Netskope Community
-
Forums
ProductsCommunity Resources
-
Learn
Education, Training, Certification, and Thought LeadershipCommunity Resources
-
Groups
Community GroupsCommunity Resources
-
Events
Community Resources
- Support
- Netskope Community
- Products
- Next Gen SWG
- Re: [Getting Started] Best Practice Policies - Inl...
[Getting Started] Best Practice Policies - Inline
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2021 05:10 PM - edited 08-18-2022 12:55 PM
The intention of this document is to level set on the base set of policies, policy grouping, and policy evaluation behavior that is generally applicable to all inline(CASB/NS-SWG) customers.
We are also working on runbooks to accompany each of the policy groups highlighted in the presentation, which will be posted in the near future.
- Labels:
-
best practice
-
Guidelines
-
inline
-
policy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2021 10:02 AM
This is an incredibly valuable document. It would be fantastic if the tenant could be autoconfigured as a baseline. Short of implementing a feature, is that what a runbook would do (i.e. import a policy config)?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-26-2021 10:05 AM - edited 07-26-2021 10:06 AM
At this point, we don't have the Rest API end-point to automate this so this is the intention of the runbooks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-12-2021 11:12 AM
Justin, this is by far the best approach I have ever seen to ensure interoperability between real time policy types. We have adopted this approach with our clients at Optiv and it has been a huge success. Thank you so much for taking the time to put this together and communicating it out there to the Netskope community.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-24-2021 12:00 PM
Any chance there is a supporting video recording? This guide is great and was curious if there was any additional commentary while going through slides (mostly for education)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-24-2021 12:39 PM
Hi @ddrake , this session is best done in person with your TSM/TAM please reach out to your assigned TSM pool and they can assist with this session.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-15-2022 06:23 AM
Justin, this doc is great. I'm wondering if you can elaborate on the sanctioned instance tagging. In your doc you state "you have to tag the instance before you can set an
instance id policy. instance_id !~ 'NULL'" which is how Ive been identifying my sanctioned apps in the data but how do you tag using that query so it can be used in a real-time policy?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-15-2022 12:50 PM
Hello @ajentsch,
Thanks for the question 🙂 It seems that the query needs to be modified post-R90 MP, you can leverage this skopeit query, [instance_id != '' ], under application events to pull up all of the events with an instance id. Then you can review the list to tag the instances that don't have an existing Instance Name associated with the detected instance_id.
Please let me know if this helps.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- May NAA Office Hours Recap in Advanced Analytics
- DLP for All Web Traffic? in Data Loss Prevention (DLP)
- Certificate Pinned App (CPA) in Next Gen Secure Web Gateway (SWG)
- Getting started with Netskope Governance Language (NGL) with Salesforce in Security Posture Management
- Getting started with Netskope Governance Language (NGL) with Azure AD in Security Posture Management
-
SWG
22 -
NG-SWG
17 -
DLP
11 -
NSClient
9 -
Next Gen SWG
7 -
NGSWG
6 -
netskope client
5 -
Netskope Endpoint Client
4 -
GRE
4 -
SSL bypass
4 -
Client
4 -
sso
4 -
android
4 -
policy
3 -
IDP
3 -
Decrypt SSL
3 -
Threat Protection
3 -
DLP Violation
3 -
cloud firewall
3 -
forward proxy
3 -
URL List
3 -
Google Idp
3 -
Support Mobiles
3 -
SCIM
3 -
skopeit
3 -
Linux
2 -
User Notification
2 -
Certificate SSL
2 -
traffic
2 -
ssl
2 -
malware
2 -
ipsec
2 -
cfw
2 -
users
2 -
IPSec Tunnels
2 -
Email DLP
2 -
Real-time Policy
2 -
steer traffic
2 -
Netskope Agent
2 -
categories
2 -
Provisionning
2 -
Admin
2 -
Azure
2 -
Apps
2 -
Windows OS updates
2 -
IOS
2 -
inline
2 -
Cloud
2 -
okta
2 -
Groups
2 -
communication between domain and application
1 -
alerts
1 -
Traffic Steer on Galaxy S8
1 -
Explicit Proxy
1 -
Local Groups
1 -
Private App
1 -
Instances APP Enterprise
1 -
no decryption
1 -
SASE
1 -
Cloud & Threat Challenges
1 -
questions
1 -
Chromebook
1 -
SWG Login
1 -
Remote Browser Isolation
1 -
punycode
1 -
Advanced Analytics
1 -
Rest API
1 -
Block Page
1 -
intel CPU
1 -
Automation
1 -
discord
1 -
interception
1 -
block
1 -
Authentication
1 -
RBAC
1 -
slowness issue
1 -
Dropbox
1 -
SSL-TLS
1 -
ngrok
1 -
Epic
1 -
browser
1 -
MIP
1 -
Education
1 -
export
1 -
certificate
1 -
Certificate Pinned
1 -
TLS
1 -
UPD errors and nsClientFLow
1 -
SSL Decrypt Bypass
1 -
steering
1 -
Netskope
1 -
import
1 -
activities
1 -
Desktop Dropbox
1 -
Log
1 -
GOSKOPE
1 -
openai
1 -
security posture check
1 -
User Group
1 -
Netskope Threat Labs
1 -
entry
1 -
Download
1 -
Firewalls Local
1 -
chatgpt
1 -
best practice
1 -
CCI
1 -
configuration
1 -
ChromeOS
1 -
Upload
1 -
Directory Importer
1 -
PAC file
1 -
web debugging fiddler proxy
1 -
EDM
1 -
flow
1 -
explicit proxy over IPSec
1 -
Reverse Proxy
1 -
cloud exchange
1 -
Custom Rule
1 -
logs
1 -
Fail Close
1 -
sensitivity
1 -
fundamentals
1 -
Office 365
1 -
domain
1 -
CASB
1 -
Guidelines
1 -
log data
1 -
endpoint
1 -
url categorization
1 -
CTEP
1 -
AVD
1 -
Access
1 -
file size
1 -
vpn
1 -
steering exception
1 -
install
1 -
CCL
1 -
extension
1 -
url filtering
1 -
Default OfficeSuite policy
1 -
DaaS
1 -
MFA
1 -
incremental update
1 -
API
1 -
Next Fen SWG
1 -
multi-user mode
1 -
Upgrade
1 -
Changes
1 -
OfficeSuite
1 -
Virtual Desktop
1 -
native definition
1 -
MacOS
1 -
Reports
1 -
Config
1 -
No Decrypt
1 -
App
1 -
Threat
1 -
Widgets
1 -
Config Update
1 -
Default Policy
1 -
Azure AD
1 -
APP instance
1 -
client update
1 -
data
1 -
WebSecurity
1 -
Report
1 -
Enterprise Application
1 -
PAC
1 -
Sync
1 -
Instances Corp
1
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In