Netskope Community
-
Forums
ProductsCommunity Resources
-
Learn
Education, Training, Certification, and Thought LeadershipCommunity Resources
-
Groups
Community GroupsCommunity Resources
-
Events
Community Resources
- Support
- Netskope Community
- Products
- Next Gen SWG
- Re: [Getting Started] Best Practice Policies - Inl...
[Getting Started] Best Practice Policies - Inline
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2021 05:10 PM - edited 08-18-2022 12:55 PM
The intention of this document is to level set on the base set of policies, policy grouping, and policy evaluation behavior that is generally applicable to all inline(CASB/NS-SWG) customers.
We are also working on runbooks to accompany each of the policy groups highlighted in the presentation, which will be posted in the near future.
- Labels:
-
best practice
-
Guidelines
-
inline
-
policy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2021 10:02 AM
This is an incredibly valuable document. It would be fantastic if the tenant could be autoconfigured as a baseline. Short of implementing a feature, is that what a runbook would do (i.e. import a policy config)?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-26-2021 10:05 AM - edited 07-26-2021 10:06 AM
At this point, we don't have the Rest API end-point to automate this so this is the intention of the runbooks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-12-2021 11:12 AM
Justin, this is by far the best approach I have ever seen to ensure interoperability between real time policy types. We have adopted this approach with our clients at Optiv and it has been a huge success. Thank you so much for taking the time to put this together and communicating it out there to the Netskope community.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-24-2021 12:00 PM
Any chance there is a supporting video recording? This guide is great and was curious if there was any additional commentary while going through slides (mostly for education)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-24-2021 12:39 PM
Hi @ddrake , this session is best done in person with your TSM/TAM please reach out to your assigned TSM pool and they can assist with this session.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-15-2022 06:23 AM
Justin, this doc is great. I'm wondering if you can elaborate on the sanctioned instance tagging. In your doc you state "you have to tag the instance before you can set an
instance id policy. instance_id !~ 'NULL'" which is how Ive been identifying my sanctioned apps in the data but how do you tag using that query so it can be used in a real-time policy?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-15-2022 12:50 PM
Hello @ajentsch,
Thanks for the question 🙂 It seems that the query needs to be modified post-R90 MP, you can leverage this skopeit query, [instance_id != '' ], under application events to pull up all of the events with an instance id. Then you can review the list to tag the instances that don't have an existing Instance Name associated with the detected instance_id.
Please let me know if this helps.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- SSPM : Monitoring Salesforce Delegated Group settings with SSPM in Security Posture Management
- July Office Hours Recap in Advanced Analytics
- Best practice for tagging webpages with Sanctioned in Next Gen Secure Web Gateway (SWG)
- June Office Hours Recap in Advanced Analytics
- Securing Workday Accounts with Netskope Governance Language (NGL) in Security Posture Management
-
NG-SWG
23 -
SWG
23 -
NSClient
17 -
DLP
12 -
Next Gen SWG
11 -
NGSWG
8 -
netskope client
7 -
android
6 -
Client
5 -
cloud firewall
4 -
forward proxy
4 -
SSL bypass
4 -
sso
4 -
Support Mobiles
4 -
SCIM
4 -
GRE
4 -
Netskope Endpoint Client
4 -
Real-time Policy
4 -
URL List
4 -
users
3 -
Google Idp
3 -
Threat Protection
3 -
policy
3 -
Provisionning
3 -
DLP Violation
3 -
malware
3 -
categories
3 -
IDP
3 -
IOS
3 -
Groups
3 -
CASB
3 -
Certificate SSL
3 -
Decrypt SSL
3 -
skopeit
3 -
cfw
3 -
Azure
2 -
inline
2 -
install
2 -
Advanced Analytics
2 -
traffic
2 -
ChromeOS
2 -
Directory Importer
2 -
IPSec Tunnels
2 -
Linux
2 -
Cloud
2 -
Windows OS updates
2 -
PAC file
2 -
AWS
2 -
Reverse Proxy
2 -
url filtering
2 -
Admin
2 -
ipsec
2 -
Authentication
2 -
okta
2 -
Apps
2 -
steer traffic
2 -
Email DLP
2 -
cloud exchange
2 -
Azure AD
2 -
Netskope
2 -
User Notification
2 -
Advance Analytics
2 -
web
2 -
Chromebook
2 -
slowness issue
2 -
MacOS
2 -
steering exception
2 -
Netskope Agent
2 -
ssl
2 -
Certificate Pinned
2 -
communication between domain and application
1 -
data
1 -
Profile
1 -
Sanctioned apps
1 -
activities
1 -
Desktop Dropbox
1 -
Log
1 -
UPD errors and nsClientFLow
1 -
Epic
1 -
Netskope Client installation mechanism
1 -
status
1 -
no decryption
1 -
alerts
1 -
logs
1 -
Download
1 -
Firewalls Local
1 -
GOSKOPE
1 -
SSL Decrypt Bypass
1 -
dashboards
1 -
google
1 -
multi-user mode
1 -
log data
1 -
Upload
1 -
Internet next hop type
1 -
openai
1 -
googledocs
1 -
interception
1 -
SASE
1 -
WebSecurity
1 -
Best Practices
1 -
CCL
1 -
Fail Close
1 -
EDM
1 -
flow
1 -
chatgpt
1 -
appdefinition
1 -
browser
1 -
endpoint
1 -
sensitivity
1 -
fundamentals
1 -
Artificial Intelligence
1 -
ldap
1 -
steering
1 -
block
1 -
Cloud & Threat Challenges
1 -
Threat
1 -
instance
1 -
extension
1 -
url categorization
1 -
CTEP
1 -
AVD
1 -
explicit proxy over IPSec
1 -
AMP
1 -
MIP
1 -
Rest API
1 -
Report
1 -
awareness
1 -
Upgrade
1 -
Default OfficeSuite policy
1 -
DaaS
1 -
Office 365
1 -
Evasive Phishing
1 -
best practice
1 -
security posture check
1 -
Proxy
1 -
Reports
1 -
Changes
1 -
OfficeSuite
1 -
Virtual Desktop
1 -
Access
1 -
domain fronting
1 -
CCI
1 -
User Group
1 -
questions
1 -
Widgets
1 -
Config
1 -
No Decrypt
1 -
MFA
1 -
Whitelist
1 -
SIEM Integration
1 -
Enterprise Application
1 -
Config Update
1 -
Default Policy
1 -
AD
1 -
Google chat
1 -
Windows Server 2016
1 -
domain
1 -
interoperability
1 -
Education
1 -
RBAC
1 -
Traffic Steer on Galaxy S8
1 -
PAC
1 -
App
1 -
Netskope Admin
1 -
YouTube
1 -
file size
1 -
export
1 -
Explicit Proxy
1 -
Local Groups
1 -
Sync
1 -
APP instance
1 -
licensing
1 -
incremental update
1 -
vpn
1 -
Netskope Threat Labs
1 -
import
1 -
Block Page
1 -
SWG Login
1 -
Private App
1 -
Instances Corp
1 -
debugging
1 -
controls
1 -
native definition
1 -
API
1 -
Guidelines
1 -
configuration
1 -
entry
1 -
intel CPU
1 -
Remote Browser Isolation
1 -
Instances APP Enterprise
1 -
fiddler
1 -
AAD
1 -
Dropbox
1 -
SSL-TLS
1 -
Automation
1 -
punycode
1 -
Whatsapp
1 -
Local admin
1 -
client update
1 -
Next Fen SWG
1 -
Custom Rule
1 -
certificate
1 -
TLS
1 -
ngrok
1 -
discord
1 -
NativeApp
1 -
Internet Access
1
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In