BWAN in Device Intelligence

BWAN in Device Intelligence

You can now configure BWAN Integration in Device Intelligence and share device detail data from Device Intelligence to BWAN. This feature allows you to use device details captured by Device Intelligence in BWAN. 

Borderless WAN (BWAN) is a SDWAN solution offering Software/Program intelligence to the LAN<->WAN traffic routing globally via the internet b/w branch offices or branch<->DC. Here, we can control which traffic takes which path (MPLS, VPN, LTE, etc). BWAN provides a secured channel to route the traffic by applying policies,QoS, etc but does not have the in-depth rich contextual intelligence about the device details like the device is managed or unmanaged, risk score, type and category of the device, etc. This is where the Device Intelligence comes in the solution to provide the details to BWAN.

To do so, you need to follow a few steps:

  1. Configure BWAN in Device Intelligence 1
  2. BWAN use cases 2
  3. BWAN UI
This is a special feature and you should have a license for Netskope Device Intelligence and BWAN products. Contact your marketing executive or Netskope support team to enable this for you.

Configure BWAN in Device Intelligence

Follow the procedure to configure BWAN in Device intelligence UI:

  1. Navigate to the Manage > Configurations menu.

  2. Give a unique name to the integration configuration.

  3. Add a description.

  4. Choose the type of supported remediation integration configurations as Firewall.

  5. Choose a supported vendor from the dropdown list as BWAN.

  6. Provide a valid host IP address or a domain name to connect to the network.

  7. Choose an authentication type:

    • Username/password – provide the credentials for configuration.

    • Token – provide a token for configuration.

  8. Choose a connection method as HTTPS.

  9. Optionally, you can add extra key-value pair parameters to pass to this configuration.

  10. Click Create Configuration button

    Once you configure BWAN in Device Intelligence, you can use this as an action for your policies in the next step.

    Create policy and send details to BWAN

    Here you will create policies to capture devices with high, medium and low risks and send them to Dynamic Address Groups (DAG) in BWAN UI. Follow the procedure to create the policy:

    1. Navigate to the Policies menu and click on the Create Policy tab.

    2. Mark the status of the policy to be active on creation.

    3. Give a unique policy name.

    4. Select the type as context policy.

    5. Give a category of the policy as High Risk.

    6. Add a description to explain the policy behavior.

    7. Define a custom condition to capture devices with a high-risk score.

    8. Click on Add Rule and select field as Risk, condition as Greater or Equal to, value as 75. This condition will capture devices which have a risk score greater than 75.

    9. Select the alert severity as High.

    10. Select the action to take  as NAC.

    11. Select the BWAN configured in Step 1.

    12. Select action as Segment and give a Segment Name as “High Risk Device”.

    13. Click Save Policy.

    You will simultaneously see the policy results in BWAN UI > Configure > Objects > Device Groups when this policy will capture devices with a high-risk score.

    – You can create similar policies for Low and Medium Risk Score in Device Intelligence.
    – You can remediate the issue in BWAN by creating policies on these Device Groups. Refer to the BWAN documentation to learn more.

    BWAN UI

    Login to the BWAN UI using your credentials and you will see the Device Intelligence information in BWAN. Refer to the BWAN documentation to learn more.

Share this Doc

BWAN in Device Intelligence

Or copy link

In this topic ...