Hi @munster ,

There is a predefined category "Uncategorized " which can be added to the policy by setting the action as block.

Zulkifal

Providing a customer perspective on blocking uncategorized domains. Don't do it! The sheer volume of websites Netskope detects as uncategorized is pretty large. There are also tons of uncategorized websites that chrome extensions and other applications use (over 80/443 using browsers) that will cause things to break. I would encourage using a coaching page that allows users to understand the risks of browsing uncategorized while giving them the ability to proceed. Furthermore, use Remote Browser Isolation for uncategorized is also a great compromise that we have done for our users. We now feel with our defense-in-depth approach to malicious content and introducing phish-resistant MFA we now allow access to uncategorized domains.

I agree with @nduda . Blocking un-categorized sites can break multiple legitimate backend traffic. I've seen situations where Microsoft uses IP addresses instead of domains, and Netskope labels it as "Uncategorized."

Zulkifal

We see this also and had to build a custom URL list that applies before the uncategorized coaching stuff. Luckly we haven't had to update it much but here it is for those interested:

\b(?:\d{1,3}\.){3}\d{1,3}\b\/filestreamingservice\/files\/.*
\b(?:\d{1,3}\.){3}\d{1,3}\b\/.*\/filestreamingservice\/files\/.*
\b(?:\d{1,3}\.){3}\d{1,3}\b\/.*.intunewin.bin
\b(?:\d{1,3}\.){3}\d{1,3}\b\/.*\/ctldl.windowsupdate.com\/msdownload\/update\/v3\/static\/trustedr\/.*
\b(?:\d{1,3}\.){3}\d{1,3}\b\/pr\/.*\/Office\/Data\/.*
\b(?:\d{1,3}\.){3}\d{1,3}\b\/d\/msdownload\/.*