Amazon WorkSpaces
Amazon WorkSpaces is a desktop virtualization service available for Windows, Linux and other OS that enables administrators to access resources from any device. This document contains the best practices around steering bypasses when deploying the Netskope Endpoint on Amazon WorkSpaces. You can install Netskope Client using the deployment options supported by Netskope.
To learn more, view Amazon WorkSpaces.
Environment
WorkSpace Client Version: 5.1.0.2370
Netskope Client Version: 96.0.0.1009
Operating system:
Windows
macOS
Android
Ubuntu Linux 18.04
Chromebooks
iOS
Configurations In Netskope
Specific configurations in Netskope web UI ensures processes or traffic from either of the applications are not blocked or directed to the Netskope Cloud.
Configure Certificate Pinned Application Exception
To add Amazon WorkSpaces as a Certificate Pinned Application on the Netskope UI:
Note
For Chromebooks, the administrator must add play.googleapis.com as a Domain exception and com.google.android.gsf process as a Certificate-Pinned App exception.
Go to Settings > Security Cloud Platform > Steering Configuration and select a configuration.
On the configuration page, click EXCEPTIONS > NEW EXCEPTION > Certificate Pinned Applications.
In the New Exception window, do the following:
From Certificate Pinned App, select the application. To add a new certificate pinned application in the New Certificate Pinned Application window, do the following:
Application Name: Enter the name of the application.
Platform: Select the operating system where the application is managed.
Definition: Provide the processes and .exe(s) list that you want to bypass. To learn more about the domains to bypass, view IP Addresses and Port Requirements for WorkSpaces.
From Custom App Domains, add the URL to exclude. For example, www.aws.amazon.com.
From Actions, select Bypass for Windows.
Click ADD.
Amazon WorkSpace Workflow with Netskope Client
This section describes the steps to launch WorkSpace and install Netskope Client.
Start Amazon WorkSpaces instance from your AWS account.
After installing AWS WorkSpaces agent on your machine, launch Amazon Workspace and login.
You can install Netskope Client using the deployment options supported by Netskope.
After you install Client, the application traffic must be steered through Netskope gateway.
You can check the device details from your Netskope tenant Devices UI.