Netskope Help

Integrate Dataplane On-Premises Appliance and Third-party DLP Solutions using ICAP

Netskope's Dataplane On-Premises appliances can integrate with your existing third-party on-premises DLP solutions using ICAP. You can configure ICAP to operate in the following two modes:

  • Using Netskope DLP engine along with third-party on-premises DLP solutions. 

    In this case, the Dataplane On-Premises appliance processes inline traffic and performs a first pass scanning of unstructured content. The appliance pre-filters the document for DLP violations. If a violation is found, the document is sent to the third-party DLP solution for the final verdict. The appliance receives the verdict from the third-party DLP engine and takes an action based on the DLP policy. 

  • Using third-party on-premises DLP solutions only.

    In this case, the Dataplane On-Premises appliance processes and forwards the inline traffic to the third-party on-premises DLP engine for scanning. The third-party DLP engine scans the document for DLP violations and sends the final verdict to the appliance. The appliance then takes an action based on the DLP policy.

After integration, select Send content for external DLP Inspection when creating a policy to use the third-party DLP engine.

ExternalDLP.png
Workflow

The following diagram shows the integration workflow.

DPoP-ICAP-DLP.png
Prerequisites

Before starting the integration, ensure the following:

  • Deploy the appliance in the same network as the third-party DLP engine.

  • Enable ICAP on the third-party DLP engine.

  • Record the request and response URIs that will be used in the Netskope configuration.