Skip to main content
  • EN

AD_4nXdFAQbrKdn07k3zj9fJ73Q1Pw1vtysORsq4YETQrrh7PAbwJ2Dpa4NWMmkUevIUuD6Ld9J4VR9LsVv4YU5o4hI61mQhdrKzYjjVcJMxFRwbmVhy0Poz-fv6jGVkGbTgM5Ft5xP46P2R3bWwAP52s6TMr6nC?key=0XdE2xYrC8rX16NaWXcJdw

Netskope Global Technical Success (GTS)

KB - Limitations with Telegram (Web Access & Native App)

 

Netskope Cloud Version - 118

 

Objective

Telegram is a chat and instant messaging platform accessible via Web Access & its Native Application. This document is intended to discuss in detail the limitations associated with Telegram concerning its use with Netskope.

 

Prerequisite

Netskope CASB Inline/SWG license is required.

 

Context

End-users at customers' end may be utilizing Telegram on their machines. This document outlines the limitations and types of controls that can be implemented for Telegram through Netskope

 

Details

  • Telegram is a cloud-based messaging application available on both Windows and macOS, accessible via Web access and Native application.
  • Its user-friendly interface and robust feature set have contributed to its growing popularity. However, this rise in usage prompts IT teams to address concerns about managing and controlling Telegram to mitigate potential data exfiltration risks.
  • This document aims to address frequently asked questions about how to control Telegram using Netskope.

 

Telegram Web Access

Telegram can be accessed using a Web browser at the URL : web.telegram.org

AD_4nXfcdRTn6ZiL-kUyb-BG6rjqIxqy3bo3eDCWE9ut4meDFYtRsyThzxSNH66QwS4SZ6fSO8p1tFkk7kjUGO2rCsxhP2u9ukifQLlDqbYEUsQILt7nI9O2VS6GKOrbjyur-3Q_MQ8w0GKW9zByY8f2TCIqMYUh?key=0XdE2xYrC8rX16NaWXcJdw

  • Telegram Web access deploys end-to-end encryption on communication.
  • Because the Telegram web access employs end-to-end encryption, Netskope cannot perform SSL decryption on traffic generated by Telegram.
  • Without SSL decryption, the following controls cannot be applied:
  1. Netskope Data Loss Prevention (DLP)
  2. Netskope Threat Prevention
  3. Netskope Real-time Policy Controls
  • In short, visibility on traffic generated by Telegram Web access is very limited

 

About the Activity Support for Telegram in CCI Database

  • As of August 23, 2024, Netskope acknowledges Telegram as a Cloud Application and the same can be viewed from the CCI Database

AD_4nXfFMesXUE6tp_gSOPBioH-rB6zKCQii9Dr4iu-tdnbHIKzxHiz-iwxwdC4RfZeSImOwbUN7H8v_30X4TuF0RjamEXO603-t1ykTRs2TXI-zMT2DPcu03R3iew7CRmAOnXxfkj2uZ15010OvSICL2PM6xtVz?key=0XdE2xYrC8rX16NaWXcJdw

  • It is important to note that the activity support detailed in the CCI Database relies on a Universal connector. This type of connector provides best-effort control and activity detection, meaning its effectiveness may vary as the application's behavior evolves. For an application to have comprehensive activity support, Netskope requires a Dedicated connector specific to that application.
  • Currently, granular activity control for Telegram, such as Post Upload, Download is not available today.

 

Telegram Native Application 

  • Telegram native application uses Certificate pinning.
  • What is Certificate pinning?

Certificate pinning is a security technique used to enhance the protection of network communications by ensuring that an application only trusts a specific SSL/TLS certificate or a set of certificates. 

  • Because the Telegram native application employs certificate pinning, Netskope cannot perform SSL decryption on traffic generated by Telegram.
  • Without SSL decryption, the following controls cannot be applied:
  1. Netskope Data Loss Prevention (DLP)
  2. Netskope Threat Prevention
  3. Netskope Real-time Policy Controls
  • In short, visibility on traffic generated by Telegram native application is also very limited

 

Conclusion : 

  • Visibility and Control: Netskope cannot perform SSL decryption on traffic generated by Telegram Web Access & Native Application. This limits the visibility into the content of Telegram's communications.
  • Data Protection: Due to Certificate pinning, Netskope lacks the ability to inspect and apply data loss prevention (DLP) policies to Telegram communications, compromising data protection measures.
  • Compliance: Ensuring compliance with regulations and industry standards becomes challenging when using Telegram through Netskope. The platform's limited monitoring and control capabilities may lead to compliance violations.
  • Threat Detection: Netskope cannot detect and respond to security threats originating from or targeting Telegram usage, such as malware distribution or phishing attacks. Limited visibility and analysis capabilities contribute to this difficulty.

 

Terms and Conditions

  • All documented information undergoes testing and verification to ensure accuracy.
  • Netskope Engineering is continuously working on product enhancements. In the future, additional controls may become available to address some of the limitations mentioned earlier. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

 

Notes

  • This article is authored by Netskope Global Technical Success (GTS).
  • For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.

 

What to Read Next?
All about - ‘WhatsApp’ Link
Use Cases: Generative AI Link
Limitations with Signal Application Link
Terms & ConditionsCookie settings