What needs improvement with Netskope CASB?

Accuracy could be improved.

I would like to see the product improved, especially in monitoring and security monitoring. It should be more effective so we can better identify cloud access and understand how users are accessing it. We need better visibility on security and cloud storage access. The logs in Netskope are good, similar to what I had with CrowdStrike. CrowdStrike provided full log coverage, and we need the same for cloud-based solutions like Netskope. Every action should be logged, but I've noticed some gaps with Netskope.

The threat protection features must be improved. Other competitors on the market, like McAfee and Fortinet, provide threat protection features across all the modules.

The product's high price is an area of concern where improvements are required. Netskope is a good product. The tool has a whole new list of features that have come out now, but I have not checked them out. The product's reporting capabilities have certain shortcomings, making it an area where improvements are required. The solution's technical support response time is an area that needs to be improved.

Netskope could further onboard new SaaS-based platforms into their CASB solutions. Netskope already has its in-build capabilities, but some might be missing. From the reverse proxy side, Netskope needs to be more reliable for Microsoft Azure customers. They are still dependent on Microsoft access control from SaaS. It would be good if they could remove this dependency because some customers don't have P1 licenses. We need Microsoft capabilities to access reverse proxies because it depends on that. Users logging in to their SaaS solution and not using the Netskope agent cannot use this reverse proxy feature. The solution's documentation still needs to be improved.

With Netskope in our company, we want to integrate it with the other applications in our system practically. From an improvement perspective, the aforementioned process should be made easier. The solution's implementations can be made much easier because, currently, it is complex in nature.

The solution’s cost is not user-friendly. If you buy the full version, it is costly.

If we need to allow a process that is blocked by Netskope, we have to manually check the logs to see why it is blocked. This can be time-consuming and inefficient. So, I would like to have a feature in Netskope that allows them to manually check the logs without having to open a separate tool.

Netskope needs to improve its stability.

Technical support and the user interface could be improved.

The product's integration with VMware Workspace ONE could be improved. Additionally, they could add endpoint security features similar to Trend Micro.

The CSPM model needs to improve.

Netskope could improve the policy integration with more friendly parameters within the DLP (data loss prevention) module of the CASB product. It would make it easier for administrators to use the DLP module, and this improvement would be integrated into Netskope CASB.

The Reverse Proxy could be improved as it currently has limitations. I rate the pricing as five out of ten, with one being inexpensive and ten being very expensive. Additionally, the configuration and user behaviour analytics can be improved. For example, it's either completely blocked or unlocked, so there should be conditional consideration, which can be done on their proxy.

The dashboard performance could be much better and faster, but because it is a complicated product, it takes time for the dashboard to process.

It needed some fine-tuning on core business sites that we used, which were sensitive to what we term a man-in-the-middle certificate by design. Some sites were not tolerant because they presented as potentially malicious. So, we just had to make some tweaks so that it would bypass or interpret it. The features that we would like to see are available but require additional investment. We wanted more of the CASB type feature set, which was at a higher subscription cost, and we didn't have budget for it. We just went with their standard offering, which was the secure web gateway.

Netskope CASB can improve by working more similarly to a VPN technology instead of a proxy. They then could have visibility on the endpoint device. Most clients have some tools where they check the endpoint health or other things, such as the security posture, or if they want to access the resources. For example, if they should have antivirus running, this kind of posture check should be available but it is missing.

Third party integration with other cloud applications could be improved. Sometimes the API won't be working, but Netskope is taking it seriously. They accept all the feature requests, and they are trying to provide whatever we ask from them. What we are consuming right now is almost perfect. This is a cloud-based application, not in-house, so we can't change the interface. But for UI, sometimes we ask them to give us some more visualization and features. For instance, if you are uploading a dictionary and use that dictionary file containing anything from the dictionary blockage protection, we can't see it. Each time we have to upload a new one and override the old one. We can't visualize it, so we have asked them for a feature request and they're working on it. There are many small things regarding feature requests that we are doing day to day, and they are working on it. Some of the features are there, but they are hard to find. The only thing we are looking for now is integration with the MacBook. Even with a MacBook, everything is going well. With a MacBook, the Catalina client is working fine. The new version, which releases monthly, is working fine. The only problem we are facing is with the big server, so they're working on it.

There is no real room for improvement that I can think of. Most of the features meet our requirements. I don't see anything that can be improved now. If something would need improvement I would offer the suggestion and I believe it would be taken care of. Support services could definitely be improved. Support is the one area that can always use improvement. It's an evolving thing, so based on demand and based on market requirement and the way market is moving towards.

There could be better integration with other solutions.

The solution is always evolving and adding new features. However, I can't think of an area where it is specifically lacking per see. I'm a reseller, so anytime we can get the solution cheaper I'm for that. From a pricing perspective, that wouldn't hurt. Their partner piece could be a little bit stronger than what it is right now. The solution is still pretty new to the CASB environment.

There should be some granular custom roles that are not available. However, this is on the road map. There are many devices that do not have the Zero Trust feature and other enhancements available which they should have. In an upcoming release, they need to improve the reverse proxy. There are only a limited amount of applications that support it and are not able to be managed. Additionally, there should be improvements in the policy structure to restrict scrolling up and down.

Setting up policies is something that we having been doing, and if the vendor were to provide example use cases that included different implementation options then it would be very useful for us. They should include a playbook that includes how to create multiple run loops, which would allow us to implement some level of automation.

It should have user behavior analysis and diverse analysis.

From the product perspective, I think they should do much more marketing from their end because it's a Gartner Leader Product. Tech-wise, I don't see any loopholes that I would say need improvement. They could improve their mobile agents as they have some limitations.

They can focus more on ease of admin, ease of use, and ease of migration. Migration should be simple for companies that are using a different platform and would like to move to Netskope. Everyone looks for a simple migration. They can also focus more on cloud services and cloud trends. They have to see the cloud market, and they should try to compete with Zscaler and other players. They should also work on licensing costs.

It's important that they review the NTP connection in relation to emails. Currently, this information is not covered by Netskope in terms of documentation or support. The configuration in the cloud model could be improved upon.

The initial setup is complex and should be simplified.

I think the customer support could be improved. I think they're improving but it's not that great yet. I'd like to see more integration included in the solution, maybe like a host-based firewall.

When we first deployed the solution we encountered some minor compatibility issues with another proxy polar, Bitscaler. It would play up and sometimes we'd get a blue screen. It was rare and the only issue we encountered with Netskope. I would really like to see an improvement in compatibility with other platforms as it relates to issues as mentioned above. It would help to get rid of minor bugs and glitches.

Better debugging tools to identify operational concerns, e.g., "Netskope is slow", and the only way to prove it's not is to disable it — no data on time taken for different hops.

I would like to have an identity theft protection function.