RBI Templates

RBI Templates

Admins can configure isolation settings to provide a mechanism to define and apply granular controls to govern the user interaction in isolated web sites for different risk scenarios (e.g. users or categories). These controls are configured defining RBI templates that can be attached to any new or existing RBI policy.

You can view all RBI templates in one place.

Rbi Template List View.jpg

Navigate to Policies > Templates > RBI > click New Template. The Create RBI Template window displays.

  1. Type a template name. RBI template names are only allowed if the RBI template is not attached to any existing RBI policy. Optionally, admins can create a new RBI template from the Real-time Protection policy page and attach it directly to the policy. In an RBI policy you can select “+ Create RBI Template” on the RBI template dropdown menu. Once created, it is available in the list of RBI templates and you can attach it to the RBI policy to limit the interaction of your users while they browse a web page in isolation.

    Important

    When creating policy names, only use alphanumeric characters and symbols such as “_” underscore, “-” dash, and “[ or ]” square brackets. You cannot use the greater than “>” and less than “<” symbols in policy names.

  2. Select Isolation Indicators, persistent and non-persistent indicators that can be stacked to adapt to your requirements. These options notify end users that they are browsing an isolated web page for different risk scenarios and act as visual cues.

    Options include:

    • Asterisk Prefix. An asterisk (*) displays before the browser tab name.

    • Colored frame. To learn more: Isolation in an End User’s Browser.

      Select ‘Color’ to customize the isolation indicator. Move your cursor over the color picker or type the hex color code in the ‘Color’ box.

      Preview the color selection, navigate to the RBI template list > select the ellipses > click Preview Isolation Indicator.

      A new tab opens with the custom color. The tab name is labeled as preview and displays the new color.

    • The Pop-up message remains visible to the end user until they acknowledge it to close the notification.

        • Border Color – Move your cursor over the color picker or type the hex color code in the ‘Border Color’ box.

        • Position – Use the dropdown to select the pop-up message position. ‘Bottom Right’ is the default selection.

        • Logo – Use the dropdown and select ‘Create New’ to upload a company logo or select from existing options. Logos should be .jpg, .png, etc. format types. The three size options for your logo include: Small, Medium, or Large.

        • Message – Add a custom text message with HTML tags (e.g., hyperlinks like an FAQ link, portal) and predefined variables support (e.g., URL accessed by user, RBI settings disabled)

        • Action Button – type the text the user will click to acknowledge the pop-up message and to close the message window.

  3. Select Isolation Settings (browsing actions) for this template. Visual cues to let users know they are in isolation and include the following options:

    • Copy from isolated page – select to allow users to copy selected text or images from the isolated page to the clipboard. This action expands Netskope RBI’s data protection capabilities to limit data leakage in isolation. Note, if this feature is disabled, users cannot use context menu or shortcuts to copy text. To learn more: RBI Use Cases

    • Paste into isolated page – select to allow users to paste text or images from the clipboard to the isolated page. This action expands Netskope RBI’s data protection capabilities to limit data leakage in isolation. Note, if this feature is disabled, users cannot use context menu or shortcuts to copy text. To learn more: RBI Use Cases

    • File Upload – select to allow file uploads to the isolated page.

    • File Download – select to allow file downloads from the isolated page.

    • Printing – select to allow users to use the print function in the isolated page.

    • Read-Only – select to prevent any text input (paste or keystroke, except navigation controls such as arrows, space bar, enter key). Best practice is to use ‘Read-Only’ combined with the ‘No File Uploads’ option. Users are notified they are browsing a read-only page in isolation and a warning message displays when text input is blocked. This action helps reduce the attack surface for phishing threats. To learn more: Isolation in an End User’s Browser

    • Pop-up – select to allow pop-ups generated by the isolated web page to display.

    • Private Navigation – select to block the transport and storage of any browsing data (i.e. user cookies) in your users browsers (similar to incognito/private browsing). Unselect/uncheck this action to enable the transport and storage of cookies generated while browsing in isolation. These cookies can only be used in Netskope RBI. There’s a known limitation and suggested best practice for private navigation. To learn more: RBI Best Practices.

      Important

      Netskope RBI does not store any user browsing data in the system. All browsing data is deleted after the isolation session ends.

      A warning message displays when either of the two controls are enabled in the RBI template attached to the policy:

      If the ‘Pop up’ isolation indicator is enabled.

      If the ‘Read-Only’ user action control is enabled.

      To learn more: Isolation in an End User’s Browser

      NOTE: Netskope enables all isolation indicators by default in an RBI template. If the ‘Read-Only’ checkbox is selected / enabled as a user action control, the other Isolation Settings are not editable (grayed out) or disabled.

  4. Click Save.

  5. Click Apply Changes to publish the template. Once a template is published you can select it for use with any new or existing RBI policy.

    Note

    The Real-time Protection policy list page has a column called Action that displays the action, “Isolate” and the name of the RBI template that is applied to the policy.

Share this Doc

RBI Templates

Or copy link

In this topic ...