Netskope Help

Configure Box Instance in Netskope UI

To authorize Netskope to access your Box instance:

  1. Log in to the Netskope tenant UI: https://<tenant hostname>.goskope.com and go to Settings > API-enabled Protection > SaaS.

  2. Select the Box icon, and then click Setup Instance.

  3. The Setup Instance window opens. Enter the following details:

    • Instance Name: Enter the name of the Box account.

    • Instance Type: Select the appropriate features from the following options:

      • API Data Protection: Select this option to allow Netskope to scan through your SaaS app instance to list files, user, and other enterprise data.

      • Quarantine: Select this option to quarantine a file if a user uploads a document that has a DLP violation. This moves the file to a quarantine folder for you to review and take appropriate action (allow the file to be uploaded or block the file from being uploaded). For more information to set up quarantine, see Quarantine Profile.

      • Legal Hold: Select this option if you would like to preserve all forms of relevant information when litigation is reasonably anticipated. You can choose to have a copy of the file saved for legal purposes if it matches policy criteria. For more information to set up legal hold, see Legal Hold Profile.

      • Malware: Select this option to detect malware in files, emails, attachments, chat messages, posts etc. For more information to set up malware, see Configure Threat Protection for API Data Protection.

      • Forensic: Select this option to apply a forensic profile that flags policy violations and then stores the file in a forensic folder. For more information to set up forensic, see About Forensics.

    • Admin Email: Enter the Box admin email address. This should be the Box admin or co-admin.

      Note

      The admin email address is case-sensitive. Ensure that the email address matches the case as configured in the Box admin console.

    Important

    If you have a large set of files in your Box account, it is important to note that selecting the API Data Protection checkbox may take longer time to scan the files than expected. If your requirement is specific to quarantine, legal hold, malware, or forensic, select the appropriate options and exclude the API Data Protection check box.

  4. Ensure that you have enabled Box Event Stream and JSON Web Token and select the check box.

  5. Click Save, then click Grant Access for the app instance you just created. You will be prompted to log in with your admin username and password, and then click Authorize. When the configuration results page open, click Grant access to Box.

Refresh your browser and you will see a green check icon next to the instance name. The Box configuration is complete.

Note

API Data Protection gives visibility into all the users' files and folders regardless of the Box admin or co-admin account.