How To Configure The VISO TRUST Netskope Application Risk Exchange (ARE) Plugin
Plugin Installation
First, download the latest release of the viso-netskope.tar.gz (netskope plugin) file located here.
Within Netskope, navigate from the Admin UI to the plugins screen, and follow Settings -> Plugins in the left navbar, there will be a screen with an Add New Plugin button on the right:
Your mileage may vary, but the filter placed on the file selector created by the "Open/Browse" button will filter out .tar.gz files — it's best to drag and drop the viso-netskope.tar.gz file onto the drop point and then click "Upload". Invariably you will see a "Could not load..." error immediately after upload.
This message is spurious. Filter the visible plugins to the ARE-specific subset via the "Category" dropdown, both to remove clutter and cause Netskope to-reevaluate the set of live plugins. If the plugin list has a VISO TRUST entry, we're in good shape.
Click on the plugin to continue configuration:
Configuration
The steps are as follows:
- Enter a unique name for the plugin configuration.
- Enter the VISO TRUST-specific configuration parameters.
- Enter a make-believe filter in order to please Netskope.
We'll skip step one, but be sure to set a unique name for the plugin.
You're going to set the business owner email to the business owner of the relationships we will be syncing from Netskope. For the VISO TRUST API Token, you can follow this guide if you do not already have one: Generate a VISO TRUST API Token
Once you have filled out both fields, click "Next", and an OPTIONS request will be sent to the VISO TRUST API using the given credentials to make sure they're correct.
The final configuration screen is a little confusing. It appears all ARE plugins are required to define at least one mapping.
Whatever you select will have no influence on how the plugin operates — just select the first item from both lists.
Netskope Configuration
To route events to the VISO TRUST plugin, your instance will require a Business Rule, and a Sharing Configuration. Netskope ships with a default business rule which includes all ARE events, though you may refine the set of events which are shared with the plugin.
Finally, a sharing configuration is used to connect an instance of Netskope's Application Risk Exchange plugin (i.e. a tenant relationship) to the VISO TRUST ARE plugin, via a business rule.
The source will be the name you supplied to the Netskope ARE plugin when you connected your tenant, and the destination is the name you supplied for the VISO TRUST ARE plugin configuration. Once this is set up, you can force a sync using the cycle icon on the right hand side of the Sharing screen, on the row corresponding to the relevant sharing config.
