Skip to main content

Netskope Help

RBI Templates

Admins can configure isolation settings to provide a mechanism to define and apply granular controls to govern the user interaction in isolated web sites for different risk scenarios (e.g. users or categories). These controls are configured defining RBI templates that can be attached to any new or existing RBI policy.

Note

Contact Support to enable this feature in your account.

Navigate to Policies > Templates > RBI > click New Template. The Create RBI Template window displays.

Important

Grayed-out controls represent the cannot be edited (i.e. enabled or disabled). These grayed-out controls represent the configuration set by Netskope for all RBI customers and cannot be edited. Grayed-out restriction will be lifted from these controls once they are made configurable.

RBI_Template.jpg
  1. Type a template name.

    Important

    When creating policy names, only use alphanumeric characters and symbols such as "_" underscore, "-" dash, and "[ or ]" square brackets. You cannot use the greater than ">" and less than "<" symbols in policy names.

  2. Select Isolation Indicators, persistent and non-persistent indicators that can be stacked to adapt to your requirements. These options notify end users that they are browsing an isolated web page for different risk scenarios. Choices include:

    1. Asterisk - tab title prefix

      isolation_indicator_2.png
    2. Colored frame

    3. Toast - warning message

    4. No indicators - uncheck all options

    isolation_indicator.png
  3. Select the user actions for this template. Options include:

    Tip

    There are visual cues to let users know they are in isolation. By default an asterisk displays in the tab name and the feature is uneditable. To learn more: Isolation in an End User's Browser

    1. Copy to clipboard - allows users to copy text from the isolated web page into their clipboard. This action expands Netskope's RBI data protection capabilities to limit data leakage in isolation. To learn more: RBI Use Cases

      Note

      If this feature is disabled, users cannot use contextual menu or shortcuts to copy text.

    2. Paste from clipboard - allows users to paste text from their clipboard into the isolated web page. This action expands Netskope's RBI data protection capabilities to limit data leakage in isolation. To learn more: RBI Use Cases

      Note

      If this feature is disabled, users cannot use the contextual menu or shortcuts to paste text.

    3. Printing - allows users to use the print function in the isolated web page.

    4. Read Only - select to prevent any text input: paste or keystroke, except navigation controls (arrow, space bar, enter key). The best practice is to use Read-only combined with No File Uploads. Users are notified they are browsing a Read-Only page in isolation and a warning message displays when text input is blocked. This action helps reduce the attack surface for phishing threats. To learn more: Isolation in an End User's Browser

      Note

      Selecting Read-Only automatically disables "Paste from clipboard."

  4. Select browsing actions for this template. Options include:

    1. Pop-up - select to allow pop-ups generated by the isolated web page to display.

    2. Private Navigation - select to block the transport and storage of any browsing data (i.e. user cookies) in your users browsers (similar to incognito/private browsing). Unselect/uncheck this action to enable the transport and storage of cookies generated while browsing in isolation. These cookies can only be used in Netskope RBI. There's a known limitation and suggested best practice for private navigation. To learn more: RBI Best Practices and Known Limitations

      Important

      Netskope RBI does not store any user browsing data in the system. All browsing data is deleted after the isolation session ends.

    Private_nav_rbi.png
  5. Click Save.

  6. Click Apply Changes to publish the template. Once a template is published you can select it for use with any new or existing RBI policy.

    Note

    The Real-time Protection policy list page has a column called Action that displays the action, "Isolate" and the name of the RBI template that is applied to the policy.