Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Onboard Discovered Enterprise Applications

You must onboard discovered enterprise applications to enforce granular data protection and malware policies on the users who access these discovered applications.

Once you discover enterprise applications, you can onboard only HTTPS, SSH, and RDP applications.

  1. In the Management Console, select Discover > Enterprise App Discovery.
  2. On the Discovered Applications tab, select the domain name of the enterprise application.
  3. Click Onboard to open a basic view of App Management in a new browser tab.
  4. Enter a name that contains:
    • Only alphanumeric characters.
    • Underscores instead of spaces.
  5. (Optional) Enter a Description.
  6. Click Next.
  7. In the Protection Mode section, enable these toggles:
    • App Authentication
    • App Access
  8. Click Next.
  9. In the App Type prompt, select the type of application where you want to enforce security controls.
    Example: If you want to enforce app authentication and app access policies for browser-based remote desktop sessions, select RDP (Remote Desktop Protocol).
    • HTTPS (HTTP Secure): For accessing internal private portals. Example: Internal HR portal.
    • SSH (Secure Shell): For connecting to private applications or servers using SSH sessions in the Secure Cloud Workspace.
    • RDP (Remote Desktop Protocol): For connecting to private applications or servers using RDP sessions in the Secure Cloud Workspace.
  10. Select one of these options based on the type of private application you want to access:
    • Restricted IP Addresses: Enter one or more allowed IP addresses, separating each address with a comma. Click Save.
    • (Optional) Specific Domains: Enter one or more specific domains used with the application, separating each with a comma. Click Save.
    • TCP Ports: Enter one or more TCP port numbers where the application runs, separating each with a comma. Click Save.
    • Home Page URL: Enter the home page URL of the on-premises private application. This URL applies only to the HTTPS app type. Examples:
      • Internal HR portal of an organization.
      • On-premises Jira server.
  11. Add the users who are authorized to access the private app, then click Next.
  12. In the User Access section, click New.

    Note Using this option, you can control displaying the app icon in the Secure Cloud Workspace user portal. This does not restrict application access.

  13. In the Type prompt, select one of these options:
    • User: Select All to allow access to all users, or Selected to allow access by users you specify by their valid email addresses, then click Save. Click Add.
    • User Group: Choose the user groups from the directories listed, then click Save. Click

      Add.

  14. Click Next, and click Save in the summary.
  15. Select Administration > App Management.
  16. Locate the onboarded application and click the Edit icon.
  17. In the Environment section, select the Secure Private Access environment and click Save.
  18. In the Keys section, click Request New Key to encrypt content as part of the App Access protection mode.
    Click Save.
  19. Select Administration > Key Management, locate the cloud application, and click Assign.
  20. Select Create a new key or Choose from existing keys, depending on your preference.
    For a new key, provide the requisite details.