Step 3/3: Add the Azure Subscription to the Netskope tenant for CSA
Once you have created an Azure Active Directory application and assigned the relevant permissions/roles, you can now create an Azure app instance in the Netskope UI.
To create an Azure instance:
Log in to the Netskope tenant UI.
Navigate to Settings > API-enabled Protection > IaaS > Microsoft Azure > SETUP.
The New Setup window opens.
In the New Setup window, enter the following parameters:
In the Azure Subscription section, enter the following details:
Azure Subscription Name: Enter a unique name for the Azure subscription.
Admin Email: Enter the email address of the administrator for email notification.
Connection Type: Select Security Posture. Security Posture periodically assesses the configuration of the Azure services to monitor risks in your infrastructure. You have the option to run the policy at intervals (30 minutes, 60 minutes, 2 hours, 6 hours, and 24 hours). On selecting this option, you need to create a security assessment policy.
Note
Netskope recommends setting the interval to 60 minutes or more.
Note
Few of the instance type options may be disabled. Contact your Netskope sales representative for additional information.
In the Cloud Provider Information section, enter the following details:
Directory ID: Enter the directory ID you noted from Get the Application ID and Directory ID section in Step 1/3: Configure an Azure AD Application for CSA.
Application ID: Enter the application ID you noted from Get the Application ID and Directory ID section in Step 1/3: Configure an Azure AD Application for CSA.
Client Key: Enter the authentication key you noted from Get the Authentication Key section in Step 1/3: Configure an Azure AD Application for CSA.
Click Save, then click Grant Access for the Azure instance you just created.
Refresh your browser, and you should see a green check icon next to the instance name. You can proceed to create a security assessment policy.
To learn more: Creating Security Assessment Policies for Netskope Public Cloud Security.
You can view detailed information about all the events and scan results under API-enabled Protection > Compliance > Security Posture. To learn more: View Security Posture Compliance.