Skip to content
English
  • There are no suggestions because the search field is empty.

Blocking Browser Extensions

Microsoft Edge

Purpose

This configuration prevents users from installing Microsoft Edge browser extensions by blocking the network request used during extension installation. This helps reduce security and compliance risks associated with unapproved extensions.

 

Prerequisites

  • Netskope Next-Gen Secure Web Gateway (SWG) licence

  • Traffic must be steered through Netskope (Client or explicit proxy)

 

Configuration Steps

Step 1: Create a URL List for Edge Extension Install Requests

  1. Navigate to Policies > Profiles > URL Lists

  2. Click New URL List

  3. Add a URL pattern that matches Edge extension installation requests, for example:

     
    https://microsoftedge.microsoft.com/addons/getproductdetailsbycrxid/*

    This URL is used by Microsoft Edge when a user clicks Get to install an extension.

  4. Save the URL List

 

Step 2: Create a Custom URL Category

  1. Navigate to Policies > Profiles > Custom Categories

  2. Click New Category

  3. Add the URL List created in Step 1 to this category

  4. Save the Custom Category

 

Step 3: Create a Real-Time Protection Policy

  1. Navigate to Policies > Real-Time Protection

  2. Create a New Policy

  3. Configure the rule to Block traffic matching the Custom URL Category created in Step 2

  4. Apply the policy to the relevant users or groups

  5. Save and enable the policy

 

Step 4 (Optional): Allow Specific Extensions

If specific extensions need to be permitted:

  1. Create a separate URL List containing the exact installation URL for the approved extension

  2. Exclude this URL List from the Custom URL Category or add an allow rule with higher priority

  3. This allows approved extensions while blocking all others

 

Important Notes

  • This approach blocks extension installation at the network layer

  • It does not manage or remove extensions already installed on endpoints

  • For full lifecycle control of browser extensions, endpoint management tools such as Intune, GPO, or other MDM solutions should be used alongside Netskope

 

Reference: https://community.netskope.com/browser-control-149/microsoft-edge-blocking-browser-extensions-option-2-7756?tid=7756&fid=149