Devices

The Devices page focuses on monitoring the Client’s status of all the devices in your tenant. You can export your entire device list to CSV file. To open the Devices page, go to Settings > Security Cloud Platform > Netskope Client > Devices.

To enable or disable the Netskope client, or collect logs from a device, click the checkbox next to the hostname and click Enable or Disable. These buttons remain grayed out until you select a hostname.

Logs can only be collected from individual devices, but you can enable and disable the Netskope Client on multiple devices at one time.

You can use the Search functionality to look for a specific device added in the tenant. To search for a device, enter the username in the search field. The search is not case-sensitive and you can get search results that are Like ~ or Equal = to the text entered in the text box.

The Devices page displays information based on the selected filter.

You can click FILTERS above the Search text box to select the default filter. The filters are either created by you or shared with you. The following are the default filters:

To use custom filters, click +Add Filter and select a filter.  Enter text in the search field to display devices on the Devices webUI.

The following table refers to the filters that you can use to refine your search results:

You can configure system-wide settings using the Client Configuration dialog box.  Click Client Configurations displayed at the top right corner of the Devices page to open Client Configuration. To learn more, view Client Configuration.

The following lists the various components to display the Device information on this page:

Additional Information

To view the details of an individual device, select the hostname or click the ellipsis(…) and select View Details to open the device details page.

After you click View Details, it navigates to another page that displays device, and Client information. To view event history, group membership, or organization unit information, click the appropriate tab.

• Device: Displays various user and device information such as:

  • User: The email address of the enrolled user.

  • Device: Displays the device information such as model and operating system of the selected device.

  • Device Classification: Displays whether the device is managed or  unmanaged.

  • MAC address: Displays MAC addresses of the physical network interfaces that the device currently uses. This list can contain more than one MAC address. Only tenants with Client version 112.0.0 or above can see this option on the webUI.

  • Client Version: The version of the Netskope Client that is associated with the selected device.

  • Unique Device ID: Displays the Unique Device ID associated with the selected device.

  • Serial Number: Displays the serial number of the selected device.

  • Steering Configuration: Displays the Steering Configuration configured for the user. Only tenants with Client version 112.0.0 or above can see this option on the webUI.

  For tenants with Netskope Client version prior to version 112.0.0, Steering Configuration and MAC Address fields display empty fields.

• Services: Displays the Client services available for the selected hostname and the associated status available.

  If Endpoint DLP is enabled, you can pause or resume the service from the detail view. The default pause time is 30 minutes.

  

  

• Event History: Displays various events that are posted by the Client  For example, Tunnel Up, Tunnel Down, Client uninstallation failure, Network Change, and so on. For more details, view Client Status. At the same time, the Event column also displays the reason as to why a specific event occurred for specific events. For example, tunnel down can occur due to the change in traffic mode or user deprovisioned.

  • Tunnel Down Event Details: The following event details are displayed on the webUI whenever the tunnel is down in the following scenarios:

     The following events are applicable across all devices supported by Netskope Client.

    Event	Event Details
    Tunnel Down	Traffic mode changed Interop proxy changed User Deprovisioned On-Prem Status Changed Tunnel Protocol Changed Re-configured User
    Tunnel Down Due to Error	Detected Dead Peer Ping timeout Missing Gateway Configuration Failed Tunnel Establishment Due to Network Error Tunnel Down Due to SSL Error

    

  • Client Upgrade or Uninstallation Failure: To know more about the events displayed in the event of a Client or Uninstallation failure in a Windows device, view Netskope Client for Windows.

• Group Membership: Displays the group information from the DC.

• Organization Unit: Displays the OU that the user belongs to.

Device Count

The total number of devices count is calculated using:

• Device entry count (by Unique Device ID and User)
• Unique device count (by Unique Device ID)

In the following screenshot, for example, the Devices page consists of 22 Device and the User pairing and out of that there are 13 Unique Device ID.

Using another example to elaborate this scenario:

• User A and User B are accessing Device 1.
• User C is accessing Device 2 and Device 3. 

The Devices page displays the total number of devices count as follows: 4 Devices+User Entries (3 Devices). In this example, the Devices page consists of:

• Four entries of Device and User pairing (Device 1and User A, Device 1 and User B, Device 2 and User C, and Device 3 and User C).
• Three Devices(Device 1, Device 2, and Device 3).
• Three Unique Device IDs( One Unique Device ID for devices assigned to Device 1, and two different IDs for Device 2 and Device 3).

Unique Device Identifier

Netskope Client creates Unique Device Identifier at the time of enrollment. Prior to the version 105.0.0, the Unique Device ID was created based on the hostname and few other parameters. As the hostname is no longer maintained unique in the organizations, with 105.0.0, Netskope Client is enhanced to use the hardware parameters such as Windows GUID for creating Unique Device ID.

Previously, whenever there were devices with the same hostname, it shared the same Unique Device ID. From version 105.0.0, different Unique Device IDs are assigned to each device and no two devices share the same ID. With the new Unique Device ID, whenever the administrator tries to query based on the Client Data, the value for nsdeviceuid  in the response returned by the host differs from the value displayed with the old Device ID.

For example, in the following screenshot:

• Only one user(Andy) is tagged to DESKTOP-RPR6OU.
• Two users(Cathy and Bob) are tagged to  Windows10-Desktop.
• Three users(Dan, Ed, and are tagged to Windows11-Image0303.

In this example, devices with the same hostname share the same unique device ID.

The Netskope Client now identifies devices based on the hardware parameters such as GUID and separate entries are displayed for each user and device on the Devices webUI. The devices now display different unique device identifiers even if they share the same hostname. 

With the new approach, Cathy and Bob will have separate entries for their devices with different unique device identifiers on the webUI. Similarly, Dan, Ed, and Frank will have separate entries for their devices with different unique device IDs.

The admin can control the user access to enable or disable the Client. The admin can select one of the following options:

To export the contents in the Device UI to a CSV file, select the hostnames and click Export. The details displayed in the exported file depends on the options that you choose on the Export webUI. When there are multiple users added to a device and you choose Unique Devices in the Type field on the Export webUI, the CSV will only display the total number of users added to that device. To view each username added to a device, choose the option Devices and Users in the Type field.

The following table lists the various Client statuses: Internet Service, Private Apps service, and Endpoint DLP according to their meaning. The status of a Client is:

• Enabled: When any of the services are enabled.

• Disabled: When all services are disabled.

You can also query client status via the  Get Client Data REST API.

Endpoint DLP Status

If Endpoint DLP is enabled, you can click View Details to see Endpoint DLP Service Details.

There are two Endpoint DLP statuses:

• Config Status: The configuration state for the endpoint, which comes from the Client configurations applying to the endpoint. It displays Enabled or Disabled indicating if the endpoint should have Endpoint DLP enabled or not based on the Client configurations.

• Service Status: The reported status of the Endpoint DLP software on the endpoint. This is the same status displayed in the Services table above, which is reported by epdlp.exe (Windows) on the endpoint. You can see one of the following states:

  • Enabled: The service is running, communicating correctly, and working properly.

  • Disabled: The service is not running.

  • Paused: The service is paused by clicking Pause Service. This action lasts for 30 minutes.

  • Device Control Error/Device Control Disabled: The driver for USB Device Control is unable to load correctly. This status might appear for machines that are turned off.

  • System Reboot Required: The endpoint needs a reboot so the USB device control functions properly. This occurs when the system has a non-resettable USB controller and an Endpoint DLP upgrade occurs. The new driver can’t be loaded until the reboot occurs.