Setting Up an Application Instance for Malware Retention
Setting Up an Application Instance for Malware Retention
The Malware Retention page allows you to set up an application instance to store and retrieve malicious files detected by the Threat Protection policy. Netskope only supports uploading malicious files to Azure Blob Storage instances at this time.
To set up an application instance:
-
Go to Settings > Threat Protection > Malware Retention.
-
Click the Instances tab.
-
Click Setup Instance and then Azure Blob Storage.
-
In the Setup Instance – Azure Blob Storage window, enter the Azure Blob Storage instance name.
-
Click Grant Access.
-
Sign in to Microsoft to authorize.
If you successfully authorized the instance, you can see next to the name.
Create and Assign a Custom Role in Azure Portal
Once you have granted access, login to Azure portal, create a custom role, and assign the role to the storage account or container.
-
Log in portal.azure.com as an application administrator or a higher role.
-
Identify the subscription ID where you would like to create a custom role. To do so, navigate to All services > General > Subscriptions. Identify the subscription ID and click it.
-
On the left navigation of the subscription page, click Access Control (IAM). Then, click + Add > Add custom role.
The Create a custom role page opens.
-
Under the Basics tab, enter a name for the custom role. Keep the rest of the fields unchanged.
-
Click Next.
-
Under Permissions, click + Add permissions. The Add permissions page opens. On the search bar, enter the following permissions one after the other:
-
Microsoft.Storage/storageAccounts/blobServices/containers/read
. Click Microsoft Storage.Select Read : Get blob container and click Add.
-
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read
. Click Microsoft Storage.Click the Data Actions radio button and select Read : Read Blob and click Add.
-
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write
. Click Microsoft Storage.
Click the Data Actions radio button and select Write: Write Blob and click Add.Once you have added the 3 permissions, the Permissions tab should look like this:
-
-
Click Review + create. The Review + create tab displays the following information. Review it.
Note down the role name. This will be required when you assign the role to a container. -
Click Create.
You have successfully created the custom role. Next, you should assign the role to a container. -
Navigate to All services > Storage > Storage accounts. Identify the storage account and click it.
-
On the left navigation of the storage account page, click Data storage > Containers. Identify the container to which you would like to assign the custom role. Click it.
-
On the left navigation of the container page, click Access Control (IAM). Then, click + Add > Add role assignment.
The Add role assignment page opens.
-
Search by role name, select the role, and click Next.
-
Under Members, click + Select members.
-
Under Select Members, type Netskope – Malware Retention for Azure Storage. Select the Netskope – Malware Retention for Azure Storage app and click Select.
-
Click Review + assign. The Review + assign tab displays the following information. Review it.
-
Click Review + assign.
The role assignment may take a few minutes. Before you proceed to create a malware retention profile in the Netskope UI, give it a few minutes for the role assignment to take effect.You have successfully assigned the custom role to a container. Next, you must create a malware retention profile. See Creating a Malware Retention Profile.