Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
Release notes for version 75 of Netskope. Affected Products: Netskope Affected Operating Systems: WindowsMaciOSAndroid
Not applicable.
This update of Netskope contains New Features and Enhancements, Fixed Issues, Known Issues, a Security Issue, and New Resource Types Supported in Continuous Security Assessment. For more information, click the appropriate topic. Note: For release notes of other versions of Netskope, reference Netskope Release Notes. New Features and Enhancements CategoryFeatureDetailed Description and BenefitsAPI ProtectionMicrosoft Teams IntegrationWith release 75, Netskope can detect and block DLP violations for messages or attachments that are sent in private channels using Microsoft Teams.API ProtectionMicrosoft Information Protection Integration (MIP)With this feature, users can integrate MIP to set data classification labels using a DLP policy. MIP integration can be set up using the Settings section of the UI, following which, an option to use MIP labels appears in the DLP policy Action step.API ProtectionServiceNow IntegrationNetskope has completed testing and validation for the latest software release of integration ServiceNow, called 'Orlando'.API ProtectionCross-Geo Sharing Detection for Office 365With Microsoft Office 365 Multi-Geo, users can provision and store data at rest in the geo locations of their choosing, to meet data residency requirements. With this release, for O365 multi-geo tenants, users are now able to set a policy on API enable protection, to detect when sensitive content is shared across multiple geo locations.API ProtectionWorkplace by FacebookAdded support to provide compliance coverage for multi-company groups in Workplace by Facebook. Admins can now set a policy to detect DLP violations in posts or attachments in multi-company groups.CASB Inline ProtectionAmazon S3Enhanced the connector by adding new domains in Amazon S3 to support bucket acceleration. Domains: s3-accelerate.amazonaws.com, s3-accelerate.dualstack.amazonaws.com Activities: Upload Platform: CLI DLP: YesCASB Inline ProtectionDropbox for Microsoft Teams IntegrationNew connector Dropbox can be integrated as Cloud Storage in Microsoft Teams. This new connector provides coverage for the activities. Activities: Create, Upload, Download, Move, Copy, Rename, Delete Platform: Browser DLP: Upload, DownloadCASB Inline ProtectionMicrosoft OneDriveEnhanced connector resource in Live OneDrive. This enhancement provides activity detection as 'Share' activity to copy any Sharable file link navigation.CASB Inline ProtectionWebexNew app coverage for: From-user-constraint-profile-enabled, Constraint-profile-and bypass-enabled, File-size-enabled Activities: Log in Successful, Log in Failed, Log in Attempt, Log out, Upload, Download, post, Create, Edit, Delete, Invite, Share Platforms: Browser, Windows Native, iOS Native DLP: NoDirectory ServicesNetskope AdaptersThe Netskope Adapter (NS Adapter) has been tested to ensure compatibility with the current cloud platform. Its version number has been updated to confirm this compatibility. No other changes have been made to the NS Adapter in this release.NG SWG / CASBMute NotificationsThe advanced user notification settings enable admins to configure a mute time for suppressing the notifications after the first notification is presented. This feature can be used by going to policies, under user notification settings. Contact Netskope Support to enable this in your account. For more information, reference How to Get Support for Netskope.NG SWGNRD and NOD Category EnhancementThe NRD and NOD categories have been combined, now shown as NRD. There are no changes that are required to existing policies.NG SWGAdditional steering options for nonstandard web trafficSupport for IPSec / GRE steering methods for web traffic over nonstandard ports.Netskope for IaaSsecurity_assessment API enhancementThe security_assessment API has been enhanced with the following: The API has one additional parameter, compliance_standardThe API response includes compliance standard details for each rule and mutejustification Netskope for IaaSCompliance Standards EnhancementNetskope CSA now supports the following Standards: CIS, PCI, NIST CSF, NIST 800-53, HIPAA/HiTrust, SOC2, ISO 27000, GDPR, CSA CCM, and Netskope Best Practices. Associated with this change, we enhanced the presentation of the results specifying Standard, Section & Control. Each rule can be mapped to multiple standards so there are no duplicate results even when selecting many standards. The Compliance Standards are enhanced with the following: Rules now are tagged with compliance standards. This displays on the rules page in the security assessment policy.Users can now view which compliance standards each rule is associated with.Custom rules can be tagged with compliance standards as well. This is a part of rule editing and creation.On the Compliance Page in Cloud Infrastructure, users can view each rule's or finding's compliance standards.Users can filter by compliance standards.Users can export compliance standards from the Compliance Page. Note: There are no Compliance Standards for reports. Netskope for IaaSCloud Infrastructure compliance report enhancementThe Cloud Infrastructure compliance report has been enhanced with the following: Filters added in compliance report template - Compliance Standard, Section, and Control.Compliance report PDF shows compliance details under each rule.Compliance Report CSV has additional columns - Compliance Standard, section, control, section-control, standard-section-control, and description. Netskope for IaaSCompliance by Profiles Page RemovalWith the Compliance Standard information added to the Compliance by Rules page, admins can use the Profile filter to get the equivalent data as in the Compliance by Profiles page.Netskope for IaaSField Name ChangeThe first column field name for each CSP has changed to reflect CSP-specific terms.SteeringNetskope Client Support for SnapDragon ARM64 platformStarting with Release 75, the Netskope Client supports Windows devices running on ARM64 processors.Web UIImproved UI / UXWe have continued enhancing the user experience and user interaction for the API protection dashboard and this release contains enhancements for Cisco Webex Teams, ServiceNow, and Workplace by Facebook. Fixed Issues CategoryIssue NumberIssue DescriptionAPI Protection96373As part of Release75, a fix is added to avoid processing duplicate notifications from Microsoft that were reported by some customers while doing bulk uploads of files to their OneDrive and SharePoint instances. For this feature to work, admins must regrant their OneDrive instance. Click Settings > API-enabled Protection > SaaS to regrant access. Note: This fix is only available for OneDrive. Data Protection102019DLP rules and profile changes are not applying correctly from the UI.NG SWG / CASB103253With release 75 all reverse proxy components (authproxy, certchecker, saml, authservice, activesync, chainproxy) will no longer support TLSv1.0 and TLSv1.1. All these components have been upgraded to support TLS v1.2.NG SWG / CASB100949New Workday SAML integration supports Windows and Mac with browser and desktop app.NG SWG94835Files are not correctly uploaded when the policy applied is User Alert.NG SWG102902For nonstandard Web traffic, when No SNI is available, the existing error settings can be used to either bypass or block. In prior releases, it was only possible to block.NG SWG79181Users are seeing an "Email Invitation Expired" message during the SAML client enforcement flow when the Netskope client is installed but disabled.Netskope for IaaS96009Duplicate rule names found in the "unique rules".Netskope for IaaS100197Changed the text of the page description for the Cloud Infrastructure page under API-Enabled Protection in settings.Netskope for IaaS104413As a failsafe, if the Describe Regions call fails, then Netskope tries to create the respective resources in a fixed set of regions and proceed with instance creation.Netskope for IaaS102649There is a delay for DLP incidents appearing in the UI.Netskope for IaaS93357Security Center Policy rules are not evaluated properly.Netskope for IaaS93057Grant access for AWS for DLP and Threat Protection is not working properly.Netskope for IaaS105035The AWS migration is referencing an old Netskope account.Netskope for IaaS96009Duplicate rule names found in the 'unique rules'.Private Access104310, NPA-1351Netskope Android App shows the correct config update time.Private AccessNPA-1328NPA added support for EDNS.Private AccessNPA-842NPA is changed to be case insensitive.Steering102966On-Premises detection is triggered every 3-5 minutes.Steering102658Prevent bypassing traffic by being able to rename an app to Netskope's service.Steering98843The Client UI now displays the steering traffic mode as follows: Web mode = All Web TrafficCloud mode = Cloud Apps OnlyFirewall mode = All Traffic Web UI103398While configuring the on-premises detection in the client config UI, the "http" protocol is no longer case sensitive. Known Issues CategoryIssue NumberIssue DescriptionAPI Protection101865Unable to grant access to a Box instance through the UI.CASB Inline Protection104860YouTube in Spanish is not being blocked properly.CASB Inline Protection102995The To_user field is stripping out characters resulting in incorrect policy triggers.CASB Inline Protection102902Non-Standard port Steering not working as expected when using IP in the URL.CASB Inline Protection102756 102685ns.js insertion is not functioning properly with the Eloqua application.CASB Inline Protection102684The Microsoft BI app connector is missing domain information.CASB Inline Protection101664File Upload to Dropbox using the Microsoft Teams app is not detected correctly.CASB Inline Protection101258Share activity is not detected properly on Adobe Creative Cloud and Document Cloud.CASB Inline Protection100863Certain activities are incorrectly detected as uploads to Microsoft Azure.CASB Inline Protection100757SkopeIT events are not populating for a specific user.CASB Inline Protection100286Accepting Outlook calendar invites without any comments from OWA with the Netskope client enabled is not working correctly.CASB Inline Protection98206A user has configured block for upload events for smallpdf.com, however, uploads are successful.CASB Inline Protection97848Unable to see object name in SkopeIT for Dropbox and Google Drive.CASB Inline Protection95956InstanceID is not consistently captured for Google Drive for some users.CASB Inline Protection88890Content classification for the YouTube app is language-specific.Data Protection100446RBAC rules are not working properly with Advanced queries.Discovery102215Upload activity for Google Drive and Gmail is not appearing in Application events for Discovery.IaaS105518The mute filter does not work for reports.NG SWG / CASB103250Reverse proxy domain bypass is not working properly.NG SWG / CASB102363WeTransfer is not transferring files for a specific user when going through Netskope.NG SWG / CASB101342The Microsoft Teams native client is not blocked post authentication for unmanaged devices.NG SWG / CASB94532Inline email notification variables dropdown showing deprecated variable dropdown values in the UI.NG SWG / CASB94226Inconsistencies with the microsoft.com domain exceptions.NG SWG / CASB102320When editing the predefined rule-based policy with App Instance criteria, users see a list of app instances that are based on Real-time Protection. The list is displayed using the internal instance ID. It should display the instance name that is created by the customer.Platform Services102744Certain users are not added to groups correctly.Platform Services100353The Clear All Events functionality is not working properly.Platform Services98874Users / group information is not syncing from OneLogin to the UI.Steering103926The preinstall script for AirWatch is not working properly.Steering102748Intermittently users are unable to access RSAT, Lync, Skype, file share, and so on, from their Windows laptop when the Netskope client is enabled.Web UI104397Unable to download the report for the custom app usage.Web UI104288Update API to fix ccl inconsistency on application events.Web UI102414Unable to add domain name with custom port URLs in the Custom URL list.Web UI100497The Incidents UI is not working properly and displaying errors.Web UI99007The Infrastructure page is stuck on the Retrieving for the Status and Last Status fields. Security Issue CategoryIssue NumberIssue DescriptionSteering102658Fixed a critical security defect by preventing the user the ability to bypass traffic by being able to rename an app to a Netskope's service name. No action required by admins. New Resource Types Supported in Continuous Security Assessment Cloud ProviderEntityAttribute ChangesAzurenoneThe SecurityCenterPolicy entity has the following new attributes: MFAForOwnerMFAForReadMFAForWrite To contact support, reference Dell Data Security International Support Phone Numbers.Go to TechDirect to generate a technical support request online.For additional insights and resources, join the Dell Security Community Forum.