Netskope Help

Configure Azure Blob Storage for DLP Scanning and Threat Protection

This section describes the steps involved in configuring an Azure Blob Storage for DLP scanning and threat protection.

Note

  • Netskope supports DLP scanning on Azure general-purpose v2 and Blob storage accounts only. To upgrade to a general-purpose v2 storage account, refer the Azure documentation located here.

    Note

    • Netskope now supports DLP scanning on Azure Data Lake Storage Gen 2. Azure Data Lake Storage Gen2 is a set of capabilities dedicated to big data analytics, built on Azure Blob storage. For additional information, refer the Azure documentation located here.

    • Netskope now supports DLP scanning on Snowflake as a service that runs on top of Azure Blob storage. For more information, refer the respective third-party documentation of Snowflake and Azure.

  • IaaS Storage Scan (DLP and Threat Protection) feature does not support quarantine and legal hold functionalities. If you have configured a DLP or Malware quarantine profile with an external storage provider such as OneDrive, the file would be copied to that location. However, the file would not be removed from its original location in the public cloud storage, Azure Blob Storage.

  1. Register Microsoft Event Grid in Azure.

  2. Configure an Azure Active Directory (AD) Application.

  3. Add the Azure Subscription in Netskope API Data Protection.

See the instructions below for more information.