Google Gemini - Block Native Client on iOS

Netskope Global Technical Success (GTS)

Google Gemini - Block Native Client on iOS

Netskope Cloud Version - 123

Objective

Block Google Gemini Native Client on iOS

Prerequisite

Netskope CASB Inline or SWG license is required

Context

Google Gemini can be accessed through its web platform and native client. Google Gemini Native Client is available for the following platforms:

Android
iOS

This document focuses on Netskope's ability to Block the Google Gemini Native Client on iOS.

Do You Know?

Netskope acknowledges Google Gemini as a Cloud Application and provides a pre-defined cloud app connector.
As of 4 March 2025 with Netskope’s Google Gemini predefined connector, customers can exercise control over the following activities:

AD_4nXemIgu3yX5trjFoQwK4e9GnwneiQicFfA2Ry1hWmiaUvdZMCHukAh6W8eq9yHFdD-B0LKqXHvxyWzaQGlQK12mIAji990tGPIXwxS3rxr7yQtKJVR34tPVPgqk3hw3HRzwcnS17zQ?key=M84Xmg3_aUCWXaTc2KKrWo9-

Lab Recreate

1.Create Certificate Pinned Application for iOS Platform with the definition as

bard.google.com, gemini.google.com, generativelanguage.googleapis.com, push.clients6.google.com, appsgenaiserver-pa.clients6.google.com

Path: Netskope Tenant UI >>> Settings >>> Security Cloud Platform >>> App Definition >>> New Certificate Pinned App

Note: Here you need to define the Platform where the application will be used, if needed for another platform then need to repeat the process.

2. Create an Exceptions, while the action will be set to block as follow

Path: Netskope Tenant UI >>> Settings >>> Security Cloud Platform >>> Steering configuration >>> Select the Steering Configuration Profile you wish apply controls to >>> Exceptions >>> New

AD_4nXedq0wC97x0xhw-DMUngD8-yExqSwWLkehzg74YhU_f5hprQzb09-l1qvgjvjur1hwMtMnlB-hPkpT6dZky6rcQafnibHSFbLfCZY_OsrbS6M6iHjwZjUFdapPxeXnY8IeSOeU21g?key=M84Xmg3_aUCWXaTc2KKrWo9-

Select the above created Certificated Pinned Application
Under Custom App Domains - *
Select - Block

AD_4nXdBNJSlKUrBnQnKZadH2El2KJLdwvFFGTSKOLwykpwpE3ZcqPFoxEx66uQkKy_YvUPXHTdP6wmePqVpk70o87XyH0EiOaRdA29eZaoueHRedAazvjGvuImfGzeodgry7KQRa34g?key=M84Xmg3_aUCWXaTc2KKrWo9-

AD_4nXePjfODL5xKnS1W_JPMypMnhm6r2zt3qSgFE88cptYSBgRq4MIcjQq_sPVlw6U0q8ZdAvLIu3E0wD1yziaZOC8VuuHbMc0PQVVgJ6xcbZw2it_dRo7pcIkRTvFf_4C8WZowIlhi?key=M84Xmg3_aUCWXaTc2KKrWo9-

Note: Once the edition on the steering configuration profile is saved, please ensure that Netskope Client is up-to-date by setting an icon, go to its configuration, and make sure there are no pending updates.

Verification

1. Try posting a message and You should notice that the application will not be able to initiate as well as new messages will not be sent/received nor Upload/Download.

You should see the below ‘Blocked Events’ in netskope clients block event

For further verification, you can find ‘Block’ logs in Netskope Client logs

File Name-nsdebuglog.log

Terms and Conditions

All documented information undergoes testing and verification to ensure accuracy.
In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

Notes

This article is authored by Netskope Global Technical Success (GTS).
For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.

Be the first to reply!

Netskope Global Technical Success (GTS)