Updated on February 8, 2024

RBI Templates

RBI Templates

Admins can configure isolation settings to provide a mechanism to define and apply granular controls to govern the user interaction in isolated web sites for different risk scenarios (e.g. users or categories). These controls are configured defining RBI templates that can be attached to any new or existing RBI policy.

You can view all RBI templates in one place.

Rbi Template List View.jpg

Navigate to Policies > Templates > RBI > click New Template. The Create RBI Template window displays.

  1. Type a template name. RBI template names are only allowed if the RBI template is not attached to any existing RBI policy. Optionally, admins can create a new RBI template from the Real-time Protection policy page and attach it directly to the policy. In an RBI policy you can select “+ Create RBI Template” on the RBI template dropdown menu. Once created, it is available in the list of RBI templates and you can attach it to the RBI policy to limit the interaction of your users while they browse a web page in isolation.

    Important

    When creating policy names, only use alphanumeric characters and symbols such as “_” underscore, “-” dash, and “[ or ]” square brackets. You cannot use the greater than “>” and less than “<” symbols in policy names.

  2. Select Isolation Indicators, persistent and non-persistent indicators that can be stacked to adapt to your requirements. These options notify end users that they are browsing an isolated web page for different risk scenarios.

    Options include:

    • Asterisk Prefix.

    • Colored frame. To learn more: Isolation in an End User’s Browser. NOTE: This feature is currently in Controlled GA. Contact your Sales Representative or Support to enable this feature.

      Select ‘Colored frame’ to customize the isolation indicator. Move your cursor over the color picker or type the hex color code in the ‘Color’ box.

      Preview the color selection, navigate to the RBI template list > select the ellipses > click Preview Isolation Indicator.

      A new tab opens with the custom color. The tab name is labeled as preview and displays the new color. For example, <template name> – RBI Isolation Indicators Preview.

    • The Pop-up message remains visible to the end user until they acknowledge it and click the “X” to close the notification. The warning message displays when either of the two controls are enabled in the RBI template attached to the policy:

      • If the “Pop-up Message” Isolation indicator is enabled.

      • If the “Read-Only user action control is enabled. To learn more: Isolation in an End User’s Browser

        • No indicators – uncheck all options

  3.  Select the user actions for this template. Options include:

    Tip

    There are visual cues to let users know they are in isolation. By default an asterisk displays in the tab name and the feature is uneditable. To learn more: Isolation in an End User’s Browser

    1. Copy from isolated page – allows users to copy text from the isolated web page into their clipboard. This action expands Netskope’s RBI data protection capabilities to limit data leakage in isolation. To learn more: RBI Use Cases

      Note

      If this feature is disabled, users cannot use context menu or shortcuts to copy text.

      2. Paste into isolated page – allows users to paste text from their clipboard into the isolated web page. This action expands Netskope’s RBI data protection capabilities to limit data leakage in isolation. To learn more: RBI Use Cases

      Note

      If this feature is disabled, users cannot use the context menu or shortcuts to paste text.

      3. Printing – allows users to use the print function in the isolated web page.Read Only – select to prevent any text input: paste or keystroke, except navigation controls (arrow, space bar, enter key). The best practice is to use Read-only combined with No File Uploads. Users are notified they are browsing a Read-Only page in isolation and a warning message displays when text input is blocked. This action helps reduce the attack surface for phishing threats. To learn more: Isolation in an End User’s Browser

      Note

      Netskope enables all isolation indicators by default in an RBI template when the Read-Only checkbox is selected/enabled as a User Action Control, reflecting the expected behavior for end users. The Isolation indicators are not editable (grayed out) or disabled if the Read-Only checkbox is selected/enabled.For example, selecting Read-Only automatically disables “Paste.” In addition, selecting Read-Only enables and grays out all Isolation Indicators (Asterisk prefix, Colored Frame, and Pop-up Message).

  4. Select browsing actions for this template. Options include:

    • Pop-up – select to allow pop-ups generated by the isolated web page to display.

    • Private Navigation – select to block the transport and storage of any browsing data (i.e. user cookies) in your users browsers (similar to incognito/private browsing). Unselect/uncheck this action to enable the transport and storage of cookies generated while browsing in isolation. These cookies can only be used in Netskope RBI. There’s a known limitation and suggested best practice for private navigation. To learn more: RBI Best Practices.

      Important

      Netskope RBI does not store any user browsing data in the system. All browsing data is deleted after the isolation session ends.

  5. Click Save.

  6. Click Apply Changes to publish the template. Once a template is published you can select it for use with any new or existing RBI policy.

    Note

    The Real-time Protection policy list page has a column called Action that displays the action, “Isolate” and the name of the RBI template that is applied to the policy.

Share this Doc

RBI Templates

Or copy link

In this topic ...