Skip to main content

Netskope Help

View IaaS Overview

You can get an overview of your public cloud inventory, compliance and DLP incidents under API-enabled Protection > IaaS > Overview. The page displays the total number of public cloud resources in your IaaS ecosystem, the total number of compliance rules violated, and open DLP incidents.

The filters on top of the page enable you to get granular information based on the time of scan, cloud providers, instance name, region, or tags.

Inventory

The Inventory widget displays the total number of AWS accounts, Azure Subscriptions, and GCP Projects in your public cloud. Additionally, you can view the summary of all your public cloud resources categorized by,

  • Compute

  • VPC

  • Storage - The total number of AWS S3 Buckets, Azure Blob Containers, and GCP Storage Buckets.

  • Databases

  • Security Groups

inventory_iaas.png

You can click View Details to view detailed information about your IaaS resources in the Inventory dashboard. For information on the Inventory dashboard, see View IaaS Inventory.

Billable Resources Scanned

The View Usage button opens the Billable Resources Scanned window which displays the average number of resources that were scanned for security assessment within the selected time period.

You can select a time period or specify a date range using the Time drop-down list.

Depending on the selected time period, the average number of resources are calculated for the total number of hours that the resources are active. The example graph shows the number of days the AWS resources are active over a period of 7 days.

iaas_billable_resources2.png

From the example graph, the average number of resources are calculated as follows:

AWS Resource Category

Total number of hours each resource was active

Average number of resources scanned

AWS-ENG

AWS-SE

AWS-ITOps

Compute

5* 24 = 120

2.75* 24 = 66

3 * 24 = 72

ceil{(120 + 66 + 72)/(7 * 24)} = 2

Storage

6 * 24 = 144

4 * 24 = 96

2 * 24 = 48

ceil{(144 + 96 + 48)/(7 * 24)} = 2

Database

0.5 * 24 = 12

1 * 24 = 24

4 * 24 = 96

ceil{(12 + 24 + 96)/(7 * 24)} = 1

Netskope counts the following resource categories and resources for each service provider as billable resources.

Resource Category

AWS

Azure

GCP

Compute

EC2Instance

VirtualMachine

Instance

Storage

S3Bucket

BlobContainer

Bucket

Database

DynamoDBTable

RDSInstance

RedShiftCluster

SQLDatabase

SQLServer

SqlInstance

BigqueryDataset

For a complete list of supported entities and attributes, see

Export to CSV

You can view detailed information about the scanned resources by clicking Download CSV download_csv.png. The CSV provides information such as from and To scan time in GMT, tenant name, cloud provider, account name, account ID, number of Compute resources, number of Database resources, number of Storage resources, and total number of resources.

Compliance

The Compliance widget displays the total number of compliance rule violations along with the security assessment profiles that contain the compliance rules. The widget also shows the total number of rules and resources with violations. 

compliance_iaas.png

You can customize the data displayed in the widget by clicking the gear icon. The Customize Data dialog box allows you to view the compliance violation by severity, profiles, or policies. The rules violated and resources with violations can be customized by count, resource category, or cloud provider. The Update button updates the Compliance widget with your customization.

compliance_custom_iaas.PNG

You can click View Details to view detailed information about the compliance rule violations in the Compliance page. For information on the Compliance page, see View Security Posture Compliance.

DLP Incidents

The DLP widget displays the total number of DLP incidents as a result of DLP policy violations. The widget shows the DLP policy names, number of objects with incidents, and number of object stores with incidents. 

dlp_iaas.png

You can customize the data displayed in the widget by clicking the gear icon. The Customize Data dialog box allows you to view the DLP incidents by policy, profile, or severity. The objects and object stores with incidents can be customized by count, permissions, or cloud provider. The Update button updates the DLP Incidents widget with your customization.

dlp_custom_iaas.png

You can click View Details to view detailed information about the incidents in the DLP Incidents page. For information on the DLP Incidents page, see About DLP.

For a complete list of supported file categories and file types for DLP, see Supported File Categories and File Types.