Netskope uses profiles with policies. This article covers how to create profiles for Netskope.
For more information about options to be profiled, click the appropriate option.
The default malware scan can be extended by creating a custom malware detection profile. The malware detection profile allows users to add a custom hash list as a blocklist and an allowlist. Known malicious hashes that are sourced from other intelligence sources can be included in the blocklist. Known good files (usually proprietary content specific to the enterprise) can be added to the allowlist so Netskope does not mark them as suspicious. The custom malware detection profiles can be used in the real-time protection policy creation workflow.
The custom category feature offers flexibility to supersede the predefined Netskope Uniform Resource Locator (URL) category mapping for a given URL or augment them by defining custom URL categories. This is helpful for situations in which the Netskope predefined URL category does not have a mapping for a URL (uncategorized).
The Connected App/Plugin profile allows you to create a profile consisting of a custom list of Google apps and plugins. Use this profile to detect and prevent users from installing whatever third-party apps they add in Google.
connectedApp1,ID
connectedApp2,ID
connectedApp3,ID
The domain profile is used to define external domain accounts for email. The domain profile works with application programming interface (API)-enabled protection apps such as Gmail and Microsoft 365 Outlook.com. As part of the policy definition wizard, you can scan email messages that are sent to external domains such as xyz.com or abc.com.
The user profile is used to select a user profile instead of all users or user groups in an application programming interface (API)-enabled protection policy. User profiles allow you to upload a comma-separated value (CSV) file with all the users' email addresses to include or exclude in a scan for policy violations.
A constraint profile is used in real-time protection policies. Constraint profiles define what a user can do for a specific activity in an app. In the case of Amazon S3, constraints detect and prevent insider threat activities.
For example:
User and Storage constraint profiles can be applied to specific activities when creating a real-time protection policy for an app. Click the appropriate profile for more information.
*@dell.com.
*@dell.com
.A Quarantine profile is used for specifying where the file must be quarantined when there is a policy action of Quarantine. Use tombstone files to replace the content of the original file. The name and extension of the original file are preserved.
Legal hold is a process that an organization uses to preserve all forms of relevant information when litigation is reasonably anticipated. A legal hold profile is used for specifying where the files must be held for legal purposes.
This feature provides the data loss prevention (DLP) forensic details when a policy triggers a violation. Forensic information may contain sensitive content. In order to maintain privacy, you must select a forensic profile to store forensic information.
You can add a single object or multiple object network location.