Netskope Community
-
Forums
ProductsCommunity Resources
-
Learn
Education, Training, Certification, and Thought LeadershipCommunity Resources
-
Groups
Community GroupsCommunity Resources
-
Events
Community Resources
- Support
- Netskope Community
- Products
- Next Gen SWG
- Netskope client SSL decryption issues
Netskope client SSL decryption issues
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-06-2023 11:30 PM
Solved! Go to Solution.
- Labels:
-
netskope client
-
Next Gen SWG
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-22-2023 11:47 PM
Thanks ark007 for your suggestions. We are already following setup as per KB. Using Digital Experience Management, we noticed that client to Netskope POP latency is ok, but Netskope POP to app latency is high. We are dealing this with Netskope support.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2023 10:43 AM
Seeing similar behavior, especially with Google Docs, that we just posted about.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-08-2023 08:07 AM
@Indu - So far I did not see this behavior on our end. There is a KB article in Netskope that has very good breakdown on how to approach troubleshooting performance related issues. This will be a good start, pick an application run some test as per this KB article to see where the latency is.
https://support.netskope.com/s/article/Netskope-Performance-Troubleshooting-Guide
Also, ensure few basic things that if user is connected to nearest POP, Netskope client is updated to latest stable golden release or current version which will have fixes that might improve certain things. If you have remote access VPN's and on-prem firewall VPN's running in full tunnel mode then ensure Netskope traffic is configured in split tunnel mode to directly connect to web instead of going through VPN tunnel. There might be a chance the nearest POP might have some outages or issues which might had a temporary effect.
In case everything looking good and still not sure, open a support ticket and escalate it to your TAM to get better support.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-08-2023 08:47 AM
Also to add on to, ensure you are using DTLS tunnel for your client configurations.
Enabling DTLS option supersedes TLS (Transport Layer Security) tunnel for communication thereby improving the network process. TCP inherently slows the overall flow performance if the network has high latency and packet drops. To overcome this issue, use DTLS tunnel (UDP tunnel). To know the current protocol, click the Client icon > Configurations > Tunnel Protocol.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-22-2023 11:47 PM
Thanks ark007 for your suggestions. We are already following setup as per KB. Using Digital Experience Management, we noticed that client to Netskope POP latency is ok, but Netskope POP to app latency is high. We are dealing this with Netskope support.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- How to Capture HAR on Google Chrome in Next Gen Secure Web Gateway (SWG)
- HTTP Header Profiles and comma separation in Cloud Access Security Broker (CASB)
- SSPM: Securing Google Workspace in Security Posture Management
- AWS CLI SSL Certificate Errors on macOS in Next Gen Secure Web Gateway (SWG)
- Microsoft Teams VoIP Traffic Bypass in Cloud Access Security Broker (CASB)
-
NG-SWG
24 -
SWG
23 -
NSClient
17 -
DLP
12 -
Next Gen SWG
11 -
NGSWG
8 -
netskope client
7 -
android
6 -
Client
5 -
cloud firewall
4 -
forward proxy
4 -
SSL bypass
4 -
sso
4 -
Support Mobiles
4 -
SCIM
4 -
CASB
4 -
GRE
4 -
Netskope Endpoint Client
4 -
Real-time Policy
4 -
URL List
4 -
users
3 -
Google Idp
3 -
Threat Protection
3 -
policy
3 -
Provisionning
3 -
DLP Violation
3 -
malware
3 -
categories
3 -
IDP
3 -
IOS
3 -
Groups
3 -
Certificate SSL
3 -
Decrypt SSL
3 -
skopeit
3 -
cfw
3 -
Azure
2 -
inline
2 -
install
2 -
Advanced Analytics
2 -
traffic
2 -
ChromeOS
2 -
Directory Importer
2 -
IPSec Tunnels
2 -
Linux
2 -
Cloud
2 -
Windows OS updates
2 -
PAC file
2 -
AWS
2 -
Reverse Proxy
2 -
url filtering
2 -
Admin
2 -
ipsec
2 -
Authentication
2 -
okta
2 -
Apps
2 -
steer traffic
2 -
Email DLP
2 -
cloud exchange
2 -
Azure AD
2 -
Netskope
2 -
User Notification
2 -
Advance Analytics
2 -
web
2 -
Chromebook
2 -
slowness issue
2 -
MacOS
2 -
steering exception
2 -
Netskope Agent
2 -
ssl
2 -
Certificate Pinned
2 -
communication between domain and application
1 -
data
1 -
Profile
1 -
Sanctioned apps
1 -
activities
1 -
Desktop Dropbox
1 -
Log
1 -
UPD errors and nsClientFLow
1 -
Epic
1 -
Netskope Client installation mechanism
1 -
status
1 -
no decryption
1 -
alerts
1 -
logs
1 -
Download
1 -
Firewalls Local
1 -
GOSKOPE
1 -
SSL Decrypt Bypass
1 -
dashboards
1 -
google
1 -
multi-user mode
1 -
log data
1 -
Upload
1 -
Internet next hop type
1 -
openai
1 -
googledocs
1 -
interception
1 -
SASE
1 -
WebSecurity
1 -
Best Practices
1 -
CCL
1 -
Fail Close
1 -
EDM
1 -
flow
1 -
chatgpt
1 -
appdefinition
1 -
browser
1 -
endpoint
1 -
sensitivity
1 -
fundamentals
1 -
Artificial Intelligence
1 -
ldap
1 -
steering
1 -
block
1 -
Cloud & Threat Challenges
1 -
Threat
1 -
instance
1 -
extension
1 -
url categorization
1 -
CTEP
1 -
AVD
1 -
explicit proxy over IPSec
1 -
AMP
1 -
MIP
1 -
Rest API
1 -
Report
1 -
awareness
1 -
Upgrade
1 -
Default OfficeSuite policy
1 -
DaaS
1 -
Office 365
1 -
Evasive Phishing
1 -
best practice
1 -
security posture check
1 -
Proxy
1 -
Reports
1 -
Changes
1 -
OfficeSuite
1 -
Virtual Desktop
1 -
Access
1 -
domain fronting
1 -
CCI
1 -
User Group
1 -
questions
1 -
Widgets
1 -
Config
1 -
No Decrypt
1 -
MFA
1 -
Whitelist
1 -
SIEM Integration
1 -
Enterprise Application
1 -
Config Update
1 -
Default Policy
1 -
AD
1 -
Google chat
1 -
Windows Server 2016
1 -
domain
1 -
interoperability
1 -
Education
1 -
RBAC
1 -
Traffic Steer on Galaxy S8
1 -
PAC
1 -
App
1 -
Netskope Admin
1 -
YouTube
1 -
file size
1 -
export
1 -
Explicit Proxy
1 -
Local Groups
1 -
Sync
1 -
APP instance
1 -
licensing
1 -
incremental update
1 -
vpn
1 -
Netskope Threat Labs
1 -
import
1 -
Block Page
1 -
SWG Login
1 -
Private App
1 -
Instances Corp
1 -
debugging
1 -
controls
1 -
native definition
1 -
API
1 -
Guidelines
1 -
configuration
1 -
entry
1 -
intel CPU
1 -
Remote Browser Isolation
1 -
Instances APP Enterprise
1 -
fiddler
1 -
AAD
1 -
Dropbox
1 -
SSL-TLS
1 -
Automation
1 -
punycode
1 -
Whatsapp
1 -
Local admin
1 -
client update
1 -
Next Fen SWG
1 -
Custom Rule
1 -
certificate
1 -
TLS
1 -
ngrok
1 -
discord
1 -
NativeApp
1 -
Internet Access
1
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In