Skip to content
English
More support Sign in
EveryCloud
  • There are no suggestions because the search field is empty.

Netskope URL Classification

Options for Netskope NG-SWG URL Classification for uncategorised sites

Classification process below:
 
Classification(categorisation) happens in three ways. Dynamic Classification (which is enabled on your tenant), and standard classification as applied by default to all tenants, and manual re-classification.
 
  1. Dynamic classification looks at the textual contents of a page and dynamically determines the category for the uncategorised URLs. The page classification to a category expires every 12 hours so that if any changes occur to the page, the content is re-evaluated so the chosen category matches the current page content. If you believe that a page has been miscatagoriesed (either dynamically or not) then this can be reported via https://www.netskope.com/url-lookup and usually dealt with within 24hrs. Combined with a security risk block policy this should immediately reduce the annoyance factor of blocking a benign uncategorised site but still provide protection against NRD and malsites.
  2. The standard classification process categorises the vast majority of incoming uncategorised URLs. This is an automated process which checks the URL against partner databases and outputs a verdict on the final category to be assigned. This is where disputed categorisations sometimes come from.
  3. Reclassification requests come from tenants and the web form. Request to review the URLs are processed manually by the Web Content Analysts (WCA) team. When an uncategorised site is sent to the WCA the first process is to review against known threat feeds and other risks. If required they continue to investigate by:
  • Visiting the site to confirm the context.
  • Checking the content / words against the prescribed key words in our Taxonomy Guide
  • Using our Taxonomy Definition as a guide.
A decision is made on classification and the requesting user is informed by email. We do not provide a SLA on this manual service but the majority of requests are processed within 48hrs.
 
Recommendations/ Mitigation Options:
 
  • A strongly recommended step that customers take is to block the Security Risk category, which includes the Uncategorised category. However this may add User and IT overhead.
  • You can reduce inconvenience to users by using Dynamic Classification and by permitting direct user-feedback. If you separate out the web block policy for uncategorised sites and show a custom user alert that includes the link to the URL miss-categorisation service. If the user believes there is no risk they will be able to submit a miscatagorisation to be checked by Netskope. This is a slightly better user experience than a flat block, and adds no additional risk.
  • To allow the category in a safe manner and keep the business moving, Netskope has a new effective option. This is to isolate these risky sites via our Remote Browser Isolation module. The uncategorised site is visited remotely and then streamed as pixels to your browser. This provides a normal browsing experience but prevents downloads and code execution amongst other risky activities. We can spin up a POC for you very easily, we will do this for you and work with you and James to test its effectiveness.