Hello Folks,
Below you can find a recap of questions asked at the office hours sessions last week and those sent in that we were not able to cover at the session. Feel free to comment and continue the discussion, as well as attend future sessions that can be found on the Community Events Calendar!
Q: I’m new to Advanced Analytics. How and where can I start my journey?
A: Netskope Advanced Analytics - Getting Started will help you get started quickly. More details can be found from our YouTube Channel. We highly recommend starting with existing dashboards, either in the library or community. Tags can help you find dashboards you are interested in. You can explore any dashboards based on your needs, and customize them in your environment. You can also find tons of resources (e.g., hot topic discussion, dashboard intro, and upcoming AA events, etc.) here on the Netskope Community. On July 13th, 2023, we will be hosting a “Getting started with Advanced Analytics” webinar specifically geared for customers looking to learn skills to use Advanced Analytics as beginners. Register here: https://community.netskope.com/t5/North-American-Events/Netskope-Advanced-Analytics-A-guide-to-Getting-started/ev-p/5912
Q: I’m very interested in the AI application usage in my organization. Can Advanced Analytics help me with this?
A: Sure! We’ve posted a number of "AI Usage" dashboard iterations on our community, but please check our newest AI Usage with Gen AI Category Dashboard which gives an overview of how users are interacting with Generative AI sites/apps/platforms. This dashboard is now available in the Netskope Library.
Q: Can I schedule a report to be delivered to someone else in Advanced Analytics?
A: Yes. There are multiple ways to do so. A basic way is to click the 3-dot button in your dashboard and hit “Schedule delivery.”
You can also do this by clicking the 3-dot button outside your dashboard and hitting “Share with Executives.” This feature allows you to share the dashboard with individuals without access to Advanced Analytics. By doing so, a temporary access to the dashboard will be assigned to the receivers. They will then be able to view and interact with the dashboard. For more on this check out a video on this feature: https://youtu.be/dNQq_w8xw9E
Not just the dashboard, a single widget (visual) can also be scheduled for delivery. In the explore window of the widget (visual), click the gear button and select “Save and schedule.”
In the pop-up window, select your preferred folder and hit “Save and View Widget.” You will then enter the edit mode of the widget (visual) to be scheduled for delivery.
Click the gear button again and select “Schedule.” The schedule page for this widget (visual) will appear.
In addition to the basic schedule features (e.g. time, receiver, format, filter, etc.), you can do something cool with “Advanced options.” For example, you can schedule the widget (visual) to be delivered only when there are results. This will be super helpful for some special use cases (e.g. get email alerts when malicious sites were detected in the last 24 hours).
Q: Are there any resources available for setting up the coaching prompts when accessing sites like Chat GPT?
A: We have a community post showing how to address ChatGPT access coaching:
Q: I have imported the AI Usage Dashboard and see Grammarly showing up on the list of AI Apps. Why?
A: The CCI definition for Grammarly states that it is an AI powered application. That’s why it appears on the list here. Additionally for other applications, the primary category might not show “Generative AI”, however it appears in the list because applications can have multiple categories one of which must be “Generative AI”.
Q: The AI Usage dashboard “Percentage of Users Accessing AI Apps” shows 0% yet “Users Accessing AI apps” has a count. It appears the first is only filtered by client traffic. This can be confusing to users who don’t understand the data. Do you have any suggestions?
A: This is likely because the total number of users accessing AI represents less than .5% of the population and the logic is rounding this number to 0%. The AI Dashboard Troubleshooting Guide from our community can help to explain this and some other common issues. Don’t forget that you can always import the dashboard to your folder and further customize it based on your needs. E.g. remove visuals that are confusing for your audience.
Q: How do you address the privacy risks that are associated with TLS decryption?
A: As a best practice, Netskope recommends bypassing decryption of the financial and health sites employees would use to protect their privacy, but ultimately each company makes these decisions based on their risk tolerance vs. privacy balance. Use the “SSL Inspection'' dashboard in the Netskope Library to understand how much and which traffic is being bypassed.
Q: Can I get visibility into SSL decryption in my environment?
A: Of course! The SSL Inspection Dashboard in Netskope library will be a good choice. The dashboard can help you explore SSL traffic inspected vs. bypassed in your organization.
Q: Is it possible to get the usage of certificated pinned apps bypassed in Advanced Analytics?
A: It depends on whether they are tunnel bypassed. If the app is not tunnel bypassed, the traffic doesn’t go through our proxy, so the Netskope backend (or Advanced Analytics) will not know the amount of traffic “bypassed” due to tunnel bypass. If the app is tunnel bypassed, you may potentially be able to see traffic by applying the filter “Bypass Traffic = Yes” in the Page Events data collection. For certificated pinned apps, you may also apply the filter “Browser = Native.”
Q: How does SSL DND differ from tunnel bypass?
A: SSL Do Not Decrypt (DND) is specified for “domains” (e.g. do not decrypt traffic to xyz.com). It cannot be defined on a .exe level. Tunnel bypass is done on the steering level, which can be specified on a .exe level (e.g. bypass abc.exe).
Q: How can I use Advanced Analytics with CFW? What are the benefits?
A: The primary benefit of using Advanced Analytics with CFW data is to do discovery and to better understand the CFW setup in your environment. The Cloud Firewall Discovery Dashboard in Netskope library can be a starting point on this topic. You can also find a new version of this dashboard from our community which focuses on allowed vs. blocked CFW traffic.
Q: I would like to know more ways I can get insight into SaaS apps we access?
A: When it comes to SaaS app usage in your organization there are a number of interesting topics and questions that Advanced Analytics can provide insight on. Here are few below:
- What SaaS apps are in use? Are they risky? Are they managed? To answer these questions check out the Cloud Risk Assessment - QBR dashboard.
- Is there application redundancy? E.g. Are there 40 different cloud storage applications in use when everyone should be using the corporate cloud storage app? To address this question, leverage the Category Summary dashboard in the Netskope library.
- Is there sensitive data moving to sanctioned or sitting in unsanctioned apps? Check out the Risky Data Movement and App Instance Overview dashboard on the community page
- What new & unused SaaS apps do we have? Use this dashboard to understand what new applications appeared in your environment, or what applications are no longer in use: https://community.netskope.com/t5/Advanced-Analytics-Dashboard/Identify-New-Applications-in-your-environment/ba-p/5972