Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
Release notes for version 73 of Netskope. Affected Products: Netskope Affected Operating Systems: WindowsMaciOSAndroid
Not applicable.
This update of Netskope contains New Features and Enhancements, New Resource Types Supported in Continuous Security Assessment, Fixed Issues, and Known Issues. For more information, click the appropriate topic. Note: For release notes of other versions of Netskope, reference Netskope Release Notes. New Features and Enhancements CategoryFeatureDetailed Description and BenefitsAPI-enabled ProtectionMicrosoft Teams SupportWith this release, Netskope introduces support for API-enabled protection of Microsoft Teams. Supported capabilities include: Inventory scansActivity scans: DLP and malware scans for content in messages and attachments.Auditing logs/Anomaly detection App ConnectorBaiduApp enhancement: added new domains: baidu.com and baidu.cn.App ConnectorBasecampActivities: Log in Successful, Log in Attempt, Log in Failed, Log out, Create, Edit, Delete, Upload, Download, Post, Share, Publish, Invite Platform: Browser DLP: Upload, Download, PostApp ConnectorDropboxApp enhancement for Google Docs and Sheets. Activities: Create, DeleteApp ConnectorGitHubApp enhancement Activities: Create File, Edit File, Invite User Platform: Browser DLP: Create, EditApp ConnectorGoogle DriveApp enhanced to avoid multiple lookups and multiple reset messages.App ConnectorMicrosoft OfficeEnhanced OneDrive For Business connector for IMDB key-value pair update/lookup logic for Edit activity.App ConnectorMicrosoft OfficeEnhanced OneDrive For Business connector for IMDB key-value pair update/lookup logic for Edit activity.App Connectorsmallpdf.comNetskope supports the smallpdf.com connector with file uploads going to Amazon S3 storage. The app name is identified as Amazon S3 in the events based on the host. Activities: Upload Platform: Browser DLP: UploadApp ConnectorWorkshareActivities: Log in Attempt, Log in Failed, Log in Successful, Log out, Upload, Download, Post, Create, Edit, Delete, Invite Platform: Browser DLP: Upload, Download, PostApp ConnectorYahoo MailApp enhanced to extract from_user and instance after log in. In addition, traffic is enhanced due to Yahoo's new web UI update.Directory ServicesNetskope AdaptersThe Netskope Adapter (NS Adapter) has been tested to ensure compatibility with the current cloud platform. Its version number has been updated to confirm this compatibility. No other changes have been made to the NS Adapter in this release.DLPML Classification for Inline DeploymentML classification services for image classification are now available for customers using the inline deployment method. This capability is available for the Advanced DLP licenses. Contact Support to enable this feature in your account.IaaSAWS CSA Policy WizardThe Security Assessment policy wizard no longer provides an option for Region.IaaSInventory API Returns All Possible asset_categoriesPublic cloud inventory REST API supports all possible resource categories. With this change, the old resource_category may not work, and admins must provide resource_category values based on DOM. We also added a resource type filter, which helps to filter inventory data with one or more resource types. All the resource categories that are supported by Netskope are listed in the online help page: https://support.netskope.com/hc/en-us/articles/360014190893-CustomRules-using-Domain-Specific-Language IaaSResults RefreshThe UI now prompts the user to refresh the web page when new Compliance, Inventory, or Overview pages are available.IaaSUpdated Tooltip and Set up Text for the Forensics Checkbox for Azure Instance Set UpAs of R67 release, SaaS/Introspection customers have an option to store forensic data for DLP incidents in Azure Storage Blobs. This requires an Azure subscription to be configured. The new tooltip reads as follows: "Check this box if you would like to use Azure Blob Storage to save DLP incident forensics data."Netskope ProxyBypass Reason for all Bypassed Traffic EventsA new event is added in every bypassed traffic that is called, bypass_reason. This field contains the reason for bypassing that particular traffic.Netskope for WebSupport HTTP/HTTPS Traffic to non-standard PortsNetskope SWG customers can use Netskope Client to steer Web traffic (HTTP/S) on any port. To use the feature, enable the option under the specific steering configuration and define the ports and/or domains to steer the traffic.Traffic SteeringOS Name enhancement for Windows 10 in Device Details pageThe device details pages for Windows 10 devices show the operating system platform name and the build number.Traffic SteeringFPKI Support for iOS DevicesNetskope now supports certificates that are issued in FPKI format to be able to parse user email address and Tenant OU from alternate fields and not just the Subject name.Traffic SteeringNetskope Client Configuration Window to Show Users' Detected LocationThe Netskope Client configuration window now shows the users' location (on premises or remote) if Dynamic Steering functionality is configured. New Resource Types Supported in Continuous Security Assessment Cloud ProviderEntityAttribute ChangesAWSSnapshots is a newly supported entity in the Compute category.Image entity has the following new attribute: NoneNoneUnknownAccountExposureboolean The following attribute is removed from VPC > Endpoints. IdString Fixed Issues CategoryIssue NumberIssue DescriptionAPI-enabled Protection93538Special characters are not handled during Slack grant.API-enabled Protection84962Fixed duplicate DLP alerts when email metadata changes.API-enabled Protection83547Filemeta aggregation bootstrap script is not working for large tenants. Previous to this fix, the API-Protection dashboards could get out of sync with backend systems resulting in inconsistent counters shown on the UI.API-enabled Protection94339Instance inception improvements for resource listings. With this release, we have redesigned the inventory scan workflow for increased performance and resiliency. This will initially be rolled out for Box and OneDrive with other apps to follow.DLP98466PDD rules are not triggering as expected.DLP85005The rule errors out when Auto-dict files are created for columns with no data.IaaS97620Data schema that is optimized for the Compliance > Rules and Compliance > Resources pages.IaaS96795For CSA, Volume snapshots that are owned by the AWS account are listed. Amazon owned snapshots are non-editable and not listed.IaaS87724A Mute Justification text box is now added in the mute popup to record why admins are muting compliance findings.Traffic Steering81384Windows release 73 MSI installer no longer supports the addon.goskope.com command-line parameter. The addon-.goskope.com must be passed in the MSI command-line parameter.Traffic Steering59142Netskope SWG customers can use the Netskope Client to steer Web traffic (HTTP/S) on any port. To use the feature, enable the option under the specific steering configuration and define the ports and/or domains to steer the traffic.Traffic Steering91720The client detects network interface change and reconnects tunnel if needed.Traffic Steering95749The client retransmits SYN packet if it receives CONNECT packets from the proxy before it receives SYN-ACK. This makes the client to proxy connection more resilient.Traffic Steering98112The system can handle the escape character so that it does not close the notification dialog. Known Issues CategoryIssue NumberIssue DescriptionAPI99290Transaction event log errors, showing Errors 500 and 502.API-enabled Protection91204Files are not appearing in the Incidents > Quarantine page, however, the SkopeIT event shows Quarantine.API-enabled Protection72236The Select All functionality for file actions only selects visible entries for set pagination.API-enabled Protection100729Microsoft Teams: Scan of attachments in private channels is not supported.App Connector98790The LinkedIn app follow and unfollow activities are not detected from the main page.App Connector99337Incorrect edit activity for OneDrive.App Connector98546The Yahoo Japan mail Send activity hits a block policy but email is sent successfully on iOS devices.App Connector98462A policy for Dropbox folder creation and deletion is not working as expected.App Connector98266An O365 instance ID is not detected, causing false positives.App Connector98233Instance detection for Gmail is not working as expected.App Connector98206Blocked upload events for smallpdf.com, however, uploads are successful.App Connector98069Activities are not detected for the Microsoft Teams web app.App Connector97212Not all GitHub activities are detected using the Netskope Client.App Connector97188The from_user constraint does not work correctly when using iOS+Box.App Connector96839The instance ID for upload activity when using public shared links is not working correctly.App Connector96774Dropbox policy is not working correctly.App Connector94789The Skillsoft/Skillport app connector is not working correctly.App Connector94625Traffic from the Box Drive app is not working correctly.App Connector94422More domains for Baidu Cloud are needed.App Connector94390The SharePoint app connector, shared credential anomaly is not working correctly.App Connector85708Inconsistency in determining the Box instance ID.Auth Proxy98720Users can access Outlook from unmanaged devices when they should be blocked.Auth Proxy82557Reverse proxy is blocking Android Outlook native apps.Event Forwarder88629The incorrect Dest IP to location mapping is showing in the App events.IaaS98347Custom IaaS report generation using RBAC role access has the following limitations: The advanced query does not support the in operator. For example, queries look like account_id eq ‘215..' and not account_id in [’215..']Users/groups and App Instance are not supported.The report template should have a query filter when rule_status andresource_status filters are applied. For example, rule_status eq 'passed' does not work but rule_status eq 'passed' and appname eq 'aws' works. IaaS100056Documents that are generated by Netskope should reflect actual info. As of Release 73, the PDF version of reports does not have remediation steps for some rules, while CSV versions of reports do have remediation steps for those rules.IaaS97175When a new instance is created and users go to the inventory page, the account name does not appear in the filter. There is a cache which is invalidated after 1 hour. However, the account will appear in the filter after 1 hour.Inline Policies97513Policy sync delay.Inline Policies97376Inline policies are not triggering properly.Inline Policies95503Obfuscation is applied to the inline policy section so admins are unable to select users when creating policies.Netskope Client100448The Netskope client may sometimes experience a lock condition if the port range is too wide.Netskope Proxy98521 98112Data is uploaded when the ESC key is pressed on the block popup.Notification Service94090There is no email notification flag set in policy events.Policies98705 98599New policies are not working with the Melbourne data center.Policies98068There is a delay in the Policy sync.Query Service96660The Blocked Apps home page widget is not showing data for discovered events.Query Service96255The API-enabled Protection dashboard is showing inaccurate data.Query Service91798Unable to create a report widget using a 'line' and summarize by 'group'.Query Service86990When loading Malware Incidents, the dashboard is blank.Real-time Protection97888Inline data packets are not retransmitted by the system when it is dropped in the network.Reports98209Blank PDFs are generated for reports.REST API93257Multiple steering configuration apps are missing.Reverse Proxy98792Users are unable to access Workplace for FaceBook.Reverse Proxy95961The Slack Enterprise setup is failing with JumpCloud SSO and Netskope Reverse Proxy.Risk Insights986824xx status codes are incorrectly interpreted by Netskope as Block events, even when the actual actions that are listed in the logs are Allow or Error.Traffic Steering95749Intermittent internet connectivity issue detected.Web UI97784View Pending Changes for the URL List is blank.Web UI97106The API-enabled Protection Policy hit-counts are not working correctly.Web UI97008When admins make a change for Introspection threat protection (alert to quarantine), no audit log is created showing the change.Web UI96552The SkopeIT > Applications page for role-based user access is incorrectly showing the Anomalies link.Web UI95163Unable to delete a custom app when steering all web traffic.Web UI95142The API-enabled Protection policy hit counter is not updating properly.Web UI95043There is a limitation with domain profile uploads.Web UI94532The template tag, NS_APP_CATEG_APPINSTANCE, is not rendering correctly in email messages.Web UI94338The Policy hit count is not incrementing correctly for multiple accounts.Web UI91176Before release 69, admins could select multiple categories in a policy and use "All Activities" for non-DLP policies. Post release 69, activities must be manually selected and there are only three choices (upload, download, and browse) when using multiple categories.Web UI80288The filter for domain is not displaying any values.Web UI100039Cosmetic Web UI issue for non-standard port feature.Web UI100823Netskope recently added Zoom to the certificate pinned list for Windows. However, for existing steering configs, Zoom is not appearing by default. The workarounds include: Click the application definition for the app, in this case Windows. Then save it again for the Windows platform to be visible in the steering config. or Delete the Zoom app and add it again. To contact support, reference Dell Data Security International Support Phone Numbers.Go to TechDirect to generate a technical support request online.For additional insights and resources, join the Dell Security Community Forum.