see About the
    WSS Agent
     UI    .
  • For
    Unified Agent
    , click (or double-click) the application icon in the menu bar and click
    Status
    .
Windows (UA)
Verify Windows UA Connection
If the system detects a corporate network that provides web access and security, the
Unified Agent
 enters passive mode.
UA passive
Mac (UA)
Mac client verify
If the system detects a corporate network that provides web access and security, the
Unified Agent
 enters passive mode.
Mac client passive