1. Expel Help Center
  2. Connect Your Technology
  3. L-P Integrations

Netskope CASB and Next Gen SWG Setup for Workbench

This topic explains how to connect your Netskope technology to Workbench. These steps are based on RBACv3.

Prerequisites

  • You must use a local Neskope admin account to generate the API credentials; you cannot use an SSO account.

Quick Links

  1. Generate API Credentials
  2. Add Netskope CASB and Next Gen SWG as a Security Device in Workbench

Step 1: Generate API Credentials

Netskope REST APIs use an auth token to make authorized calls to the API. Expel uses Netskope REST APIs to access resources through URI paths.

  1. Log in to Netskope using a local admin account.
  2. Navigate to Administration > Administrators & Roles.
  3. Select the Roles tab.
  4. Select New.
  5. Enter a role name, such as "Expel Role".
  6. Enter a short description, such as "Used for the Expel security device".
  7. Grant the following permission:
    • Function: Skope IT > Alerts
    • Permission: View
  8.  Save the new role.
  9. Go back to the Administrators tab.
  10. Select the Service Account button.
  11. Enter a service account name, such as "Expel Service Account".
  12. Select the new role you created.
  13. For the REST API token, leave Generate token now with expiry selected and choose a token expiration that fits within your company's policy.
  14. Select Create.
  15. In the confirmation window, select Copy Token to save the token (you will need it in the next step).
  16. Select OK to close the window.

Step 2: Add Netskope CASB and Next Gen SWG as a Security Device in Workbench

Now that you have the correct access configured and noted the credentials, you can configure the integration in Workbench. Before you begin, make sure you know your Netskope server URL.
  1. Log in to Workbench.
  2. In the side menu, navigate to Organization Settings > Security Devices. If you have multiple organizations, you must select the appropriate organization name from the list.
  3. Select Add Security Device.
  4. In the search box, type “Netskope” and then select the Netskope CASB and Next Gen SWG integration.
  5. Complete the fields as follows:
    • Name - enter a name that might help you more easily identify this integration, such as “CompanyName Netskope”; this name will display in Workbench under the Name column, and is a text string that you can filter on.
    • Location - enter the location of your integration, for example “cloud;” this is also a text string that you can filter on, so we recommend being consistent with location naming across your Expel integrations.
    • Server - enter your Netskope server URL.
    • Token - enter the token you generated in Step 1.
    • Select Save.
  6. Your device should be created successfully within a few seconds. A few reminders:
    • After your connection is healthy, it will take some time for your device to begin polling and receiving data.
    • To check on the status, select the downward arrow for your device in the first column and choose View details.
    • Polling will happen first; data will be received after that. You must refresh the page to see updates.
    • If your device does not begin polling within 15 minutes, and does not begin receiving data within 30 minutes, contact our support team for help.
    • To check if alerts are coming through, navigate to Dashboards > Alert Analysis. Scroll to the device you want to check and select the Expel Alerts tab to reveal more alert information. It can take 36 to 72 hours for alerts to appear after setup, as we tune your device.

Related articles