Skip to main content
  • EN

I am writing to ask that the Community contact their Netskope representative and and indicate your interest the Request to Enhancement that has been stalled:  "NPLAN-112: Apply steering configs based on priority in multi user machines. "

 

You might not have noticed this, but if you have multiple users on one machine, Netskope may not be providing them with the correct steering config.  This is most noticeable when you are in the midst of CASB to SWG, but can occur otherwise too.

 

  • In a multi-user deployment mode, if the logged in users belongs to different OUs or user groups, the Netskope Client applies the steering configuration corresponding to the user most recently logged. Ensure all the users belong to a single OU or User Group for a multi-user machine.

 

https://docs.netskope.com/en/steering-configuration.html#UUID-eae29f38-85d9-fd13-74c9-077e1ef74513_section-idm4585568446828833492110209816

 

Here is a way to interpret this:   

  1. When the client has been installed in multi-user (peruserconfig) mode and there are multiple users interactively logged into the same device simultaneously, the steering config of all users will be that of the last user to login to said device.
  2. When the client has been installed in multi-user (peruserconfig) mode and there have been multiple users who have previously logged into the same device, the steering config of the last user to login will be applied to the next user to login to said device.

I believe #2 applies until the time the client checks for updated policies, then the new user's steering config is applied.   This would explain a scenario we've seen recently where a restricted user is able to some sites that their policy prevents access to, but the HelpDesk user who had just tested from the same device had been permitted.

 

We would like this too. in addition, we would like this addressed for client config as well. [NPLAN-125]

Reply


Terms & ConditionsCookie settings