I have an SRX650 here which uses a utm policy to vet user browsing via websense. Its my understanding that websense is queried for each url before the session is permitted. My question is, is it the end user's PC or the SRX itself which queries Websense? If the SRX, which ip address or interface would it use as source?
Here is the config:
set security utm feature-profile web-filtering type websense-redirect
set security utm feature-profile web-filtering websense-redirect profile websense server host 10.1.1.3
set security utm feature-profile web-filtering websense-redirect profile websense server port 15868
set security utm feature-profile web-filtering websense-redirect profile websense sockets 3
set security utm utm-policy utm-websense-001 web-filtering http-profile websense
set security policies from-zone corp-zone to-zone dmz-zone policy corp-to-dmz-090 then permit application-services utm-policy utm-websense-001