In Netskope we can integrate CrowdStrike in two ways: one way is Integration using Cloud exchange. and another way is integrating CS under Settings> Threat Protection> CS (EDR).
So, what is difference between these two ways and which one is more effective?
The Cloud Exchange integration is the current recommended method of integration. The direct integration in the UI (is legacy) and has been phased out and is not available or shouldn’t be for new tenants. You get more value out of the integration IMO from the Cloud Exchange integration.
Hi
Thank you for your reply.
Is there any document there stating about phased out of direct integration in the Netskope UI?
Not that I am aware of, I just know its been the recommended method for years now since CE has came out and I know with any new tenant the option has been “removed”.
Isn't the CE method for sharing IOC’s and the tenant integration for remediation profiles?
@nduda that is correct however that method has been deprecated at least on newer tenants.
Is it that its depreciated or just needs to be enabled? I’m not seeing this as depreciated in the docs, only that you need to have it enabled. I do agree that CE can handle this also but for customers not down to deploy CE yet this is still an option.
https://docs.netskope.com/en/integrating-crowdstrike-for-edr/
If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
