Reading through private-access-best-practices article on docs.netskope.com, it mentions not to overlap CIDR ranges for NPA. I wonder how we can satisfy this recommendation for the following, very common scenario.
Lets say we got three outlook web servers. all serve on port 443, so private app [Outlook] is created with the individual three IPs with TCP port 443 and assigned to all/general users in the organization. All good here.
Now for the Admins of the Org, they would need to RDP to these outlook webservers for support/admin purposes. I would think, we need a second private app with same three IPs with TCP port 3389 and assign to IT Admins. Two separate apps for zero trust model.
So the second private creates a overlap, any pointers on how to configure this scenario adhering to best practices?