Skip to main content

Netskope Help

VMware Workspace ONE

As cloud usage extends into mobile access, Netskope helps you manage and govern cloud activity for the mobile workforce. In order to achieve this type of visibility, Netskope created an app that can be deployed to mobile devices. This app allows you to use our robust data loss prevention (DLP) tool and advanced 3rd-party apps (like VMware Workspace ONE) to mobile devices.

Note

VMWare Workspace One ( previously known as AirWatch) is an enterprise MDM solution that manages devices from a single console.

VMware Workspace ONE provides advanced enterprise mobility management capabilities. For many organizations, it is the main channel used to deliver and install VPN configurations to steer managed cloud application traffic to the Netskope cloud. VMware Workspace ONE supports all the major mobile platforms available today (iOS, Android, Windows RT, among others). VMware Workspace ONE can be configured to deliver and install the Netskope app on Mac OS X and Android devices.

Prerequisites and Resources

You need the following before proceeding with the procedures in this guide:

  • Admin permissions to the Netskope tenant UI.

  • Admin permissions to the VMware Workspace ONE console.

  • Complete Certificate Authority and any other Certificate template information. For example, create a Certificate Authority and Template using the SCEP server to issue device certificates.

  • The Netskope Root certificate and Intermediate CA certificate from the Netskope UI on the MDM Distribution page (Settings > Security Cloud Platform > Netskope Client > MDM Distribution). Also, the Create VPN Configuration section on this page shows the current VPN mode configured.

  • Several code strings from the Netskope UI that need to be entered into the VMware Workspace ONE console:

    • The Subject Name values for creating a certificate template in VMware Workspace ONE, which include the Tenant OU (OU) and Organization Name (O) values shown in the Certificate Setup section of the MDM Distribution page. 

    • The Server value for creating VPN profiles in VMware Workspace ONE, which is the VPN Server Name value shown in the Create VPN Configuration section of the MDM Distribution page.

    • The URL String Probe value for creating VPN profiles in VMware Workspace ONE, which is the URLStringProbe value shown in the Create VPN Configuration section of the MDM Distribution page.

    • The Proxy Server Auto Config URL value for creating VPN profiles in VMware Workspace ONE, which is the PAC URL value shown in the Create VPN Configuration section of the MDM Distribution page.

    • The OrgKey value for adding Android Application Configuration settings in VMware Workspace ONE, which is the Organization ID value shown in the Create VPN Configuration section of the MDM Distribution page.

    • To use the Device Classification for Android feature in Netskope, you need to first set up Device Classification for Android and then get the ns_mdm_check value from the Device Classification wizard. Go to Settings > Manage > Device Classification. open an Android Device Classification, and then copy the ns_mdm_check value shown. 

Please contact Support@netskope.com for any questions about the Netskope tenant UI specific configuration settings.