Article Number: 000125859
Release notes for version 72 of Netskope.
Affected Products:
Netskope
Affected Operating Systems:
Windows
Mac
iOS
Android
Not applicable.
This update of Netskope contains New Features and Enhancements, Fixed Issues, and Known Issues. For more information, click the appropriate topic.
| Category | Feature | Detailed Description and Benefits |
|---|---|---|
| App Connector | Atlassian Bitbucket | New app connector Activities: Create, Post, Upload, Edit, Download, Delete, Invite Platform: Browser DLP: Post, Download, Upload, Edit |
| App Connector | monday.com | New app connector Activities: Create, Post, Upload, Edit, Download, Delete, Invite Platform: Browser DLP: Post, Download, Upload |
| App Connector | Oodrive | New app connector Activities: Create, Upload, Edit, Download, Delete, Invite, Post Platform: Browser DLP: Post, Download, Upload |
| App Connector | SAP Concur | New app connector Activities: Create, Edit, Upload, Download, Delete Platform: Browser DLP: Download, Upload |
| App Connector | Windows Azure | Enhanced app connector Activities: Create, Edit, Start, Stop, Restart Platform: Browser, CLI Supported Services include: Browser Services: virtual networks, load balancers, application gateways, virtual network gateways, local network gateways, virtual machines (classic), virtual machine scale sets, images, image definitions, image versions, shared image galleries, container services, batch accounts, cloud services (classic), disks, snapshots CLI Services: virtual machines, virtual machine scale sets |
| Directory Services | Netskope Adapter | The Netskope Adapter (NS Adapter) has been tested to ensure compatibility with the current cloud platform. Its version number has been updated to confirm this compatibility. No other changes have been made to the NS Adapter in this release. We recommend keeping your installed NS Adapter within three versions of the current release. |
| DLP | Added IBAN Detection for Several Countries | Added support for IBANs for 22 additional countries.
Note: The existing "number/ibands" and "numberibandn" identifiers are unchanged and do not include support for these countries. To identify ALL supported IBANs with a single identifier, use "numbersiban -> iban-int".
|
| IaaS | Enhancements to the Compliance by Raw Findings and Inventory pages | Compliance by Raw Findings pages are updated as follows:
Inventory pages are updated as follows:
|
| Reverse Proxy | Salesforce Support for the Nintex App | Nintex is a third-party app that integrates with Salesforce. We now can detect activities for Nintex inside Salesforce. |
| Traffic Steering | Dynamic Steering based on HTTP | Dynamic Steering has been extended so that in addition to using DNS resolution, customers can now also use HTTP (web servers) to determine if the user is on-premises or off-premises. This enhancement requires using release 72 of the Netskope Client. The Client looks for HTTP response code 200 to indicate if the device is on-premises (and vice-versa). Customers may also change the default timeout based on their networks. |
| Web UI | UI Banner Alerting Users to Regrant to Move to New API Endpoints | We are continuously optimizing our API integrations, and these optimizations require us to integrate with new API methods to take advantage of enhancements introduced by the app vendors. Currently, these include Microsoft Graph and Box Event Stream. For this reason, we want to ensure all users move to the new APIs within 90 days since the availability of the new ones. To facilitate this migration, we show a warning message on the web UI home page (if Introspection is enabled) and on all instance pages for the app requiring regrant. |
| Netskope for Web | Non-standard ports for HTTP/S Traffic | Netskope NG SWG customers can use Netskope Client to steer Web traffic (HTTP/S) on any port. To use the feature, enable the option under specific steering configuration, and then define the ports and domains to steer the traffic. |
| Category | Issue Number | Issue Description |
|---|---|---|
| API-enabled Protection | 94309 | Salesforce hides sensitive data in generated audit events. This is controlled by a feature flag. |
| API-enabled Protection | 93575 | Violation count on the Incidents dashboard and the count on Incident details page does not match for Outlook. |
| API-enabled Protection | 93578 | Number of sub-incidents are generated more than once for Outlook incidents. |
| API-enabled Protection | 90554 | Previously, quarantine profiles can only be applied to the same app in Introspection. For example, a quarantine profile for a Box app can only be assigned for an Introspection policy for Box. With this fix, admins can now use any quarantine profile for any app. |
| App Connector | 91893, 92480 | The instance_id extraction logic has been modified for the entire AWS Lambda connector. However, there are few navigations for the Lambda console where the traffic pattern has changed. The connector was enhanced to accommodate the navigation changes. |
| DLP | 76287 | The country code for South Africa was changed to the official ISO 3166-2 standard of "ZA." |
| IaaS | 94558 | Previously, admins can create ad hoc CSV reports, but can only create PDF reports for scheduled reports. Admins can now select CSV for scheduled reports. Click Edit Schedule and select the "Include CSV as attachment" option. |
| IaaS | 89352 | Fixed a bug where SQLInstances were incorrectly categorized as "Instances" instead of "Database." |
| IaaS | 78848 | Time selection, Tags, Account, and Region filters are now added to the Public Cloud Overview page. These filters are applicable only for the Inventory and Compliance widgets. |
| IaaS | 66261 | New REST APIs are introduced for importing and exporting the custom rulesets. Import is a bulk set of rules with dsl supported language. Each rule carries rule_name, description, remediation, severity, code, and app. |
| IaaS | 87345 | The changes addressed two issues with the Rule Builder:
|
| Inline | 64076 | We now support email and username updates for SCIM. |
| Private Access | NPA-794 | Fixed an issue where an error message, "We encountered a backend error" was displayed when attempting to delete a Private App. |
| Private Access | NPA-794 | Fixed an issue where an error message, "We encountered a backend error" displays when attempting to delete a Publisher. |
| Private Access | NPA-831 | We now support underscores in Private App application names. |
| Reverse Proxy | 95748 | Integration proxy enhancement to support reverse proxy for Adobe Creative Cloud. |
| Category | Issue Number | Issue Description |
|---|---|---|
| API-enabled Protection | 82739 | This fixes a known issue with OneDrive and SharePoint. The fix is for the threshold-based exposure detection, where files that are shared with an AD group would not consider the number of members in the AD group. |
| API-enabled Protection | 94930 | Google Drive Incidents are showing the incorrect file owner information. |
| API-enabled Protection | 92424 | Files in Google Drive are showing as 'Recently Opened'. |
| API-enabled Protection | 85707 | Gmail that is shared with internal users shows as externally shared. |
| App Connector | 95226 | Some users are seeing an unexpected Block Policy for OneDrive for Business. |
| App Connector | 94888 | Cannot load images on Google images when the user is off-premises. |
| App Connector | 94681 | Edit activity for Microsoft Office 365 OneDrive for Business is detected as Microsoft OneDrive. |
| App Connector | 94405 | Attempts to edit a Word or Excel document incorrectly triggers block policy action. |
| App Connector | 93831 | SkopeIT is not showing events for tunneled traffic. |
| App Connector | 92482 | The app instance ID is not properly mapped for OneDrive events. |
| App Connector | 92413 | The Preview activity is not detected for .xlsx and PDF files in Box. |
| App Connector | 82516 | The iOS app delete activity is not detected by Netskope, and events are not recorded in SkopeIT. |
| App Connector | 79499 | The From user/Instance ID is not detected correctly. |
| App Info DB Contents and Tools | 95747 | User Alerts are not available for send activity in Inline policies for the Microsoft Office 365 outlook.com app instance. |
| Database | 93067 | Search query is not working correctly on the Device page. |
| IaaS | 96872 | Instances are not deleting correctly. |
| IaaS | 98472 | Rule to look for encrypted volumes in tenant only shows incomplete results. |
| IaaS | 93625 | When we enable the default PCI CSA profile on their Azure environment, the "Ensure that logging for Azure Keyvault" is Enabled generates false positives. |
| Incidents | 95451 | Incident pages are not updating as expected, the Forward and Back buttons are not displaying current information. |
| Incidents | 95450 | Incident pages are not updating as expected for bulk changes and filters. |
| Netskope Proxy | 78043 | Support for OU/Group level exception configuration for the Netskope Proxy. |
| Provisioner Platform | 97420 | Admin MUST not delete the steering config. Instead, the admin must disable the steering config which the admin does not want to use anymore. |
| Provisioner Platform | 98131 | Notification email messages for API-enabled protection policies are not working correctly. |
| Query Service | 94790 | The URL Lookup feature is pulling the wrong policies. |
| Web UI | 95344 | Inline policy "last edit" column is not updating correctly - setting incorrect date/time. |
| Web UI | 94773 | There is a UI display issue when viewing application data in SkopeIT. |
| Web UI | 74751 | The expiration time for SAML messages is not checked properly by the Web UI. |
| Web UI | 72834 | For Low severity, the UI displays, "Take Action at" but it should display, "Set severity as". |
| Web UI | 61474 | The ServiceNow Instance setup is not displaying correctly. |
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.
Netskope
19 Dec 2022
11
Solution