Alternative solution:
1. Go into the FW-1 Admin Console and create a workstation with the www.blackbaud.com IP address: 216.235.192.100
2. Insert an ALLOW ACCESS rule for the Blackbaud IP address BEFORE the WebSense rule.

After pushing this policy, you preempt all traffic to www.blackbaud.com, including the IE-specific ASP calls.