Get Started with Cloud Exchange
These instructions are for the Admin only. This section describes the initial steps for getting started with Netskope Cloud Exchange after installation is complete.
Default User Login
By default, a single user is created with administrative capabilities with these credentials: Username: admin Password: admin
This user will have Administrator level access to the application. This user will have write access, and will be able to create new users as well.
On the first login, you will be required to change these credentials. After that, log in using your new credentials.
 |
Service Status can be viewed on the i icon mouse hover at the top of the login screen. The default color of that icon should be grey. If any of the services are down, the icon will be highlighted with red color.
Enable Modules
Upon successful login, enable the modules you want to use.
 |
Enabled modules appear in the left panel.
 |
Go to the following sections to configure the Cloud Exchange modules you enabled.
Configure the Netskope Tenant Settings for Cloud Exchange
Before configuring the plugins for the modules you just enable, add a tenant in Cloud Exchange. To do this you must create a RESTful API v1 token in your Netskope tenant at settings > tools > rest API. For now, a Netskope RESTful v1 API token must be installed for CE to communicate with Netskope because it is required for uploading filehashes for use in threat prevention and DLP policies. You should also create a RESTful API v2 token in your Netskope tenant at settings > tools > REST API v2. CE will use the v2 endpoints whenever possible when communicating with the Netskope tenant.
When creating an API token for CE to use to communicate with a Netskope tenant, use least privileged access concepts. API v1 token should be rotated on a regular basis. Create and use in the Netskope Tenant configuration on the Cloud Exchange a properly entitled v2 token with the following privileges:
REST API v1Endpoint | Permission | Log Shipper (CLS) | Ticket Orchestrator (CTO) | Threat Exchange (CTE) | User Risk Exchange (URE) | App Risk Exchange (ARE) | Notes |
|---|---|---|---|---|---|---|---|
Token Generated and Not Expired | (all) | x | Required for sharing file hashes |
REST API v2 Netskope Endpoint | Privilege Level | Log Shipper (CLS) | Ticket Orchestrator (CTO) | Threat Exchange (CTE) | User Risk Exchange (URE) | App Risk Exchange (ARE) | Notes |
|---|---|---|---|---|---|---|---|
/api/v2/events/data/alert | Read | o | o | CE 3.0-4.0; phasing out | |||
/api/v2/events/data/application | Read | o | CE 3.0-4.0; phasing out | ||||
/api/v2/events/data/audit /api/v2/events/data/infrastructure | Read Read | o o | CE 3.0-4.0; phasing out CE 3.0-4.0; phasing out | ||||
/api/v2/events/data/network | Read | o | CE 3.0-4.0; phasing out | ||||
/api/v2/events/data/page /api/v2/events/dataexport/events/alert /api/v2/events/dataexport/events/application | Read Read Read | o x x | x | CE 3.0-4.0; phasing out CE 4.0+ CE 4.0+ | |||
/api/v2/events/dataexport/events/audit | Read | x | CE 4.0+ | ||||
/api/v2/events/dataexport/events/connection /api/v2/events/dataexport/events/incident | Read Read | x x | CE 4.0+ CE 4.0+ | ||||
/api/v2/events/dataexport/events/infrastructure | Read | x | CE 4.0+ | ||||
/api/v2/events/dataexport/events/network | Read | x | CE 4.0+ | ||||
/api/v2/events/dataexport/events/page /api/v2/policy/urllist/file | Read Read + Write | x | x | CE 4.0+ CE 3.0+ | |||
/api/v2/policy/urllist | Read + Write | x | CE 3.0+ | ||||
/api/v2/policy/urllist/deploy | Read + Write | x | CE 3.0+ | ||||
/api/v2/incidents/uba/getuci /api/v2/ubadatasvc/user/uci | Read + Write Read + Write | x x | CE 3.0+ CE 3.0+ | ||||
/api/v2/services/cci/app | Read | x | CE 4.0+ | ||||
/api/v2/services/cci/domain /api/v2/services/cci/tags | Read Read | x x | CE 4.0+ CE 4.0+ |
"o" signifies this endpoint is being phased out.
Now that you have your v1 and v2 tokens ready, proceed with the Netskope tenant configuration of your Cloud Exchange instance.
Log in to your Cloud Exchange tenant.
Go to Settings and click Netskope Tenants.
Click Add Tenant.
Enter a name for your Netskope tenant.
Enter your Netskope tenant name. Do not enter the
<tenant_name>.goskope.com, URL. Enter just your tenant. For example, if it'smycompany.goskope.com, just entermycompany. If your tenant haseuin the URL, entertenant_name.eu.Enter your Netskope tenant API token(s) obtained previously.
Select alerts types for filtering alerts from the tenant.
Set the range for ingesting data from Netskope. In this case, set the Initial Range to 7 days to pre-populate Log Shipper.
If you use a proxy, enable the proxy toggle.
Click Save. Your tenant appears on the page.