Netskope Help

About CTEP Settings

After creating a CTEP policy on the Real-time Protection page, you can configure the CTEP settings (Settings > Threat Protection > CTEP Settings) to enable CTEP for your organization as well as create exceptions to the policy via signature overrides.

Settings

Enable the CTEP Status to apply your CTEP policies and inspect your organizations traffic for for any policy violations.

The Status option on the CTEP Settings page
Signature Overrides

Under Signature Overrides, you can:

  1. Enable Alert Only Mode to allow all traffic with signature matches and only send alerts. If enabled:

    • Netskope won't block traffic. Netskope will change any enabled overrides from the Block action to the Alert action.

    • Netskope won't generate alerts for disabled overrides.

  2. Search for a signature name in the table.

  3. Create a signature override.

  4. View a list of configured signature overrides. For each override, you can see the following information:

    • Signature ID: The ID of the signature.

    • Signature Name: The name of the signature.

    • Status: The signature is enabled or disabled for matching.

    • Action: If you enabled signature matching, you can see one of the following actions when a match occurs.

      • Alert: Netskope allows the traffic and generates an alert in Skope IT.

      • Reject: Netskope blocks the traffic.

    • Last Edited: The last time the override was edited and by who.

  5. Sort the table by signature name, signature ID, or last edited.

  6. Select at least one override using the checkbox and click Remove to delete it.

  7. Click The Settings icon. to customize table columns or restore the default ones.

  8. Click The More icon. to edit or delete an override.

  9. View up to 100 overrides per page.

  10. View multiple pages of the table.

The Signature Overrides section on the CTEP Settings page.