Classic to Next Generation API Data Protection Migration
Classic to Next Generation API Data Protection Migration
As technology continues to evolve, so too must the platforms we rely on for critical functions such as data protection. Customers currently using the Classic API Data Protection platform are invited to transition to Netskope’s cutting-edge Next Generation API Data Protection platform. The Next Generation platform offers a host of modern features and enhanced capabilities designed to provide superior security, efficiency, and ease of use. This powerful upgrade ensures that data is protected with the latest advancements in technology, delivering robust performance and reliability that meets the growing demands of today’s digital landscape. Join us in embracing this transformative step forward, ensuring your data remains secure with the most advanced tools available.
Key Features of Next Generation API Data Protection Platform
Next Generation API Data Protection is the new generation platform for API Data Protection designed to provide the following benefits:
-
Dramatically simplified policy definition and management: Multi-app/all app policies and multiple DLP profiles in a single policy.
-
Tenant performance isolation, to eliminate noisy neighbor problems – Performance of one tenant does not affect the other tenant.
-
Ability to define threat protection policies.
-
Unified inventory page, for threat hunting and forensic analysis.
-
Tight controls on performance at an app/instance level.
-
Support Google badged labels as a policy condition. (only for Google Drive)
-
Embedded abstractions, to ensure faster development for new capabilities and supported apps.
-
Netskope encrypts API requests to SaaS apps using TLS 1.2 by default.
Why Switch to Next Generation API Data Protection?
Over the past few years, our security platform has evolved rapidly, making further development increasingly challenging. To implement major learning effectively, a new architecture is necessary. There have been significant changes in scale and performance expectations, along with an increase in the number and complexity of managed SaaS apps. This evolution underscores the need for operational simplification to manage these advancements efficiently.
The Next Generation API Data Protection platform is crafted to accommodate the emergence of new SaaS applications, features, and capabilities. It is highly scalable and robust, offering a range of modern features and enhanced capabilities aimed at delivering superior security, efficiency, and user-friendliness. This powerful upgrade leverages the latest technological advancements to ensure data protection, providing robust performance and reliability to meet the increasing demands of today’s digital landscape.
The Classic platform is nearing end of life. Adequate time and notification will be provided to all customers in due course. As described in Key Features of Next Generation API Data Protection Platform, Netskope recommends customers on Classic API Data Protection to switch to Next Generation API Data Protection. Next Generation API Data Protection is the platform where Netskope will continue to build new capabilities and features in the future.
How to Switch to the Next Generation API Data Protection Platform?
To learn more: Migration Steps to Next Generation API Data Protection.
Migration Videos
We have curated a set of videos related to migration process. Take a look!
Frequently Asked Questions
No, Netskope does not support automatic migration of instances from Classic to Next Generation.
Yes, Netskope has a number of customers who are using Next Generation API Data Protection. In fact, all new customers for OneDrive and SharePoint are on-boarded on the Next Generation API Data Protection starting May 2023.
You need not disconnect the Classic instance first. But make sure that you disable all the Classic policies so that there is a very short window of time when file change notifications are processed on both the platforms. This will also eliminate duplicate alerts and incidents.
Yes, the same admin account can be used.
No, you cannot use the existing Classic policies with Next Generation API Data Protection. You will have to create new policies for use with Next Generation API Data Protection. The Next Generation policies offer significant expressivity and efficiency. Customers can combine multiple Classic policies into a single Next Generation policy for simplified ongoing maintenance. That is the reason we recommend you take this opportunity to optimize the number of policies.
No, mapping of policies is required. In fact, with Next Generation policies, you can choose to combine multiple policies into a single one. e.g. now one policy can have multiple DLP profiles selected.
You should plan to switch to using Next Generation API Data Protection at the earliest possible time as it offers the following benefits:
– Superior end-to-end processing times for out-of-band events.
– Superior policy expression capabilities that allows you to consolidate policies into a more manageable number.
– Netskope offers new applications and improvements in existing application coverage on the Next Generation API Data Protection. Migrating to the Next Generation platform as soon as possible positions you to fully benefit from these enhancements.
For more benefits, see Key Features of Next Generation API Data Protection Platform.
Yes, you can.
No, there will be no loss of security coverage as long as you follow the Netskope-recommended steps described in Migration Step.
Not many, as long as:
– you have created policies in Next Generation and,
– you have deleted the policies in Classic.
Note: There could be a few duplicate incidents/alerts due to a lag in creating Next Generation policy and deleting Classic policies.
Yes, you have to create new quarantine, forensic, and legal hold profiles for the Next Generation policies. However existing DLP profiles can be reused.
No, you cannot migrate Classic policies to the Next Generation automatically.
No, there is currently no method to export and import policies and quarantine, forensic, and legal hold profiles.
Yes, your incident remediator will have the ability to remediate both Classic and Next Generation quarantined files as long as you keep the old app instance configuration enabled. After all the files are remediated, you can then delete the Classic app instance.
Yes, you can still work on the files and restore them as long as you have kept your Classic app instance enabled.
Our benchmark tests have indicated that the process can take a few hours to a few days depending on the number of files and users you have in the application instance. Get in touch with your Netskope sales representative for more details.
No, you do not need a new license to migrate or use the Next Generation API Data Protection platform. You can configure the Next Generation apps for which you already have entitlements in Classic.