Netskope Help

Client Traffic Exploit Prevention

Netskope Client Traffic Exploit Prevention (CTEP) scans network traffic to find and prevent vulnerability exploits like malicious applications or services that try to affect your network. To prevent intrusion, you can:

  • Alert the administrator or user about the threat.

  • Block malicious traffic packets.

CTEP Policy Placement

Below are general guidelines when creating CTEP policies and customizing the policy order:

  • If you have Real-time Protection policies with Browse activity and Block action, you don't need to configure a CTEP policy with the same criteria.

  • Move CTEP policies to the bottom if:

    • You haven't configured your Real-time Protection policies with Browse activity.

    • You already have a broad CTEP policy.

  • If you have Real-time Protection policies with only Browse activity, replace it with a CTEP policy.

  • If you have Real-time Protection policies with Browse and other activities, Netskope recommends:

    1. Cloning the Real-time Protection policy.

    2. Change the Profile of the clone to CTEP.

    3. Move the cloned policy to before the original policy.

    4. Edit the original policy and remove Browse from the activities.

Configuring CTEP

To configure CTEP:

You can go to Skope IT > Alerts to monitor detected CTEP policy violations.

Note

You must have the CTEP license to use this feature. Contact your Sales representative.