Skip to main content
  • EN

AD_4nXenRDhgYwe8ApHIKaBDx1OgM9UrK88tY7_suDY56ycUwO7u7ZJ04MsnSm96krIn2bMfL0jATdnGPgJeoJyP5mrwPDFfRdAJBIMCY-x4LF8HJRzjX8DOE795nKaEmQZqG4wiIUSLlrnBzjdurlaZxREgWJEM?key=tk-z4BYUg-5s-kUgZZIasw

Netskope Global Technical Success (GTS)

Implementing Device Classification on Windows - Classification Criteria ‘Certificates

 

Netskope Cloud Version - 120

 

Objective

Create a device classification rule based on the Certificate option for Windows devices.

 

Prerequisite

CASB/SWG Inline

 

Context

The customer wants to create a Device Classification rule for Windows devices to classify them as "Managed" devices with a specific certificate.

 

Configuration

  • The next section is Step-by-step configuration.
  • For this document we are using Netskope certificates (Root and Intermediate)

Path: Netskope Tenant UI >>> Settings >>> Manage >>> Certificate >>> Signing CA

  • Customers can also use their own certificates; the process remains the same.
  • Important: “The certificate file must have a specific structure and be in PEM format. The Intermediate and Root certificates need to be combined into a single PEM file. The order of those two certs in that PEM file must be Intermediate first, and then Root below it.”
  • Reference - Device Classification for Windows

 

Step 1: Download the root and Intermediate certificates

Path: Netskope Tenant UI >>> Settings >>> Manage >>> Certificate >>> Signing CA

AD_4nXdUtSjzu8cqFghLHBB7bDR4bw61X-pHNhy05BWZYq3J_xaOavtoErunEgTlV_qCQN8WN3GvOG6vjZlXlIEwYJzFxZya5cr2amlOR9QGNC6ONAnLmyBmUnLmmAmj9JssfKVajIdNKXH6ys4Dwv7yGPegxqvv?key=tk-z4BYUg-5s-kUgZZIasw

 

Step 2: Please open both certificates with a text editor and paste the content of the Root below the content of the Intermediate. Save the file using the PEM format

Sample file name - NetskopePEMTest.pem

AD_4nXfAYq0JGxK_ycE5BkiSqIDXSYINzf3wNtMuq_L5cKlikVc_jGAboM2C5ffvIYJUkiRmkyzeVS1OwK041G0Avxh5cpYr-Hpt2CPEp1uNytViPrlWk39iXX82bS4CwXU8iGwPXb8ugMObHPnthj-XOKZkoEcT?key=tk-z4BYUg-5s-kUgZZIasw

 

Step 3: Please import the certificate to your Windows endpoint using the Chrome browser option to import certificates.

AD_4nXd6jMGWOzpJ_oe5yRjRhF6flb0HVVQ1TZSpJP-9BBro952qW9Vz7b0nUflExWUe5nvqYeVaGZo-7nkWhnZ3MZeX9XhwDBBcQEUZwzTZF9IYolkBGjoxBhk-bo5y6RFrNqKAJtYuFOUWTsTUmDU7jtQntees?key=tk-z4BYUg-5s-kUgZZIasw

 

Step 4: Create a new classification rule in Netskope. Upload the PEM certificate in this menu.

Path: Netskope Tenant UI >>> Settings >>> Manage >>> Device Classification >>> New Device Classification Rule

AD_4nXfXdgyBFH-FoEw06KQGOxVueNQr5jqi40QYu43T01JhfBUqpdoBalCQ8RndJ44Cxe3qfWFf4-94X1ODk2cm8lsbmJwteUnYxWGlD6WJXwewgldx6wvlVhinrAMerzczIrJ3C6zfnYujePtL-0jKcLcqCP8?key=tk-z4BYUg-5s-kUgZZIasw

 

Step 5: For testing on your machine, make sure the configuration is up-to-date by right-clicking on the Netskope Icon. It may take some minutes (5-10) for it to be completely updated and for the new Device Classification to be applied.

 

AD_4nXfFVSVkgFmw0MhcBq1H3hTnoSu-BKjBxq0qe6HHV9uTyLnmd3izkwVWgGJM8lF5CaX3PuN0WCX2Z0mf9tzBdBpIo71Kh-obWy3j1xPYyYKrFyjyCFGVWRaHL4QACgP2Sn1C7eMw0bR7MzpoHV2XBTdeJRs?key=tk-z4BYUg-5s-kUgZZIasw

 

Terms and Conditions

  • All documented information undergoes testing and verification to ensure accuracy.

 

Notes

  • This article is authored by Netskope Global Technical Success (GTS).
  • For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.
Be the first to reply!
Terms & ConditionsCookie settings