Unanswered questions

Hi all, I have a question, that maybe it’s already managed in other ways but I don’t know.I have many apps that use the same port, example 8080, but I need to have different application segment because of security access. Is there a way to do in a different way? For example my think is to have one or more application segment and one or more real-time policies but create a “service group” with the port number and indicate it in the police and not in the private application segment.

Hello Everyone,I have a few questions regarding External User Access to On‑Prem Exchange via Netskope Private Access or Reverse Proxy.We are using Netskope Private Access (NPA) to publish our on‑premises Exchange Server behind a Netskope Publisher. Currently, only managed devices with the Netskope Client are allowed to access OWA and Outlook, and unmanaged devices are blocked who don’t have Netskope agent Installed — this is working as expected.This behavior is working as designed and aligns with our Zero Trust access policies.We now have a requirement to allow external users to access Outlook or OWA from non-managed devices and we have not exposed our OVA to Internet.Could you please confirm the following: Can Outlook or OWA access for external users be provided using Netskope Private Access without requiring the Netskope client on the user device? is there any other supported approach  to provide external user access to an on-premises Exchange server? Thank you for your confirmatio

Hello all.In SkopeIT > Page Events, I have some doubts about the meaning of “session - duration”.For web traffic we have session duration great than 0 if we have some bytes exchanged and it’s value seems consistent with end - start interval. For CloudApp traffic we have session duration values that differ greatly from end -start intervals  So what does session duration represent for each traffic type with respect to end - start interval ?ThankyouFrancesco 

With Netskope client enabled, macOS machines are failing to sync to Intune.  When I disable the client the sync works as normal.  I have all of the predefined cert pinned app exceptions for both Windows and macOS in place, and Windows machines have no issues.I found this thread in the community pages that discusses this issue on Windows, and one comment briefly discusses macOS but the thread is closed and I can’t see any of the replies so not even sure if there is more info in here I that can’t get to.  I did create and additional custom cert pinned app for macOS and included the below processes, and added ‘*’ to bypass all domains.  Nothing is working though.company portalomadmclientintunemdmagentmdmclientcompany portalmdmclientwdavdaemon_enterpriseHas anyone figured out how to get Netskope to not interfere with Company Portal on macOS?

Hi Community Happy New Year :)  I’m keen to understand if a Publisher Reboot is necessary every time a change is made to the local host file when using it for DNS resolution of applications hosted in Azure? It seems like a Publisher reboot is required when adding in entries? Is there a service that can be restarted instead for the changes to take effect? I’ve had a scrounge through the Community and Documentation pages but haven’t been successful in finding any info. Thanks in advance.

Hi Team, Blocking login / post activity on clasue.ai portal is not working as expected. we see discovery only in the app catalog. we do not see the login traffic on Skope-IT/Application events. requesting you bring in this enhancement for claude.ai URL. more details on the case # 602972With regardsKarthikeyan N

Hi there,I am currently exploring the AI Guardrails and Red Teaming features.I've noticed that AI Guardrails allows for natural language-based configurations through the "Matched Prompts / Responses" feature. However, it seems that AI Red Teaming does not yet support performing attacks based on LLM natural language.Regarding this, I have two questions: Are there any plans to provide natural language-based or custom prompt attack capabilities within AI Red Teaming? Separately, is there a roadmap for a feature that suggests specific Guardrail configurations based on the "Failed" items in AI Red Teaming test results? I believe these features would greatly enhance the synergy between testing and mitigation. I look forward to your feedback.Best regards,

Hello CommunityHas anyone attempted yet to detect via Netskope endpoint agent traffic toward internet-facing Clawdbots AI agents exposed via unauthenticated public endpoints?thanksAndrea

Hello,I received the IoC list shared by my partner, but accessing it requires a username and password.However, for the Web Page IoC Scraper Plugin, credentials should not be necessary.Is there any alternative solution available?  

Anyone else seeing steering issues when it comes to Microsoft.  For general O365 traffic, getting steered.  But with Intune and some authentication traffic, its a mix of steered and non-steered (direct to Internet).  

Hi Team,Quillpad is showing unknow in CCL is it safe to allow this translation app to our users. In virus total I don't see any malicious tag to the application/website. Please check and suggest.   Regards,Zakeriya Shaikh

We've enabled the new transaction logs feature and sending it to our AWS S3.We have came across something which we wanted to point out which is the directory structure is in hours/days/month/year this is not how standard logging folders are created and is different from your old approach too. This can be an issue during manual searching or programatic querying in tools like AWS Athena. I suggest changing this to a normal directory structure to avoid these pains.

Use Case: Create reporting to show users who are and those who are not using paid subscriptions Assume there's three AD groups, each targeting a specific AI tool. For this example, we can say Copilot 365, Claude and ChatGPT.  Please help provide guidance to create resorting/dashboards for this example use case.

in one of our customer getting power shell attack in all users office 365 . how we can block .is it possible to block power shell access based on country using CASB or there is any other way to resolve this issue .

Team,Good morning. Is there a reason I'm getting DNS Leakage? Did I forget something in my configuration  See screenshots below.  All "DNS Traffic" is enabled in the steering configuration. DNS Profile is configured with resolver IP of 162.10.1.1 Real-Time Policy is configured. Thanks.  Expand Post

Hello,Is there a way we can create dashboard to track all the endpoints that are enabled vs disabled and the observed trend on how often does a user disable the client and enable it again (for example)? Thank you,Jennifer

I am struggling with the props.conf setup to pull web transaction logs via S3 bucket. I have set up per Stream Logs to Splunk - Netskope Knowledge Portal .This would replace my setup for using REST API v2 for transaction logs eventually.  I currently have logs going in parallel into a temp index for validation before cut over.I am using queries below to validate time stamp detection and proper data parsing. If you have this setup to your satisfaction, Can I request you to share your props.conf? Validation queries: #Check if _time matches x-cs-timestampearliest=-10mindex=nsweb_temp sourcetype="netskope:web:test"| eval payload_time = tonumber(coalesce('x-cs-timestamp','x_cs_timestamp'))| eval splunk_time  = _time| eval diff_seconds = splunk_time - payload_time| eval status = if(diff_seconds==0, "PERFECT", "OFFSET")| eval diff_abs_s = abs(diff_seconds)| eval diff_hms   = tostring(diff_abs_s, "duration")| table _time payload_time splunk_time diff_seconds diff_hms status| sort - _time| head

Does NS Client upgrade cause any impact on end user running traffic, especially on active web sessions, Audio/Video calls ? Version 132.0.7.2513_Windows 

User case :   Git Pull/Push basic commands does not work and throws connection timeout error when i enable NPA and even i have whitelisted git hub web site with ports 22,443 but when i disable NPA and use AOVPN it works . so need some advice ?Note: even i have enabled virtio proxy enabled at wsl setting but no luck 

We are supporting a client with two separate Azure tenants and using Netskope SSE for secure access. Our configuration allows certain Azure base URLs via NPA for PaaS services, while the Azure portal routes through SWG. We use the same client and steering configuration for users accessing both tenants.Observed Behavior:When accessing via GUI/browser, traffic is correctly segregated per tenant.When using CLI, traffic always routes to the primary tenant, even when attempting to access resources in the secondary tenant.CLI-based operations cannot properly enforce tenant-specific routing.Impact: CLI operations on the secondary tenant fail or incorrectly use the primary tenant context

Hello,We are looking to control access to a social media site with cloud app access real time policy. However, the site doesn’t exist as a selectable CASB cloud app today and we have to fall back to using SWG policy instead.The site in question is www.weddingpro.com.Can we get a new cloud application created for this website?Thanks,Nick