Private access - NPA Threat Protection Inspection Apps - Policy

  • 5 May 2023
  • 4 replies
  • 43 views

Badge +11

Private access - NPA Threat Protection Inspection

 

Hello good afternoon, as always thanks for the collaboration, your time and good vibes.

Reviewing the NPA topics, and validating to generate an NPA type policy, I don't see that it allows me to add a Netskope Threat Protection profile. For example if I have at NPA level, some SMB type access, for shared folders against some File server, Storage or NAS, via the corresponding UDP/TCP ports used by SMBv2 and SMBv3 and I add them as a NPA type APP, at that point Netskope performs or not the inspection of that traffic flow? Netskope Threat Protection for NPA does or does not perform inspection of NPA/Private access APPs.


I remain attentive

 

Best regards


4 replies

Badge +11

@rclavero @mzhang

@sshiflett @amurugesan @mkoyfman 

 

Hello everyone, good afternoon, excuse me for referencing you but please can you support me with the post please.

 

I remain attentive to your kind comments

 

Thank you

 

Best regards

Userlevel 2
Badge +11

@MetgatzNK  - I spoke to Netskope Technical Account Manager on NPA limitations several times, they confirmed as now NPA does not support SSL Inspection which means it cannot decrypt traffic to perform deep scan so there is no  DLP, and Threat Protection applied to private apps. But they also mentioned about a future road map which will support SSL inspection for Private apps.

 

Thanks

Badge +11

Hello @ark007 thanks for your reply 

 

So the NPA/ZTNA connections to the private apps, does not perform any type of SSL inspection, but for the protocols or connections that are not SSL, for example FTP, SMB, http-tcp:80, among others, does the Threat Protection module not perform any inspection of the traffic in case of any anomaly and/or threat?

 

So at no point do you perform any type of inspection with the Threat Protection modules? It only protects the endpoint connection, through the Netskope client and the NPA/ZTNA tunnels through the NPA/ZTNA Gateway and the Publishers through the SSL/TLS tunnels, but it does not perform any type of inspection?

 

Thanks a lot

 

I look forward to your confirmation and comments.

 

Best regards

Userlevel 2
Badge +11

Yes, there is no inspection at all for NPA as of now. But the connection that is stitched to private app via publisher is secure.

 

Hopefully Netskope will be able to provide that feature soon, lets wait and see 🙂 

 

Thanks

Reply