Amazon WorkSpaces

Amazon WorkSpaces

Amazon WorkSpaces is a desktop virtualization service available for Windows, Linux and other OS that enables administrators to access resources from any device. This document contains the best practices around steering bypasses when deploying the Netskope Endpoint on Amazon WorkSpaces. You can install Netskope Client using the deployment options supported by Netskope.

To learn more, view Amazon WorkSpaces.

Environment

  • WorkSpace Client Version: 5.1.0.2370
  • Netskope Client Version: 96.0.0.1009
  • Operating system:
    • Windows
    • macOS
    • Android
    • Ubuntu Linux 18.04
    • Chromebooks
    • iOS

Configurations In Netskope

Specific configurations in Netskope web UI ensures processes or traffic from either of the applications are not blocked or directed to the Netskope Cloud.

Configure Certificate Pinned Application Exception

To add Amazon WorkSpaces  as a Certificate Pinned Application on the Netskope UI:

Note

For Chromebooks, the administrator must add play.googleapis.com as a Domain exception and com.google.android.gsf process as a Certificate-Pinned App exception.

  1. Go to Settings > Security Cloud Platform > Steering Configuration and select a configuration.
  2. On the configuration page, click EXCEPTIONS > NEW EXCEPTION > Certificate Pinned Applications.
  3. In the New Exception window, do the following:
    1. From Certificate Pinned App, select the application. To add a new certificate pinned application in the New Certificate Pinned Application window, do the following:
      • Application Name: Enter the name of the application.
      • Platform: Select the operating system where the application is managed.
      • Definition: Provide the processes and .exe(s) list that you want to bypass. To learn more about the domains to bypass, view IP Addresses and Port Requirements for WorkSpaces.
    2. From Custom App Domains, add the URL to exclude. For example, www.aws.amazon.com.
    3. From Actions, select Bypass for Windows.
    4. Click ADD.

Amazon WorkSpace Workflow with Netskope Client

This section describes the steps to launch WorkSpace and install Netskope Client.

  1. Start Amazon WorkSpaces instance from your AWS account.
    WorkSpaces_StartWSinstances_99.png
  2. After installing AWS WorkSpaces agent on your machine, launch Amazon Workspace and login.
    WorkSpaces_LoginWorkSpace_99.png
  3. You can install Netskope Client using the deployment options supported by Netskope.
    WorkSpaces_WorkSpacewithClientenabled_99.png
  4. After you install Client, the application traffic must be steered through Netskope gateway.
  5. You can check the device details from your Netskope tenant Devices UI.
    WorkSpaces_hostinfodetailsinNetskope_99.png
Share this Doc

Amazon WorkSpaces

Or copy link

In this topic ...