Skip to main content
  • EN

AD_4nXcbDF2T16uTJda8n2ObvzxGqSJbYpj9f4p2KrLKfDTPKJR7h_TIDElgAMZYWm6bkCkjeHhjsp1A-ETvADHekmo4ZtRvy301k6NOtZJYjOeDnxRWU-z2h5-iFR6dbed8fpboIwat8T3OwR9sNBFpCwvjv9xlFOE_qhGc4sHi6mm5NQwhN4bfe5s?key=NMBBmxeI7GHuE7X_5xDEcQ

Netskope Global Technical Success (GTS)

Device Control - Bluetooth File Share For Windows

 

Netskope Cloud Version - 123

 

Objective

Netskope's current abilities to regulate Bluetooth file share for Windows devices

 

Prerequisite

Netskope Endpoint DLP license is required

 

Context

In this knowledge base article, we'll explore Netskope's capabilities regarding Endpoint DLP. We'll go through a use case to provide insights into both its capabilities and constraints.

 

Do You Know?

Endpoint DLP allows you to manage and govern endpoints to prevent sensitive content from being transferred to via Bluetooth, USB storage devices or printers. You can:

  • Govern endpoint devices by creating device control, content control, and file origin policies.
  • Monitor endpoint activities and block or trigger alerts when users insert or remove USB storage devices, transfer sensitive files to USB storage devices, set up and configure printers, and print documents.
  • Respond to incidents and alert the user of their actions.
  • Coach the user through custom notification messages by allowing them to justify their actions or cancel them.
  • Restrict file transfer via Bluetooth

 

Use Case Block all File transfer via Bluetooth

Step 1:

Path: Netskope Tenant UI >>> Settings >>> Security Cloud Platform >>> Client Configuration >>> Select The client configuration where you want to enable Endpoint DLP >>>  go to Endpoint DLP >>> Check the Endpoint DLP Checkbox and Save.

 

AD_4nXeDh9Tz-ostHnZBnwlxl_U40K6iCZynbO-9cO6ervA1c92HXMfdF8SIBAb460Udj7HbsMkY8Uj1n1p50vlViJdSnKkiGUCkmIej92I40Y3Spn4mto_Ug-UlZPdBwT62e3ns6NX42banfRcuRuPiujan_KLOTKVFWfhOoR8HYgx5nZ276hqPXPE?key=NMBBmxeI7GHuE7X_5xDEcQ

Note: make sure to restart the device after the EPDLP activation.

 

Step 2:

Path: Netskope Tenant UI >>> Policies >>> Endpoint Protection >>> Select Device Control

AD_4nXcEsoZ7bU8Se4L1DPEa7bCi5-NTRugSNNcdsBUJviPNhIaWXG5aUUDCF7-D_hmkhzkxeKyjNzAWyeKFp83m8nE5dynfI9GNKWgxDOxSdt0zpUD6SrRvf32Mxf8uVwt6dEYG_GqJQMFwAExNc5FJimjCb7dcSOJ3nRKdm-ZYwcAVel4rJuvL6Mo?key=NMBBmxeI7GHuE7X_5xDEcQ

On Devices, select Bluetooth File Transfer for Windows and select action Block, click Save.

AD_4nXekC9mCADiX4vjH6krEp2pNhYlfkzmKvaGIAQva1_QRWER87ux9efu39Vk1tFfw5haIGkf4NuvbS0d4593CZQ4eUhn7O4u6UlSyhy700zeZzRhNNkvjBMekYs3DHw2faWC-UNMVK3i6Is7Myl_BIsZE1vl7q3vmjAndZetj?key=NMBBmxeI7GHuE7X_5xDEcQ

 

Note: This policy uses features not supported on older client versions. Policies that use these features may not be evaluated on older clients.

  • Bluetooth File Transfer (Windows) is supported on client version R115

 

AD_4nXd2kqiQHYK1P5C4XpGaUzdmG8G-7EIIibfQiGnuWTz5aHpE4-5Dh5jv1vxWP25L1eORyhdaJe4qVNRlRQs6rs8FH4pYabQlUW6p2INKQuyMmB3rG1dW8nU9ChCcVrpdTHWX3PIaxQbKhZf6tLtOIsulXiNBNwWSkWDaQh_suw?key=NMBBmxeI7GHuE7X_5xDEcQ

 

Verification

For a quick policy test verification, please press win + R and type: fsquirt you will get the Netskope block message for Bluetooth

AD_4nXdz27OBrADqr7xytZQ6GSiopI9Q7fs5IsAdven8JGI8UZ4IlRterKpTupSzhuqNT697RRmkN2iESKJgiARSF-E4r1gwdcC_k1wHtP5TngDlyEFPsmP-WuArl3aZNL6lOxi1bcYcwLtWxMuXMhppeC5SUP8yxzs_5VMFGm_o?key=NMBBmxeI7GHuE7X_5xDEcQGo to SkopeIT >>

Endpoint Events and confirm the block is logged.

AD_4nXc-3JeHtGiEyPlSIBL4ALFrDmJWS5599XeMS7PDcqc1-bXgLInHXyyXceHKRYfx4EDKurvd5NDt1rGiDbuXiPP7t6eEoZNTkXq4bCvceeMnTpgBBGg5B0Ls0iPaJaN-y423k7nutIP2C5Gmvw3n19T3YClFgB8lF7rYHDAEZw?key=NMBBmxeI7GHuE7X_5xDEcQ

 

 

Question: How can I confirm the block action in NSlogs?

Answer: After downloading the NS logs, you will notice a file named “epdlp-diagnostics.zip.log.” Please remove the “.log” part, and the file will now appear as a zip file. Once you unzip the file, you will find a log folder inside, and the logs are located in the “epdlp_sys_log.txt” file.

Sample

2024/08/22 16:52:27.398 PolicyWorker.cpp:1456 7460 2372 info] PolicyWorker 4: evaluated event 74003428-5b95-471c-9644-ce52302c38c7 with result "match" with action "block" for rule "Blueatooth file Transfer for Windows" 

AD_4nXcI3uDJ7ynQ9CQYu0AEmv52pzi96VuZbDNu58936KtQTPt7Az87RrShzunNoTkp8qG3F8PeoPo06tB4tb1YlxzuFMbm3W4O_bsbBHoM6cH7Z3b7H0JwYpPgiZkvKjvcj2_NhSEyWYqWeTQHLpvzxibCKYjQDW5e7-85p_9SpQ?key=NMBBmxeI7GHuE7X_5xDEcQ

 

Terms and Conditions

  • All documented information undergoes testing and verification to ensure accuracy.
  • In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

 

Notes

  • This article is authored by Netskope Global Technical Success (GTS).
  • For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.

 

Be the first to reply!
Terms & ConditionsCookie settings