The Netskope deployment for your organization is deployed in CASB-only mode. You want to view dropbox.com traffic but do not see it when using SkopeIT.
In this scenario, what are two reasons for this problem? (Choose two.)
A.
The Dropbox Web application is certificate pinned and cannot be steered to the Netskope tenant.
B.
The Dropbox domains have not been configured to steer to the Netskope tenant.
C.
The Dropbox desktop application is certificate pinned and cannot be steered to the Netskope tenant.
D.
The Dropbox domains are configured to steer to the Netskope tenant.
In a CASB-only deployment of Netskope, there could be several reasons why Dropbox.com traffic is not visible in SkopeIT:
Certificate Pinning:
The Dropbox Web application might be using certificate pinning, which means it only accepts specific certificates for its connections. This can prevent the traffic from being steered to the Netskope tenant because the proxy's certificate might not match the pinned certificate.
Configuration of Dropbox Domains:
If the Dropbox domains are not properly configured to be steered to the Netskope tenant, then the traffic will bypass the Netskope inspection and will not be visible in SkopeIT. Ensuring that the domains are configured correctly is essential for the traffic to be captured and analyzed by Netskope.
References:
"Certificate pinning prevents the interception of traffic by requiring that the presented certificate matches a known good certificate. This can interfere with traffic steering in CASB deployments.".
"Proper configuration of application domains is necessary to ensure traffic is steered to the Netskope tenant for inspection and visibility.".
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit