New bee to Netskope

bpathak · ‎02-06-2023

Hi All,

We are new bee for netskope and started implementation recently.

If I may ask top 5 lessons learnt from some of the projects which we should watch out for a new implementation, that could give us good kick start.

Appreciate your help and looking forward for active participation in community.

Thanks

Brijesh

freestlz · ‎03-10-2023

Each IPSEC tunnel only supports 10 sa - each subnet is two sa. one for port 80 and one for port 443

This was important because we couldn't gradually flip over subnet by subnet to the VPN tunnels, it had to be the entire /8 subnet at once.

For Azure SCIM importing, make sure email = UserPrincipalName and not mail field.

This will be helpful if you have AD users with third party emails or user without email filled.

Make sure Zoom and any voice traffic is bypassed from the Netskope client and IPSEC tunnels.

View solution in original post

bpathak · ‎03-12-2023

Thanks much Julie

View solution in original post

agarcia · ‎02-07-2023

What products will you implement? NGSWG? NPA? CASB? DLP?

bpathak · ‎02-07-2023

I should have mentioned that earlier, we are implementing NGSWG and NPA.

kvarshney · ‎02-07-2023

watch our weekly workshops - live or recordings

https://community.netskope.com/t5/Community-News-and-Announcements/Weekly-SME-workshops-in-2023-sche...

Kaushal

bpathak · ‎03-12-2023

Thanks Much

wilson · ‎02-08-2023

Regarding SWG - test and document your findings.

Netskope is rapidly expanding to new features to stay competitive in the industry.

Documenting your findings will ensure that when behavior changes you can exactly point out to Netskope.

wilson · ‎02-08-2023

If you haven't signed up for it, considering getting the top tier of their support, including a TAM.

SWG is intrinsic to your business, and you do not want to be an general support pool when things go haywire.

Remember their support model for speed of solution is if the problem is universal to them, not just something solely affecting you. (ie, if you have something major not working, while you consider it imperative (and could escalate) their SLA is dependent upon the impact to ALL customers.

JulieB · ‎02-13-2023

Hey, @bpathak.

I just wanted to say hi and welcome you to the Netskope Community—I'm Julie and it's a joy to have you here. This is a great question to ask the Community!

To help you on your journey, I have a tip for you on using the Community... make sure to subscribe to the forums that are important to you! 🌟

Julie Brancik Senior Manager, Community Operations

bpathak · ‎03-12-2023

Thanks much Julie

freestlz · ‎03-10-2023

Each IPSEC tunnel only supports 10 sa - each subnet is two sa. one for port 80 and one for port 443

This was important because we couldn't gradually flip over subnet by subnet to the VPN tunnels, it had to be the entire /8 subnet at once.

For Azure SCIM importing, make sure email = UserPrincipalName and not mail field.

This will be helpful if you have AD users with third party emails or user without email filled.

Make sure Zoom and any voice traffic is bypassed from the Netskope client and IPSEC tunnels.

bpathak · ‎03-12-2023

Thanks much