Ask the community

A Brief Introduction to Netskope Private Access App Discovery

sshiflett
Netskope
Netskope

Netskope Private Access is a Zero Trust Network Access (ZTNA) solution that connects users and devices to applications rather than networks.  This differs from traditional network access solutions such as remote access VPNs.  Legacy VPNs provided network level access for remote users by essentially extending your internal network to the remote device.   This was simple from an administrative and user perspective, but ultimately provides unnecessary access for most employees.  In contrast, ZTNA solutions like Netskope Private Access provide access to applications based on contextual criteria such as user risk, device risk, and which resources are being accessed.  This is more secure and aligns to Zero Trust principles such as providing minimum access levels , continuously verifying context, and removing implicit trust based on the network.  While this is significantly more secure, it can also be more challenging for administrators to implement as they need to know the hostnames, ports, and protocols that users and applications need for their daily tasks.   Netskope Private App Discovery addresses this challenge by allowing you to deploy Netskope Private Access with a broad discovery configuration:

 

 

sshiflett_0-1677609878517.png

 

This broader discovery configuration allows access to entire domains or subnets for specified users.  This allows your users to connect to the apps necessary for their daily tasks.  After configuration, the Private App dashboard immediately provides an overview of the ports, hostnames, and users accessing applications within your environment.  

 

sshiflett_1-1677609878563.png

 

Administrators can then create app definitions for the specific resources to move from the discovery phase to policies more in line with Zero Trust principles.   The attached video provides an overview on the configuration, capabilities, and reporting that Private App Discovery provides.    As a final note, this post and the video focus on the native Private App Discovery dashboard and events in SkopeIT.  Advanced Analytics extends these capabilities by allowing richer reporting and visualizations on applications.  There is a predefined App Discovery dashboard in Advanced Analytics:

sshiflett_2-1677609878711.png

 

You can also use Advanced Analytics to create visualizations and reporting on any of the fields in SkopeIT events to customize App Discovery to your specific needs.   Further, all Network Events can be retrieved via the Netskope REST API or Cloud Exchange to  forward logs and alerts to your SIEM, SOAR, or other reporting platforms. 


Sam Shiflett
Netskope Solution Architect - North America
1 Reply 1
Siva
Contributor

@sshiflett Thanks for the article. 

 

We have NPA deployed for a group of users/department and would like to expand to other groups. Can we leave the Private App discovery on and limit to new user group with causing any issues?

Subscribe

In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below

Sign In