Security Health Check (Self-Service) Dashboard V2 Update
Updated the “Device & Client Management” section with visibility into “Client Supported Status,” which uncovers devices & users accessing unsupported Netskope client versions.
Looking to quickly pinpoint the security concerns in your environment? Take a look into our Security Health Check (Self-Service) Dashboard!
This is a one-stop dashboard which allows you to perform self-service health checks and to locate security concerns/gaps in your environment. The dashboard is expanded from 2 dimensions: 1) How Netskope is protecting your environment; 2) What Netskope is protecting your environment from.
The dashboard covers 9 major topics, which helps you identify & investigate:
NewEdge Network & Traffic Steering
POP utilization in restricted regions
Unexpected access methods
Device & Client Management
Users disabling Netskope Client
Old/unsupported Client versions being used
Alerts & Policies
Alerts, alert types, policies triggered
Top users triggering alerts (and the corresponding activities)
SSL/TLS Inspection
Low SSL inspection rate
Unexpected bypassed traffic
Coaching Policies
Incorrect/unexpected coaching policies detected
Justification reasons for unknown business needs
Application Risk Management
Risky & unmanaged apps being used
Allowed data movement to risky & unmanaged apps
Data Loss Prevention (DLP)
DLP alerts & policies triggered
Inappropriate actions taken by DLP policies
Publicly exposed files with DLP violations
User Behavior Analytics (UBA)
UBA alerts & policies triggered
Top users triggering UBA alerts
Threat Protection
Malware blocks
Allowed inline malware & impacted users
Policies allowing malware
Top web malware domains & cloud malware sources
Malicious site blocks
Allowed malicious sites & impacted users
Policies allowing malicious sites
Top malicious site domains & URL filtering categories
The dashboard is attached below. Feel free to import and view it in your own environment.
Found security concerns? Check out our CASB &NG-SWG Health Check Dashboards for recommendations and to-do.
Page 1 / 1
This is awesome and will be very useful to dig into things … I like having everything all in one place (even if takes a while to load it all lol). Thanks!
I just tried to upload this to a tenant running R120.1 and the process threw the following error:
Hi @hjw ! This usually happens when the device data collection is not enabled for your tenant. To confirm this, you can expand the data collection list in the “Explore” page and see if “Device” shows up. Let me know if it’s not there and I can help you enable that.
This dashboard shows an inaccurate count of Total users. We only have around 400 employees but showing over 3,000 Total users on this dashboard. Looking at the data its showing random users, like “ojqaymqsr_kuphl8mg9zta” and many non-employees (external to our domain).
Hi @nduda . Thanks for pointing this out.
The random user names are audit log data provided by the corresponding SaaS apps. To avoid this inaccurate/noisy data, you can set the “user” filter to “contains/ends with eyour company domain].” This will filter out random and external user names in the dashboard.
The dashboard attached above has been updated with the “user” filter. Feel free to try it out and let us know if you have any other questions.
Thanks @Aaron_Zhang - Any issue if I add in a filter that filters out “Fallback Action” from alerts? That accounts for most of our alerts and it’s really not an “alert”
@nduda No problem! You can definitely add an “Alert Name” filter, or any other filters based on your use cases, to filter out “Fallback Action” from the alerts in your environment.
While adding a new filter to the dashboard, please select “Advanced” in the control panel. This will allow you to set the filter to “is not Fallback Action.”
If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account
