Docy

App Instance Profile

App Instance Profile

Some cloud applications have multiple instances of an app active at the same time. For example, an enterprise Google Drive instance for an organization versus a personal Google Drive instance.

App Instance profiles allow you to manage these app instances with Real-time Protection policies. You can create an App Instance profile by specifying the instance identifier (ID), instance name, and instance tag.

Instance IDs are used to uniquely identify the tenant or instance of an app. The Netskope analytics engine tracks the instance ID for cloud apps. For examples of various computed instance IDs, see the Netskope Support portal.

In scenarios where an instance ID can’t be captured, they are replaced with a placeholder Instance ID:

  • public-link: This represents publicly shared download links (URLs) from cloud storage apps. These links allow recipients to download files without authentication.
  • unauthenticated: This represents links shared from a collaboration tool or app. These links allow recipients to participate or join into an event without authentication.
  • service account: This represents traffic generated from service accounts. Service Accounts or Service Principals are non user accounts used for app/script based integrations.

You can manually create an App Instance profile from the Policies page, or create an App Instance profile for discovered apps in Skope IT.

Creating an App Instance Profile in Policies

To create an App Instance profile from Policies:

  1. Navigate to Policies > App Instance

  2. Click New Custom App Instance, and then click New App Instance. The Create Custom App Instance window appears.

  3. In the Create Custom App Instance window:

    • Application: Select the application for the app instance.

    • Instance ID: Enter the instance ID for the app instance.

    • Instance Name: Enter a name for the app instance. The name must be unique and should not include spaces.

    • Instance Tag: Select the instance tag for the app instance. You can select Sanctioned, Unsanctioned, or None.

    • Click Save.

Creating an App Instance Profile in Skope IT

To create an App Instance profile from Skope IT:

  1. Navigate to Skope IT > Application Events or Skope IT > Alerts.
  2. From the table, locate the application you want to create an app instance for.
  3. Click the The View icon. icon for that entry. The Application Event Details or Alert Details panel appears.
  4. From the panel, go to the Application section. Click the New App Instance icon next to the Instance Name field. The Create Application Instance window appears.
    Skope-IT-New-App-Instance-Option.png
  5. For App Instance Name, enter a name to distinguish the app instance. The name must be unique and should not include spaces.
  6. Click Save.

Once you create an App Instance profile, you can select it when configuring a Real-time Protection policy. To learn more: Real-time Protection Policies.

Updating the Tag for an App Instance

You can update the tag (Sanctioned or Unsanctioned) for an existing app instance. You can also clear the tag for an instance.

To update an app instance:

  1. Navigate to Policies > App Instance.
  2. In the table, locate the app instance you want to tag or untag.
  3. Click the menu icon to the far right and then choose the action you want to take.

To update multiple app instances at once, select the checkboxes for the instances you want to tag or untag. Click Tag As and then choose the action you want to take.

Share this Doc
In this topic ...