To learn more about Out-of-the-box Integrations and their benefits, please refer to this article.

Requirements

• Netskope Next Gen SWG
• Netskope Next Gen SWG Access
• REST API v2 enabled on your tenant
• REST API token with Read+Write privileges on the /api/v2/policy/urllist, and /api/v2/policy/urllist/deploy endpoints
• Lumu License
• An active Lumu Defender subscription

Configure Netskope Next Gen SWG

1. Log in on the Netskope Next Gen SWG UI

2. Click on the settings option. This will open a new window.

3. Click on the tools option, to select the REST API that we want to use.

Select on tools

Select the REST API v2

4. Create a personal API TOKEN with the necessary scopes. Click on NEW TOKEN. The EXPIRE IN , depends on how long the integration will be used for. 

It is recommended to input the maximum amount of time possible (999 months). Lumu encrypts this information both in transit and at rest to ensure token confidentiality is maintained. This will remove token updating concerns from the integration maintenance process.

5. You will see it like this. Save your API TOKEN in a secure place.

The Tenant Name is taken from the base URL that has the format https://<tenant_name>.goskope.com.

Tenant Name format

Only add the tenant name as instructed. Adding the protocol, or goskope domain will result in an error. 

Add Integration

The “Lumu IOCs” URL list must not be modified by you on your cloud configuration.

1. Log in to your Lumu account through the Lumu Portal and navigate to the available apps screen.

2. Locate the Netskope Next Gen SWG integration in the available apps area and click to add, then click to view details.

3. Familiarize yourself with the integration details available in the app description and click the button below to activate the integration.

4. To activate the integration, click on the activate button, add a Name , and select the Threat Types that you want to push to your Netskope Next Gen SWG cloud. If you would prefer that Lumu activates your cloud with the new configuration, you should keep the option “Automatically apply changes“ selected. Finally, click on the Next button.

5. Fill in the required information, the Tenant Name, and the API Token, this can be created with the policy/urllist and policy/urllist/deploy scopes. Finally, click on the Next button.

Please consult the procedure to obtain the tenant name in the corresponding section of this document. Also, remember to exclude the .goskope.com domain and security protocol as adding them will produce errors. 

Now, Lumu will validate whether the credentials provided are correct.

6. The integration is now created and active. Now, the Lumu Portal will display the details of the created integration:

Lumu will apply configuration changes from your Netskope Next Gen SWG cloud. By default this implies that all changes from your URL lists are going to be applied on your cloud, but it is possible to deselect this option. Be aware that when deselecting this option, you will need to manually apply all changes. For more information, read about URL Lists in the Netskope Documentation.

Once the integration is activated, the Netskope Next Gen SWG URL list will be updated with confirmed compromises found by Lumu within the preceding 3 days.