Netskope Community
07-20-2023 03:03 AM
Hello,
I am implementing a new proposal for Real Time Policies for Netskope, to follow best practices and reduce the number of polices to the minimum possible.
Currently, I propose a structure similar to this (+ other specific policies of allow, block, dlp, threat protection etc..):
But there are webpages that belong to a non-permitted category, but to which access must be allowed. The problem is they are webpages and not applications, I can't apply the "Sanctioned" tag. If I create a custom app with the URL of the webpage, it also does not allow adding the "Sanctioned" tag.
What is the best practice recommendation to resolve the situation? I can only think of creating a new policy that is allow access to a custom URL List, but it doesn't seem like a maintainable option over time, if the URL list grows too much.
Thank you so much!
Solved! Go to Solution.
07-20-2023 03:05 PM
Layering policies with a custom category allow-list is the only realistic option if the site is categorized correctly. If the site is not categorized correctly, you can request a re-categorization.
07-20-2023 03:05 PM
Layering policies with a custom category allow-list is the only realistic option if the site is categorized correctly. If the site is not categorized correctly, you can request a re-categorization.
07-25-2023 07:05 AM
URL lists, separately for allowed and blocked categories are what you need here.
Also remember we have a API to programmatically update URL lists - Many customers chose to maintain lists and patch them via these API.
I don't see threat policies in your list and it's recommended that you have threat policies right on top of the stack - Within the threat stack I'd recommend you do the following - this way you block risky sites and then for the rest you scan file ul/dls..
1. Block Security Risk
2. Malware scan for ul/dl
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In