Netskope Global Technical Success (GTS)
Best Practices - Allow All Web Traffic
Netskope Cloud Version - 125
Objective
Provide an overview of best practices for securely enabling unrestricted web access.
Prerequisite
Netskope SWG / NGSWG license is required
Context
A customer may have a use case where unrestricted internet access is required for IT, executive users, or other specific individuals. In such cases, what is Netskope’s recommendation for securely enabling unrestricted web access?
Do You Know?
- As of April 30, 2025, Netskope maintains a set of 132 predefined web categories, with every internet destination classified into one of these categories.
- List of Netskope predefined web categories - Link
Details
- Netskope does not recommend providing unrestricted internet access without proper safeguards.
- Prior to enabling such access through Realtime policies, baseline security policies should be implemented to mitigate risk.
- Netskope recommend Realtime policy structure
- Unrestricted Internet access Realtime policy should be below Threat & Utility
Policy Order | Action | Ref. | License Required |
| DOH Block Policy | Block | SWG / NGSWG | |
| Patient Zero Policy | Block | Advance Threat Protection | |
| Threat Protection Policy | Block | Standard Threat Protection | |
| Security Risk | Block | SWG / NGSWG | |
| ITAR (International Traffic in Arms Regulations) | Block | SWG / NGSWG | |
| RBI (Remote Browser Isolation) | Isolate | RBI | |
| Online Ads | Block | ||
| Unrestricted Internet access | Allow | Image 1 | SWG / NGSWG |
- Unrestricted internet access Realtime protection policy
Path: Netskope Tenant UI >>> Policies >>> Real-time Protection >>> New Policy
Image 1
Author Notes
- Customers without an Advanced Threat Protection (ATP) or Remote Browser Isolation (RBI) license should block the following web categories and associated activities to maintain security.
Category: Newly Released Domains, Newly Observed Domains, Uncategorized, Parked domains, Unreachable, Miscellaneous, and Web Hosting, ISP & Telco, Shareware/Freeware
Activities: Upload and Download
- It is recommended to review - Best Practices - Managing RealTime Policy Structure
Terms and Conditions
- All documented information undergoes testing and verification to ensure accuracy.
- In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.
Notes
- This article is authored by Netskope Global Technical Success (GTS).
- For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.