Netskope Help

Tunneling Info

NPA includes a number of measures that would prevent a Netskope employee or anyone else from intercepting private application traffic:

  • Certificate Pinning on both the Client and the Publisher

  • Multiple levels of tunneling:

    • Client to Gateway

    • Gateway to Stitcher

    • Publisher to Stitcher

    • Inner tunnel between the Client and Publisher.

  • Additional measures to secure the certificates for all encryption

    • Outer tunnel certificates are stored securely in systems with limited access and Netskope employees are restricted to only performing maintenance. Monitoring and auditing of these systems is enabled with processes in place to protect these systems.

    • The inner tunnel certificates are stored on the publisher themselves in memory so only the customer has access.