Ga naar hoofdinhoud
  • Snel en eenvoudig bestellen
  • Bestellingen en de verzendstatus bekijken
  • Een lijst met producten maken en openen

Netskope Version 76 Release Notes

Samenvatting: This article contains release notes for version 76 of Netskope.

Dit artikel is van toepassing op Dit artikel is niet van toepassing op Dit artikel is niet gebonden aan een specifiek product. Niet alle productversies worden in dit artikel vermeld.

Symptomen

Release notes for version 76 of Netskope.


Affected Products:

Netskope

Affected Products:

Windows
Mac
iOS
Android


Oorzaak

Not applicable.

Oplossing

This update of Netskope contains New Features and Enhancements, Known Issues, Fixed Issues, and New Resource Types Supported in Continuous Security Assessment. For more information, click the appropriate topic.

Note: For release notes of other versions of Netskope, reference Netskope Release Notes.
Category Feature Detailed Description and Benefits
API Protection Gmail by Google With release 76, there is a change of behavior for the way Netskope handles Gmail by Google.
Netskope does not scan email messages in the trash folder. Netskope continues to scan email messages in the sent folder.
API Protection Microsoft Office 365 Outlook With release 76, Netskope does not scan email messages in deleted items. Netskope continues to scan email messages in sent items.
API Protection Microsoft Teams We have now added Threat Protection capabilities to Microsoft Teams. Any content uploaded by an attachment to Microsoft Teams is automatically scanned for threats.
Admins can enable this capability from the Settings section of the UI.
API Protection New Listings Framework With R76, we enable the new listings framework by default for OneDrive and Box. This means that any new tenants creating an integration with these apps can benefit from a more reliable and performant listings flow.
Apart from the above apps, we can enable the new listings framework for SharePoint, using a feature flag (this is not default).
More apps will follow in future releases.
API Protection Box Customers setting up new Box instances are required to enable Box Event Stream on their Box accounts before setting up API Protection with Netskope.
Without this step, all grant access fails, and the installation does not complete.
CASB Inline Protection Outlook for Business Enhanced the Outlook for Business connector for a relative URI check. This enhancement helps avoid traffic changes.
Activities: Upload, Download, Send, Create, Post, Edit, Delete
Platform: Browser
DLP: Yes
CASB Inline Protection Outlook Live Enhanced the Outlook Live connector for a relative URI check.
Activities: Upload, Download, Send, Create, Post, Edit, Delete
Platform: Browser
DLP: Yes
Data Protection New DLP Image Classification Models New ML-based image classification models for detection of Credit card and SSN card images.
These classifiers allow detection of sensitive information accurately without the need for deep content inspections.
This capability is available for Advanced DLP licenses.
Directory Services Netskope Adapters The Netskope Adapter (NS Adapter) has been tested to ensure compatibility with the current cloud platform. Its version number has been updated to confirm this compatibility.
No other changes have been made to the NS Adapter in this release.
NG SWG / CASB Behavior Analytics Predefined Rules When editing the predefined rule-based policy with App Instance criteria, users see a list of app instances that are based on Real-time Protection.
The list now displays the instance name that is created by the user.
NG SWG CrowdStrike Integration Netskope's current CrowdStrike integration is based on an old API that will soon be retired. CrowdStrike has introduced the new OAuth2 API and Netskope has adopted this API starting in this release.
Instead of using username and password (provided by our users through the UI) to authenticate to CrowdStrike, we use OAuth2 that relies on authentication tokens.
Users with a CrowdStrike integration must configure an API Client ID and an API Client Secret in the UI after Release R76 is deployed.
More information can be found at CrowdStrike: https://www.crowdstrike.com/blog/tech-center/get-access-falcon-apis/ External Link.
and
https://support.netskope.com/hc/en-us/articles/360051560133-Netskope-Service-CrowdStrike-OAuth2-Based-Authentication-Update External Link.
Netskope for IaaS AWS S3 Bucket Size A new metadata "Bucket Size" has been added for S3 buckets. This requires additional permissions to be added to the existing IAM policy attached to the cross account role in the AWS environment.
There are two ways that you can add the required permissions for continuous security assessment:
  • Cross account role cloud formation template (CFT)
    1. Download the new cross account role CFT from the WebUI or REST API.
    2. Update the existing CrossAccountRole stack with the newly downloaded CFT in step 1.
  • Manual Cross Account Role: Add the cloudwatch:GetMetricStatistics permission to the IAM policy of the cross account role.
Netskope for IaaS New Remediation Steps In this release, we added remediation steps for predefined best practice rules for AWS, Azure, and GCP.
Netskope for IaaS S3 Inventory DOM Enhancement In this release, we added an additional S3 bucket access level to eliminate the presence of public objects in private buckets.
Netskope for IaaS Storage Page Size Information We can show the used size on AWS S3Buckets and Azure Storage Account, on UI, Export, and Inventory API.
Netskope for IaaS Azure Load Balancers Enhancement CSA for Azure support extended for Load Balancer.
The following attributes are added for Loadbalancer:
  • backendAddressPools
  • frontendipconfig
  • inboundNatPools
  • inboundNatRules
  • loadBalancingRules
  • outboundRules
  • probes
  • provisioningState
  • public_ip list
Platform Services Improved Security Posture To help provide a better out of the box security posture, the following two features are enabled by default in this release:
  • Preventing the Netskope client to honor DNS responses from the Loopback address. If not enabled, the client can have an undesired effect on steering if someone has a DNS server running on the localhost.
  • Enabling the Enhanced SSL Cert Pinned list
Platform Services OPLP Amazon S3 Bucket Enhancement In this release, we added functionality to support downloading files from a specific subfolder in an AWS bucket.
CLI commands to support it are also provided under the same command hierarchy.
Private Access NPA Android and Chrome Client Support With this release, we have added NPA support on Android and Chrome OS devices.
Private Access Periodic Reauthentication If Periodic reauthentication is enabled and IdP is configured, the Netskope client is prompted to authenticate. If reauthentication does not happen, the NPA tunnel shuts down.
Steering New HTTP Port Support When deployed in CASB mode, the Netskope iOS solution will now also tunnel traffic on port 80.
Steering GRE Tunnel State Enhancements The GRE setup workflow has been simplified in this release to remove the selection of primary or secondary POPs.
This information is provided for reference, and the configuration being created can accept tunnels from the customer peer device to any Netskope POP where GRE is available.
Also, an improved tunnel status page has been created. This shows Keep Alive state in addition to the state of the tunnel. It also allows admins to further use filters to view specific subset of tunnels.
Finally, there are numerous improvements around tunnel stability and health of the overall service.
Steering New Steering Method: Explicit Proxy in the Cloud Netskope is introducing a new method to steer traffic directly from an endpoint to the Netskope Cloud using a PAC (proxy autoconfiguration) file or proxy settings.
Configuration details are available in your admin console, and you have the ability to allowlist known locations for Netskope to trust the traffic from.
Steering Netskope Client Golden Release The current golden release is version 75.0.0.463.
Golden releases undergo extensive test coverage and support backward compatibility up to two previous versions. We recommend that you deploy the golden release of the Client to the endpoints when the autoupdate is disabled.
Access this page for details:
https://support.netskope.com/hc/en-us/articles/360014589894-Download-NetskopeClient-and-Scripts External Link
Category Issue Number Issue Description
API Protection 106393 SharePoint file listing, the site email ID is not appearing for certain external shared files.
CASB Inline Protection 105656 Custom attributes uploaded using Rest API are not updating properly.
CASB Inline Protection 106487 The Office app instance is not matching the policy correctly.
CASB Inline Protection 105827 SVG file detection fails when the file type as 'images' is used as a condition.
CASB Inline Protection 105656 Custom attributes uploaded using Rest API are not updating properly.
CASB Inline Protection 105263 Intermittently, the from_user field does not contain the domain name for Google Drive/Gmail.
CASB Inline Protection 97093 Several Google domains are inaccurately detected as Google Drive.
CASB Inline Protection 94512 Upload activity is not consistently detected for Microsoft Office 365 OneDrive for Business, and the wrong file size displays for uploads greater than 1 GB.
CASB Inline Protection 83741 DLP incident is showing incorrect information for a particular account.
NG SWG / CASB 93218 Forward to proxy integration does not properly work with app instances.
NG SWG 106491 False positive detected as malware for multiple files.
NG SWG 106297 The NSClient IdP provisioning is returning a "503 service unavailable" error.
Platform Services 105875 HTTP GET request on port 80 is not working properly.
Private Access 106873 When the Periodic Re-authentication checkbox is enabled, a message prompts the user to configure an IdP using SAML. The link to do this sends the user the Client SAML page in the UI when it should go to the Forward Proxy SAML page.
Private Access NPA-1521 When a private application is configured for a specific port, only that port is accessible for application. Attempts to access the host on other legitimate ports are dropped at the client.
Private Access NPA-1504 For Chromebook, email logs using Gmail does not work.
Reports 105757 The New Reports show results for some queries only if the timestamp is added to the query.
Reports 103989
104501
Schedule Report shows no data for a particular date.
Reports 98481 For some users, the Application Events report is not properly sent using email.
Steering 102581 Some end-user devices are missing client installation times.
Threat Protection 100472 The Malicious Sites overview widget is not showing data.
Web UI 100855 The Incidents page is timing out for certain accounts.
Web UI 101824 The query for src_longitude and src_latitude is not working properly.
Category Issue Number Issue Description
API Protection 101158 This change addresses of who shows up as the owner of files in SharePoint. If the last modified information is not available from the admin to Netskope using API, the system uses file owner as the owner of the incident.
If Netskope fails to get that information, the system uses granting admin users as the owner of the incident.
API Protection 105723 Microsoft Teams notification timestamp mismatch.
API Protection 105325 Box new file listing lists the shared folder multiple times (once for each collaborator).
API Protection 105309 When trying to create a policy for API-Enabled Protection for Teams, an error is seen when trying to select User or Team options.
API Protection 104808 Box webhook notifications are not correctly received for a particular account.
API Protection 104573 Enabled malware scanning for Microsoft Teams direct messages and group chats files
Data Protection 99032 DLP on OCR images does not work correctly for Google Sheets.
Netskope for IaaS 103838 False positives appear in the Azure Compliance report.
Netskope for IaaS 100447 The Inventory page, Tags filter malfunctions for some tags.
Netskope for IaaS 105002 The IaaS Compliance Raw Findings status shows up correctly in the UI but displays as 'Unknown' in the CSV export.
Netskope for IaaS 103838 There are compliance findings that are being reported for accounts using the CIS compliance baseline that are not reported correctly.
Netskope for IaaS 101202 The Azure cloud infrastructure inventory status is not displaying correctly in the UI.
Netskope for IaaS 106917 Incorrect status showing in the UI for certain accounts.
Netskope for IaaS 106379 Azure Encryption rules show as failing for operating system and data disk even though there is no data disk attached.
Netskope for IaaS 105002 The Compliance Raw Findings status shows up correctly in the web UI but returns "Unknown" in CSV export.
Netskope for IaaS 96176 The Resource Details panel was not displaying the latest attributes due to stale cache.
Private Access NPA-1384 In some Windows environments, NPA activation has been prevented due to file system access errors.
Web UI 104695 Users that would like to link raw HTML links containing spaces or other special characters in Email Notification Templates can do so by wrapping the links in <link> tags. For example, <link>http://example.com/My special link/with spaces?query=value</link>.
Cloud Provider Entity Attribute Changes
Azure Load Balancer none

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Getroffen producten

Netskope
Artikeleigenschappen
Artikelnummer: 000126827
Artikeltype: Solution
Laatst aangepast: 20 dec. 2022
Versie:  13
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.