Netskope Global Technical Success (GTS)

Remote Access – Restricted Access to Specific Applications Only

Netskope Cloud Version - 125

Objective

Restricted access to specific Remote Access applications

Prerequisite

Netskope NGSWG / CASB Inline license is required

Context

• Netskope generally recommends blocking unsanctioned Remote Access applications. This document provides guidance on configuring Realtime protection policies to permit access to sanctioned remote access tools while preventing the use of unsanctioned ones.

Do You Know?

• As of April 30, 2025, Netskope has identified ~64 cloud applications categorized under 'Remote Access’.

Configuration

Use-case: Microsoft Azure Virtual Desktop is designated as a sanctioned remote access application, while all other remote access applications are considered unsanctioned.

• Mark Microsoft Azure Virtual Desktop as Sanctioned

Note: By default all applications are marked as Unsanctioned. IT team at customer end has to identify the IT approved applications and mark them Sanctioned

Path: Netskope Tenant UI >>> App Catalog

\

• Create a Realtime protection policy

Path: Netskope Tenant UI >>> Policies >>> Real-time Protection >>> New Policy

1st Policy

2nd Policy

Terms and Conditions

• All documented information undergoes testing and verification to ensure accuracy.
• In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

Notes

• This article is authored by Netskope Global Technical Success (GTS).
• For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.