Article Number: 000182983
Release notes for version 82 of Netskope.
Affected Products:
Netskope
Affected Operating Systems:
Windows
Mac
iOS
Android
This update of Netskope contains New Features and Enhancements, New Resource Types Supported in Continuous Security Assessment, Fixed Issues, and Known Issues. For more information, click the appropriate topic.
| Category | Feature | Detailed Description and Benefits |
|---|---|---|
| API Protection | Domain Exclusion in Gmail and Outlook Policy Processing | Administrators can now exclude specific external domains from policy processing. This enhancement is extended to Gmail and Microsoft Office 365 Outlook apps. |
| Data Protection | Improved Predefined Entities | In this release, a change has been made to improve 500+ of the out-of-the-box number-based entities. Examples of such entities include US Passports, US SSNs, IBAN Numbers, and other regional identity numbers. These entities now have a lower false positive rate by ensuring not to detect entities with numbers such as sequence-based numbers (For example, T12345) and repeat numbers (For example, 33 333 3333). These changes improve the overall efficacy of the service. |
| Data Protection | Support for Additional File Types | In this release, several additional file types are supported using the DLP file filter. These file types include executable files such as Blackberry executables and Microsoft Binary log files, several database files such as EndNote files, several word-processing files such as Box Note, and others. With this change, Netskope can support 1500+ file types. |
| Data Protection | Predefined Entities for Additional Countries | In this release, we have introduced new entities for the following additional countries. These entities can be looked up from the entity list when creating or modifying a rule.
|
| Directory Services | Netskope Adapters | The Netskope Adapter (NS Adapter) has been tested to ensure compatibility with the current cloud platform. Its version number has been updated to confirm this compatibility. No other changes have been made to the NS Adapter in this release. |
| Netskope for IaaS | API for Roles to Enable Content Based RBAC | With this release, we now provide REST API support for managing the Custom Admin Roles: Create, Retrieve, Update, and Delete custom roles. |
| Private Access | Selectively Steer Private App Traffic | With this release, administrators can choose privates apps that are steered while on-premises and off-premises. |
| Steering | Option to Control the Client Log Levels | The Netskope Client log level can be configured from the Web UI Client configuration. This feature is not available by default. Contact support to enable it in your account. For more information, reference How to Get Support for Netskope. |
| Steering | Case Insensitive UPN | The Netskope Client and AD Importer now support case-insensitive UPN. Contact support to enable this feature in your account. For more information, reference How to Get Support for Netskope. |
| Steering | Device Classification Enhancement | The Netskope Client checks the device classification certificate in the machine cert store along with the user cert store. |
| Steering | Ability to Bypass Captive Portals in Fail Close Mode | This configuration temporarily disables Fail Close for the specified value when the users are behind a captive portal. Note, macOS is not yet supported. |
| UEBA | Updates to the SkopeIT > Users > Incidents Page | With this release, admins can see a user's User Confidence Index (UCI) and the number of UEBA incidents. |
| UEBA | Sequence Detector Web UI Enhancement | For Proximity alerts, the system mentions both the app name and instance name if an alert is generated by accessing two different apps. |
| Cloud Provider | Entity | Attribute Changes |
|---|---|---|
| AWS | None | IAM Role has the following new attribute: CrossAccountArn: Boolean under AssumeRolePolicy |
| Issue Number | Category | Feature | Issue Description |
|---|---|---|---|
| 116776 | Netskope for IaaS | Azure grant is failing when Threat Protection is added to other services like DLP, Forensics, and Security Assessment | Azure custom role support has been extended for the Threat Protection Feature. In order to successfully grant an Azure instance for Threat protection, the following permissions are required for the app registration at subscription scope:
{
"Name": "custom-tp-role",
"Description": "TP Scan",
"Actions": [
'Microsoft.EventGrid/eventSubscriptions/write',
'Microsoft.Storage/storageAccounts/listkeys/action',
'Microsoft.EventGrid/eventSubscriptions/delete' ],
"DataActions": [
],
"NotDataActions": [
],
"AssignableScopes": [
<customer-subscription-id>
]} |
| 112097 | Platform Services | Malware detected on the GoogleDrive API Dashboard not reflected properly | Malware that is detected on the GoogleDrive API Dashboard shows 72 malware files. However, this number is not reflected on the Incidents > Malware page as it is showing only five malware incidents. |
| 118111 | UEBA | Query Parameters | Some of the query parameters are not available in the Incident filter. |
| 110734 | UEBA | Empty data display | The Data Exfiltration > Suspicious Data Movement > Anomaly > Instance field displays empty data under the download app section. |
| 116551 | UEBA | Instance ID filter | The Instance ID filter is not functioning in the Incidents > Behavior Analytics page after the filter is used once. |
| Issue Number | Category | Feature | Issue Description |
|---|---|---|---|
| 106037 | Steering | Fail close: Command-line parameters not overriding the web UI configuration | The client does not honor the command-line parameter 'fail-close' provided during the installation and always use the settings that are received from the Web UI. |
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.
Netskope
19 Dec 2022
8
How To