Creating a Cloud App Definition
Creating a Cloud App Definition
When you create a Cloud App Definition and choose From Predefined App, Universal Connector, or Custom Connector, it takes precedence over any predefined apps with the same domain. If you choose Custom Connector, it takes precedence over other App Definitions, including any predefined app connectors with the same domains. For example, if you create a custom connector for the LinkedIn app with all the app domains, all traffic for the app only hits the custom app connector.
Note
Adding a custom app definition to an OU/Group steering configuration adds the custom app definition as managed in the OU/Group steering configuration and unmanaged in the default tenant configuration.
Creating a Cloud App Definition from a Predefined App or Universal Connector
To create a Cloud app definition from a predefined app or universal connector:
- Go to Settings > Security Cloud Platform > App Definition.
- In the Cloud Apps tab, click New App Definition Rule and then Cloud App.
- In the New App Definition: Cloud App or New Cloud App window:
- Application: Enter a name for the app.
- Connector: Choose one of the following:
- From Predefined App: Choose if you are adding a custom URL and want to associate it with an existing application. Choose the predefined application name from the drop-down list. Traffic activity is determined based on the predefined app you select.
- Universal Connector: Choose if you want to associate it with a custom app definition. Traffic activity is determined based on the connector Netskope defines. Only limited activities are supported. Traffic activity with the universal connector is based on Netskope heuristics logic and a best-effort detection option. The universal connector can detect several activities for any cloud app, such as login, login out, form post, upload, download, and login successful.
- Custom Connector: Choose if you want to create a custom app inline connector. You must define the mapping between the traffic and activities. You can click Add App Activity to manually add activities or Import from File to import recorded app activities. If you choose this option, see the Creating a Cloud App Definition from a Custom Connector.
- Domains: Click +Add New Domain and enter the following information. You can add multiple domains.
- Domain: Enter the associated domain for the custom app definition, like example.com. This must be a publicly available domain and URL. Don’t include any internal domains and URLs that aren’t accessible from the Netskope proxy in the cloud.
- Path: Enter the paths for the domain, like
/login, etc. Ensure each path is separated by a comma.
- Click Save.
Creating a Cloud App Definition from a Custom Connector
Note
You must contact Netskope Support to enable this feature for your tenant.
To create a Cloud app definition from a custom connector:
- Go to Settings > Security Cloud Platform > App Definition.
- In the Cloud Apps tab, click New App Definition Rule and then Cloud App.
- In the New App Definition: Cloud App or New Cloud App window:
- Application: Enter a name for the app.
- Connector: Choose Custom Connector. You can create custom app definitions by using Netskope to tailor a custom app inline connector so that different activities you select can be detected and used for policy enforcement. You can choose and create one or many different custom inline connectors. You must define the mapping between the traffic and activities.
- App Activities: You can click Add App Activity to manually add activities or Import from File to import recorded app activities.
- Add App Activity: Enter the following information.
- Domain
- URI path
- URI parameters (key-value pairs)
- HTTP method
- Response code
- Pattern
- Activity
- Import From File: Import a file with the recorded app activities. You can choose to Replace Activity List or Add To Activity List. To import app activities from a file:
- Go to Google Webstore or click Netskope Chrome Extension (Windows 10) to add the extension to your browser.
- Go to chrome://extensions/.
- Enable Developer mode. For security reasons, Chrome only allows extension installation from the Chrome store. Since the Netskope extension isn’t developed for mass consumption but only for admins, it isn’t published to the Chrome store. Therefore, you must be an admin to install Netskope’s extension in developer mode.
- After adding the extension, restart your browser.
- Click the Netskope extension and then Netskope App Activity Recorder.
- Click Start Recording on the browser tab you want to start performing and recording website/app activities. Netskope only records activities from the active tab. You can Pause or Reset your recording anytime.
- After recording some activities, hover over the activity number and select Click to edit requests to view your recorded activities.
- In the Netskope App Activity Recorder window, under the Activity column, choose an action for each activity you want to import into the Netskope UI.
- Click Download to export the activities to a JSON file.
- In the Netskope UI, click Import From File and then Add To Activity List to upload your JSON file. Netskope parses the JSON file and extracts the following information:
- Domain
- URI path
- URI parameters (key-value pairs)
- HTTP method
- Response code
- Pattern
- Activity
- Export Activities: Export the activities to a JSON file.
- Add App Activity: Enter the following information.
- Click Create.
You can view a list of your configured Cloud app definitions on the Cloud Apps page.
