Skip to main content

AD_4nXdoJ4Q9FNg35zw8k-gvJGEtP7gn2xZPxoqcJIKwBKm0Qgz_UCh0ZTRpnWT_YrthKBgwOJEc7atiHTJpPPVZlkkzoeDJs_bKaCLdUOPjsSlkvsYOd_-8r081vuzHWcoKA_wSoEFG?key=TghNBl4vvpc4x_XkKUFLIyZH

Netskope Global Technical Success (GTS)

How to Restrict Website Access on Brave Browser

 

Netskope Cloud Version - 121

 

Objective

Block access of all websites when access is attempted from Brave browser

 

Prerequisite

Netskope Secure Web Gateway License is required 

 

Context

Organisations might have requirements to allow usage of specific browsers within the organisation. As a result, free source browsers need to be blocked for security reasons. This article will demonstrate the process to block brave browser.

 

Do You Know?

  • Netskope acknowledges Brave as a Cloud Application that provides internet security tools such as browsers and search engines
  • However, there is no dedicated connector specifically for Brave browser which users can use to block traffic originating from Brave Browser
  • This article will guide you through the process of blocking access of any websites from Brave browser

AD_4nXcIDuwdj-0l2Ks_Q1CU1NPIKHTfybb_kped9zyBFamDY7-6pOwbDpUgab3ASSQ7JIJOFh9NITnRgUuvjVi5V9JM4JybweT_oAkXR9vC0TuRbRBOwiH-ShlR4qKWi6ZNJfhzAn-Ydg?key=TghNBl4vvpc4x_XkKUFLIyZH

 

Why consider blocking Brave Browser?

Organizations may block Brave Browser for several security and operational reasons:

  • Bypassing Content Filters: Brave's built-in ad and tracker blockers can interfere with monitoring or filtering solutions, allowing users to bypass organizational policies.
  • Privacy Features: Enhanced privacy tools (like Tor integration) can obscure user activity, complicating compliance with monitoring requirements or security policies.
  • Potential Data Exfiltration: Brave's focus on decentralized tools, such as IPFS or cryptocurrency integration, might introduce unknown vectors for data transfer or malware.
  • Limited Control: The browser's design reduces visibility into user behavior, which might conflict with IT governance standards in enterprises.

 

Lab Recreate

  • Brave browser has a unique search pattern that utilises “search.brave.com” in every search match happening on the browser’s search bar
  • We will leverage this logic to define a regex that will look for “search.brave.com” on the browser’s search box and then create a Real time protection policy to block all traffic when this regex matches.

AD_4nXfv0r_YTCiFTBXG1-94Rq7X3xFothk2k0BkU49lqg8ul4QGK2xEJBF6iA6RflnjIwlPIE8jG864Su_e3xy-LZmf7bn79Rt_Jbedrp60ENfdR4TF6_3wpzr1JozghQCjmNXAn32Z?key=TghNBl4vvpc4x_XkKUFLIyZH

 

  • To validate the regex you can use Regex Tester Tools. Please note that Netskope’s URL list regexes use a specific format. Learn more about the same using this link

AD_4nXcCFBISeyk0loCGYR7CbMBiaXtYAZJrHPNrNEZFVSl3qXyamtD49-7pFiiOAci7Ij8jqtS1xkO0v6Azuck1kBw3imqrraYPD0SUV1i-s-PS9PclPKOd06FeLbJNgJG6iYG13scu4Q?key=TghNBl4vvpc4x_XkKUFLIyZH

 

  • Realtime protection policy:

Step 1: Create a custom URL list to match “search.brave.com” on the search engine panel

Path: Netskope Tenant UI >>> Policies >>> Profile --- URL List >>> New URL List

AD_4nXdZ0bmIQs2hvKt8YCjhwnOhzhQRwv0VFcGLAOoScLTfbY2hSxP9bFwU0zsIslbkBSz7ycFKHHu7dCeCMx97latcfb0H6lZoC8ozkdi9-MgavEywtE17Hi30epJuigIEJ8NQL__x-w?key=TghNBl4vvpc4x_XkKUFLIyZH

 

Step 2: Now Create a custom category using the Custom URL list created in Step 1

Path: Netskope Tenant UI >>> Policies >>> Profile --- Custom category >>> New Category

AD_4nXcnbAalxVuzAWfFRj3aJ0XwQun-qVpQfmYaUaQBJsauZYVIFlVjV291-X4ORNdOChuJkDEFLe3Kozo_67JwPuBYcB711IeYgZbMUGzUdaADZQBm_S0ZTKJ7pwIqZJzBXyWdwdHDbA?key=TghNBl4vvpc4x_XkKUFLIyZH

 

Step 3: Now go to the Real time protection policy page under Policies - Real Time protection policies - Web and create a Real time protection policy as shown below: 

Path: Netskope Tenant UI >>> Policies >>>Real-time protection >>> New Policy

 

AD_4nXfs8kGjGzxcrRM6hP8AttwPhhH0OpUFkFDIb3rq4efcqW7kLijazhEYppK86JXw0yJrj4Ht8aS3kvd14lpD_GZSbLtqyXSOw7jHmEaTHayJ7fGWKlbZSDWQaI0FQD6b8k-rksZjMQ?key=TghNBl4vvpc4x_XkKUFLIyZH

 

 

Verification

When a user tries to access any site from brave browser, the access will be blocked

AD_4nXeqb29N06aNdHZN_2QE5ngu5ilCOvA2CmCIgkJ_lh9XN1HhsrCh86bDgEf-MF2fDlwnLrS483YdL_v5gsHxZkPZXjn0SZtCJydA_xPUQ1tZ0RhSk1S2CI55JgNeoHmAH36p_DR-eA?key=TghNBl4vvpc4x_XkKUFLIyZH

Note - The above template can be customized as demonstrated in this link

 

Terms and Conditions

  • All documented information undergoes testing and verification to ensure accuracy.
  • Netskope Engineering is continuously working on product enhancements. In the future, additional controls may become available to address some of the limitations mentioned earlier. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.
  • In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

 

Notes

  • This article is authored by Netskope Global Technical Success (GTS).
  • For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.

 

What to Read Next?

User Notification - User Alert for Non-Sanctioned Application

Link

Setting up keyword based blocking on search engines

Link

How to block parent domain while allowing sub-domains

Link