Ask the community

New bee to Netskope

bpathak
New Contributor II

Hi All,

We are new bee for netskope and started implementation recently.

If I may ask top 5 lessons learnt from some of the projects which we should watch out for a new implementation, that could give us good kick start.

 

Appreciate your help and looking forward for active participation in community.

Thanks

Brijesh

2 Solutions
freestlz
New Contributor II

Each IPSEC tunnel only supports 10 sa - each subnet is two sa. one for port 80 and one for port 443

  • This was important because we couldn't gradually flip over subnet by subnet to the VPN tunnels, it had to be the entire /8 subnet at once.

For Azure SCIM importing, make sure email = UserPrincipalName and not mail field.

  • This will be helpful if you have AD users with third party emails or user without email filled.

Make sure Zoom and any voice traffic is bypassed from the Netskope client and IPSEC tunnels.

View solution in original post

bpathak
New Contributor II

Thanks much Julie

View solution in original post

10 Replies 10
agarcia
Netskope
Netskope

What products will you implement?  NGSWG? NPA? CASB? DLP? 

bpathak
New Contributor II

I should have mentioned that earlier, we are implementing NGSWG and NPA.

kvarshney
Moderator
Moderator
bpathak
New Contributor II

Thanks Much

wilson
New Contributor III

Regarding SWG - test and document your findings.

Netskope is rapidly expanding to new features to stay competitive in the industry.

Documenting your findings will ensure that when behavior changes you can exactly point out to Netskope.

wilson
New Contributor III

If you haven't signed up for it, considering getting the top tier of their support, including a TAM.

SWG is intrinsic to your business, and you do not want to be an general support pool when things go haywire.

Remember their support model for speed of solution is if the problem is universal to them, not just something solely affecting you.  (ie, if you have something major not working, while you consider it imperative (and could escalate) their SLA is dependent upon the impact to ALL customers.

JulieB
Community Manager
Community Manager

Hey, @bpathak.

 

I just wanted to say hi and welcome you to the Netskope Community—I'm Julie and it's a joy to have you here.  This is a great question to ask the Community!  

 

To help you on your journey, I have a tip for you on using the Community...  make sure to subscribe to the forums that are important to you!  🌟

 

Julie Brancik Senior Manager, Community Operations
bpathak
New Contributor II

Thanks much Julie

freestlz
New Contributor II

Each IPSEC tunnel only supports 10 sa - each subnet is two sa. one for port 80 and one for port 443

  • This was important because we couldn't gradually flip over subnet by subnet to the VPN tunnels, it had to be the entire /8 subnet at once.

For Azure SCIM importing, make sure email = UserPrincipalName and not mail field.

  • This will be helpful if you have AD users with third party emails or user without email filled.

Make sure Zoom and any voice traffic is bypassed from the Netskope client and IPSEC tunnels.

bpathak
New Contributor II

Thanks much

Subscribe

In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below

Sign In