Docy

Required Network Connectivity for 3rd-Party Plugins

Required Network Connectivity for 3rd-Party Plugins

Log Shipper

  • Netskope Log Shipper 1.0.0
    • https://*.<tenant-domain>
  • Netskope WebTx 1.0.0
    • Connectivity to subscription path
  • ArcSight 1.1.1
    • Connectivity to ArcSight Server
  • AWS S3 1.0.0
    • https://*.s3.amazonaws.com/
  • Azure Cloud Storage 1.0.0
    • Connectivity to Azure Connection String
  • Azure Sentinel 1.0.0
    • https://*.ods.opinsights.azure.com/
  • Chronicle 1.3.1
    • https://malachiteingestion-pa.googleapis.com
  • Elastic 1.1.0
    • Connectivity to Elastic Server Address
  • Google Cloud SCC 1.0.1
    • https://securitycenter.googleapis.com/v1/organizations
    • https://cloudresourcemanager.googleapis.com/v1/projects
  • Google Cloud Storage 1.0.0
    • https://cloud.google.com/storage
  • Microsoft Defender for Cloud Apps 1.1.0
    • https://*/api/v1/discovery/upload_url/
  • LogRhythm 1.1.1
    • Connectivity to LogRhythm Server
  • QRadar 1.1.1
    • Connectivity to QRadar Server
  • Rapid7 1.1.1
    • Connectivity to Rapid7 Server
  • Syslog 1.1.1
    • Connectivity to SIEM Server

Ticket Orchestrator

  • Netskope Ticket Orchestrator (ITSM) 1.0.0
    • https://*.<tenant-domain>
  • Cloud Exchange 1.0.0
    • Connectivity to Netskope Cloud Exchange URL
  • JIRA ITSM 1.0.1
    • Connectivity to Jira Cloud Instance URL
  • Microsoft Teams 1.0.1
    • Connectivity to Webhook URL
  • Notifier 1.0.1
    • Connectivity to respective platform URL
  • ServiceNow 1.0.2
    • Connectivity to ServiceNow Instance URL

Threat Exchange

  • Netskope Threat Exchange 1.0.0
    • https://*.<tenant-domain>
  • Carbon Black 1.0.4
    • https://defense.conferdeploy.net
  • CrowdStrike 1.0.0
    • https://api.crowdstrike.com
    • https://api.eu-1.crowdstrike.com
    • https://api.laggar.gcw.crowdstrike.com
    • https://api.laggar.gcw.crowdstrike.com
  • Cybereason 1.0.1
    • https://integration.cybereason.net:8443
  • Digital Shadows 1.0.1
    • https://api.searchlight.app/
  • GitHub DLP 1.0.0
    • https://api.github.com
  • Microsoft Defender for Cloud Apps 1.0.1
    • https://{url}/api/discovery_block_scripts/
  • Microsoft Defender for Endpoint 1.1.0
    • https://graph.microsoft.com/beta/security/tiIndicators
    • https://graph.microsoft.com/.default
    • https://login.microsoftonline.com/
  • Mimecast 1.0.0
    • https://us-api.mimecast.com/
  • Misp 1.0.0
    • Connectivity to MISP Base URL
  • Proofpoint 1.0.0
    • https://tap-api-v2.proofpoint.com
  • SentinelOne 1.1.0
    • Connectivity to management URL
  • ServiceNow Threat Intelligence Plugin 1.0.0
    • https://*.service-now.com
  • STIX/TAXII 2.0.0
    • Connectivity to Discovery URL
  • ThreatConnect 1.0.0
    • Connectivity to ThreatConnect Base URL
  • ThreatQ 1.0.2
    • Connectivity to ThreatQ URL

Risk Exchange

  • Netskope Risk Exchange 1.0.0
    • https://*.<tenant-domain>
    • Connectivity to SCIM URL
  • CrowdStrike CRE 1.0.0
    • https://api.crowdstrike.com
    • https://api.eu-1.crowdstrike.com
    • https://api.laggar.gcw.crowdstrike.com
    • https://api.laggar.gcw.crowdstrike.com
  • Google BeyondCorp 1.0.0
    • https://cloudidentity.googleapis.com/v1
  • Microsoft Azure AD 1.0.1
    • https://graph.microsoft.com/
  • Mimecast CRE 1.0.0
    • https://us-api.mimecast.com
  • Okta CRE 1.0.0
    • Connectivity to your okta domain
  • Proofpoint 1.0.0
    • Connectivity to Proofpoint URL
  • Security Advisor 1.0.0
    • https://www.securityadvisor.io
Share this Doc
In this topic ...