Netskope Configuration

Some organizations use Netskope, which can interfere with Nomad Media's upload capabilities. To prevent this, the S3 content buckets used by Nomad Media must be added to Netskope's allowlists.

Step 1 — Identify URLs and Domains

Run a query in SkopeIT App Events to find events associated with your S3 bucket. Example query:

(url like 'nomad') and (app eq 'Amazon S3')

Adjust the query as needed for your environment.

Step 2 — Add URLs to a URL List

Note that there are typically two sets of AWS URLs — one with the AWS region in the hostname and one without. If your organization has multiple content buckets, add each bucket's URLs to the list.

Step 3 — Add the URL List to a Custom Category

Create a Custom Category in Netskope and add the URL list to it. You may use any name for the category.

Step 4 — Create a Real-Time Allow Policy

Create a new Real-Time Protection policy with an Allow action for the Custom Category created in Step 3. After creating the policy, make sure to position it correctly in your policy list.

Step 5 — Add to the SSL Decryption Policy

Add the same domains and URLs to a Do Not Decrypt SSL Decryption policy. Follow Steps 1–3 above to build the URL list and category, then create a Do Not Decrypt policy in Netskope's SSL Decryption settings instead of a Real-Time policy.