Netskope Reviews

We use Cisco Umbrella and plan to replace it with Netskope. We will start with the security model and other policies. 

We use Cisco VPN for remote access. Additionally, we have started implementing Netskope with a strong focus on security. Our primary goal is to protect users from accessing malicious sites. We also plan to implement DLP based on our data, as data security is our main concern.

The solution offers granular control over uploads and downloads. Previously, we lacked monitoring and control over downloads from malicious sites, but now, with Netskope, we can block such downloads. We are currently in the testing phase of implementing DLP, specifically for personally identifiable information data. We don't want it to be uploaded to the cloud. 

I'm currently involved in integrating Netskope with SentinelOne in our organization. The goal is to consolidate our alert monitoring by setting up a virtual machine and establishing threat exchange protocols. This integration allows us to use a single console to monitor alerts from both Netskope and SentinelOne, enabling better correlation of security incidents.

I would like to see the product improved, especially in monitoring and security monitoring. It should be more effective so we can better identify cloud access and understand how users are accessing it. We need better visibility on security and cloud storage access.

The logs in Netskope are good, similar to what I had with CrowdStrike. CrowdStrike provided full log coverage, and we need the same for cloud-based solutions like Netskope. Every action should be logged, but I've noticed some gaps with Netskope.

We faced outages a couple of times. 

I haven't faced any issues with the tool's stability. 

Before moving to Netskope, we used McAfee products. This was before COVID, when our cloud usage was minimal and remote access wasn't as prevalent. We procured McAfee's CASB solution to monitor and manage shadow IT. This allowed us to track and block access to unapproved third-party clouds.

We started the POC in December 2023 and began working on the feasibility of the migration. We have reached around 65% of our implementation, with only 35% remaining.

We have very few resources involved, around five to six people from different teams, like the infrastructure team. I am part of the IT security team and manage the platform. Other teams help with access control, which the central security team takes care of.

We use Varonis to scan files and remove broken access permissions for data at rest. We also utilize Microsoft Purview to label sensitive files on our file server. Once this process is complete, we will block access through Netskope. This is our future vision, though we are currently in the implementation phase.

I'm involved in both implementing and supporting the solution. As part of the operations team, I provide knowledge transfer sessions to team members. When implementing new policies, I discuss with team members how to handle alerts and what actions to take when alerts are triggered.

Access with Cisco Umbrella is very different compared to Netskope. Some sites accessible with Cisco Umbrella are blocked by Netskope. We had to revisit each and every policy again. We exported all the configurations from Cisco Umbrella and had to review everything.

Before implementing, go with the POC and have an extended POC session. Clarify everything during the POC because it becomes very difficult to get them on a call for critical issues after the POC. Make sure all concerns are discussed and resolved before implementation.

I rate the overall product an eight out of ten. 

A feature that was valuable was the built-in website classification or safety ratings. Different websites would be rated according to analyses that the Netskope team had done, and we built policies on some of those scores. If the website scored less than a certain percentage, then we would have a different user experience around how the site would interact with the clients.

It needed some fine-tuning on core business sites that we used, which were sensitive to what we term a man-in-the-middle certificate by design. Some sites were not tolerant because they presented as potentially malicious. So, we just had to make some tweaks so that it would bypass or interpret it.

The features that we would like to see are available but require additional investment. We wanted more of the CASB type feature set, which was at a higher subscription cost, and we didn't have budget for it. We just went with their standard offering, which was the secure web gateway.

We used it for a little over 12 months, and it was deployed on Netskope cloud.

The stability is very good. I can't recall any outages with the product in the time that we used it.

It is easy to scale, and it's fully automated through the Azure AD integration.

The support team we were dealing with were not based onshore, and I don't think we had a premium support model at that time. As a result, we had to wait sometimes to get the outcome that we were looking for. If it was more of an immediate issue that was impacting our customers, we couldn't get support immediately. They would capture the request and then came back to us later on. The speed of their response to the support request could have been better, and I would give technical support a rating of eight out of ten.

Positive

It makes sense for us to have the gateway capabilities of a Netskope product. We retired an internal or on-premises web filter or web proxy called WebMarshal. It wasn't meeting our needs, particularly through lockdown and the increased demands on the web filter from remote users. So, we made the decision to go with a cloud-based SWG.

The initial setup was very straightforward. Our approach was to do the implementation as part of a proof of concept; it was more of a try-before-you-buy situation. Because of that, there was a lot of good support from Netskope directly to actually implement the POC. Once we did that and saw the benefits, the hard work had already been done to make it a production system for us. I would rate the initial setup at five out of five.

Deployment took a couple of weeks, maximum. The environment was set up quickly by the Netskope success manager, and the agent itself was quickly deployed by us through our system center management tool.

Being cloud based, it self- manages and doesn't require specific maintenance.

We had three technical staff and about 1,000 clients working on this solution.

I recall that the price was considerably cheaper than that of Zscaler. It was around 60,000 AUD for 1,000 users per year and included some training and some premier support offerings.
If we wanted to take advantage of the CASB capabilities, then there was an additional subscription fee, for which we didn't have the budget. On price, I would give Netskope a three or four out of five because it's quite expensive, but it offers a lot of value.

We looked at Netskope and Zscaler. Netskope came out on top.

My recommendation would be to definitely to shortlist Netskope CASB and strongly consider it because it was a very positive experience for us, particularly with the support that we got from our onshore partner.

It still deserves to be compared with other products in that sector such as Zscaler; it's probably one of the market leaders. It's definitely worth looking at others, but we were very happy with Netskope CASB, and the team continue to use it today. I would give it an overall rating of nine on a scale from one to ten.

We use the solution to track role-based access control. We have many business-critical applications, particularly task-based applications, on the cloud.

Netskope provides audit trends for all accesses via KSP and the identification of Shadow IT.

Today, buying a server or hosting an application is very easy. Anyone can buy an instance by paying on AWS or Google. Due to this, there are many applications within the organization that IT is not even aware of because someone in business might have bought one without IT's knowledge. The perspectives of these two groups are very different, and that's the issue.

The solution’s cost is not user-friendly. If you buy the full version, it is costly.

I have been using Netskope as a customer for two or three years.

The product is stable.

3500 end users are using this solution.

I rate the solution’s scalability an eight out of ten.

We switched to Netskope since it comes with the Secure Web Gateway package.

The initial setup is simple and takes a couple of weeks to complete. The deployment requires eight people to complete.

I rate the setup a seven on a scale of ten.

We evaluated Forcepoint, Digital Guardian, and Symantec for testing.

Overall, I rate the solution a nine out of ten.

Our primary use case for the solution is data and DLP production. We deploy the solution on cloud via AWS. It is direction-based on the reduction capability, good direction capability, control prevention, data prevention based on the user activities, like upload and download. These things are based on particular user activity. We can control the data through results.

The UB and the Reverse Proxy are valuable.

The Reverse Proxy could be improved as it currently has limitations. I rate the pricing as five out of ten, with one being inexpensive and ten being very expensive. Additionally, the configuration and user behaviour analytics can be improved. For example, it's either completely blocked or unlocked, so there should be conditional consideration, which can be done on their proxy.

We have been using the solution for a year and a half.

The stability is almost 100%. I rate it a nine out of ten.

I rate the scalability an eight out of ten. Approximately 5,000 users are utilizing the solution. 

We have had a good experience with customer service and support. However, I rate them a seven out of ten because they take a long time to escalate tickets. It takes one week to escalate regular incidents while they respond to incidents for follow-ups. It should take a maximum of one to two days, and within 48 hours, everything should be addressed. So even though it is a low-priority issue, they should assist within 48 hours.

Neutral

The initial setup was a bit complex at first, but it got easier. I rate it a ten out of ten. The deployment is a continuous process because people joined and left the organization. So to get the solution to at least 60%, or 70%, it took about two months. Approximately two people are required for deployment.

The solution is affordable, and a licensing fee is charged yearly. Access to customer service and support is included in the licensing charges. I rate the licensing fees an eight out of ten.

I rate the solution an eight out of ten. The solution is good, but the configuration and user analytics can be improved. I recommend the solution to new users because it is a good tool, and the detection capability is very nice and lightweight. Additionally, I recommend they use the solution if it aligns with the requirements.

I use Netskope in my company for data protection and governance.

The most valuable features of the solution are that the support is very good and the dashboards are easy and intuitive to use.

With Netskope in our company, we want to integrate it with the other applications in our system practically. From an improvement perspective, the aforementioned process should be made easier. The solution's implementations can be made much easier because, currently, it is complex in nature.

I have been using Netskope for three years. I use the solution's latest version.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution a nine out of ten.

In our company, we have around 1,00,000 users of the solution.

I rate the technical support a nine out of ten.

Positive

I have worked with other products in the past, but I cannot discuss those products.

The implementation part takes some time due to the complexities involved. In general, our company puts in a lot of effort, especially in coordination, to manage the solution's implementation.

In our company, we did not measure the actual time taken to implement the solution, but the overall time taken to implement the solution was around six months.

The solution is deployed on a public cloud.

I cannot disclose the licensing costs attached to the solution. Netskope is a reasonably priced product, but it is not so expensive because there are other products in the market that are more expensive. I rate the product's price a six on a scale of one to ten, where one is expensive, and ten is low price.

I recommend the product to those who plan to use it.

I rate the overall product a nine out of ten.

Our clients use Netskope because they want to move to a SaaS solution. They're using an increasing number of SaaS applications. An on-premises firewall or URL filter isn't sufficient anymore. Netskope is unique in recognizing different instances of SaaS applications and the activities people can do. They have more control over where their data goes.

The most valuable feature of Netskope is that it is a SaaS-delivered solution. It's somewhere running in the cloud, and there's no limitation in performance like you would have with hardware. You need to change hardware all the time.

However, this platform grows when your company grows, and you have more employees and more traffic. You don't need to think about that anymore. The solution also provides granular control over the SaaS applications that people are using.

It's like moving from URL filtering or a web proxy to a real CASB. Netskope takes it a step further by recognizing if you're logging into your corporate Office 365, a private one, or a competitor's Office 365.

The cloud firewall, which is one of Netskope's latest developments, could be improved further. I would like to see more threat protection in Netskope's Zero Trust Network Access. Functionality-wise, the solution's Zero Trust Network Access is a great replacement for VPNs. However, having more security functions in there would be nice.

I have been working with Netskope for around five years.

I've never encountered an outage with Netskope. Everything was always working because its points of presence were very redundant. If its processes recognize that something in one point of presence might not be running as it should, you get redirected without knowing.

I rate the solution's stability ten out of ten.

Our clients for Netskope are fairly big enterprises and government organizations. Netskope's scalability is perfect, and you don't have to think about it. It doesn't matter if you have 500 employees or 10,000 employees. The solution automatically grows. Their points of presence are overscaled and oversized, so they'll take care of that.

I rate the solution's scalability ten out of ten.

Netskope's technical support is very good, but it's similar to the technical support of most other tools like Palo Alto or Check Point.

Positive

The solution's initial setup is really easy, especially when you roll out the client. Migrating from an explicit proxy to their solution has exactly the same setup. Netskope easily integrates into any solution that you already have.

The solution's deployment time depends on what you want to include. If you need to migrate a very big web proxy configuration, Netskope has excellent professional services that will prepare configurations. So, it's ready to use directly. The slowness is not because of Netskope. It's because you need to have all your employees connected to the network, and this new software needs to be installed.

However, that can all be automated. You can have it running in minutes. Netskope already has a very good basic policy. If you're just doing the inline CASB, you roll out the Netskope Client or setup the explicit proxy and have a basic URL filtering policy that directly works.

If you have a couple of 1,000's employees, then, of course, it will take a while. You do it in bunches. People start up their laptops, install this new software, and it's there. Preparation-wise, it might take a few weeks, but the actual rollout is done as soon as people can run updates on their laptops.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution’s initial setup an nine out of ten.

We have seen a return on investment with Netskope because everything runs in the cloud. You don't need to think of the sizing. The solution's user interface is really simple and easy to manage. You don't need many people, hardware replacements, or shipping things. The tool is very efficient and saves a lot of time.

Netskope is a premium service, and its pricing ranges from medium to expensive. Netskope is in the top range when it comes to pricing. It all depends on the functionalities you require and get the licences for. The combined solution is more cost effective than a combination of other vendors point solutions.

Netskope is a cloud-based solution. All its security functions run in a cloud. You only need to install a client to get the traffic to the cloud, set up an IPsec tunnel, or set up your explicit proxy to get the traffic through the cloud.

You don't need to install anything on-prem except when you use their SD-WAN solution. We're talking about the CASB side. They also have an SD-WAN solution. 

Overall, I rate the solution an eight out of ten.

It's one of the top-ranking solutions in the market, and it's very responsive. We are using Netskope, and Netskope provides a load of features for SQL, STP, and traffic control.

We have blocked all data-sharing websites like Gmail, Google Drive, and Dropbox. We have also blocked them globally in broadband and Capitec. We are ISO certified, so we use a bunch of tools that we use, so that's why we are using a pro product that is number one in Gartner.

If we need to allow a process that is blocked by Netskope, we have to manually check the logs to see why it is blocked. This can be time-consuming and inefficient.

So, I would like to have a feature in Netskope that allows them to manually check the logs without having to open a separate tool.  

I have been using this solution for last two years. 

It's a stable product. However, when I implemented it two years ago, it had a lot of issues for us because all things were blocked users were facing a lot of issues regarding website-related issues, and some developers were also facing some issues. 

But now it's fine. The user process has improved. Some developers are using PowerShell code to get related, and all processes are unblocked. So, we've developed an ID to allow the related process. Now, it's stable.

There are around 2,000 end users using this solution. It is a scalable solution.

The customer service and support are good. They are available on weekends.

We used Symantec before for DLP solution, device control, and proxy solution. All three things were only in Symantec, but Symantec is not a SaaS-based product. If your users come to the premises or over the VPN, that means it works, otherwise, it doesn't work or there is no control. So that's why we moved to NetScope as it's a service product, and the cost associated with it is also less.

The initial setup is very easy. 

We have deployed it on a private cloud. We have a single URL, and we have created a username and password. We have also created a load of policies like a secure web gateway and global talk. We have blocked global talk like Gmail, WhatsApp, and Yahoo. If you use a requirement, we can allow it only.

The licensing cost is good for the features. It's about $35 per user per year.

Overall, I would rate the solution a nine out of ten.

Netskope is an efficient, reliable, and easy-to-manage solution. It goes very granular in blocking some of the features in third-party cloud solutions, like share or download.

Netskope could further onboard new SaaS-based platforms into their CASB solutions. Netskope already has its in-build capabilities, but some might be missing.

From the reverse proxy side, Netskope needs to be more reliable for Microsoft Azure customers. They are still dependent on Microsoft access control from SaaS. It would be good if they could remove this dependency because some customers don't have P1 licenses.

We need Microsoft capabilities to access reverse proxies because it depends on that. Users logging in to their SaaS solution and not using the Netskope agent cannot use this reverse proxy feature. The solution's documentation still needs to be improved.

I have been using Netskope for two years.

I rate Netskope a nine out of ten for stability.

Netskope should improve its customer support in terms of technicality and response time.

The solution’s initial setup is quick and easy.

Netskope is not as expensive as Palo Alto. On a scale from one to ten, where one is expensive, and ten is cheap, I rate the solution's pricing a six out of ten.

We usually sell Netskope because it's a unified platform for SWG, DLP capabilities, and CASB. Netskope is a strong leader in CASB and has integrated other parts like SWG and NPA. Netskope is a cloud-based solution.

Netskope is a very granular product, and you can do a lot of things with it. Microsoft doesn't onboard all the third-party SaaS-based providers. It doesn't have any granularity to build policies.

Netskope is more suitable for small to medium businesses.

Overall, I rate Netskope an eight out of ten.