Fixed Issues In Release 117.0.0

Fixed Issues In Release 117.0.0

Here is the list of fixed issues in this release.

Issue NumberCategoryDescription
463284Behavior AnalyticsCustom UBA policies are triggered for scan type Real-time protection when access method is CASB API (Next Gen).
473238CASB Real-time ProtectionFixed an issue where (Perplexity AI) DLP policies were not working as the entered data went in websocket encrypted way.
451366CASB Real-time ProtectionFixed a delay in receiving chat box teams messages for unmanaged users logged in through Reverse Proxy.
430612CASB Real-time ProtectionInstance Id information is now consistent between Policy Event and Justification Event. Instance Id is added to Justification Event only if it is present in the Policy Event.
457037Classic API Data ProtectionFixed an issue where a retroactive scan for Box did not scan all the files under a folder. This issue was observed in Box when user A created a folder X and shared it with user B. User B created a file Y under folder X. Retroactive scan did not scan file Y. With this fix, file Y will now get scanned.
427344Data ProtectionFixed an issue where an incident is generated when not expected. This was happening when DLP profile used advanced conditions with two DLP rules in conjunction and only one of the rules matched at a threshold below which an action is taken.
465312Endpoint DLP (EPDLP)Fixed an issue where EPDLP fails to start if logging intialization is incorrect. The symptoms included:

  1. The “Netskope DLP Service” Windows service will not start.

  2. A system event could be created with the Event ID = 7000 and description “The Netskope DLP Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.”

461767Endpoint DLP (EPDLP)Fixed a bug that caused some Windows machines upgraded from older NSClient versions (R111 or previous) failed to start the “Netskope DLP Service” following the upgrade to R114 or newer versions.
4078Netskope Secure Web Gateway (NG SWG)Fixed an issue where SkopeIT filters for “instance_tag” were not working.
449668Netskope Secure Web Gateway (NG SWG)Fixed an issue by introducing a new tenant feature flag that sends error html page to client for any DNS failure in NS Proxy.
320186Netskope Secure Web Gateway (NG SWG)If two requests to the same destination are evaluated as RBI and non-RBI due to dynamic classification, policy change etc., the second request is not evaluated properly and follows the first request evaluation. This is fixed by tearing down the old connection and creating a new connection based on the evaluation.
436585Netskope Secure Web Gateway (NG SWG)Fixed an issue in multipart uploads where the last part request is also the commit request, and when the file size exceeds the maximum limit supported the DLP/Threat scan is skipped and file size policy is applied.
467617Netskope Secure Web Gateway (NG SWG)This fix ensures that the app encryption flag is enabled properly, for custom apps created from predefined apps.
457782Netskope Secure Web Gateway (NG SWG)This fix ensures, the app sessions for the main page and background request are same, so that the webpage loads properly. These changes are protected by a feature flag with the default value, false.
447465Netskope Secure Web Gateway (NG SWG)Fixed an issue where content-length was set with incorrect value when connect-close header was present.
22781Remote Browser Isolation (RBI)Fixed a high memory consumption issue when texts were shown inside a tooltip or status bar. Google images and some webpages consumed significant amount of memory, leading to users seeing “high resource consumption” warnings with a small amount of isolated tabs. With this fix, all tabs are back to regular memory consumption.
3566SaaS Security Posture Management (SSPM)Fixed errors listing SharePoint sites, when your SSPM environment has more than 40,000 SharePoint sites. As a part of the fix, listing will now be done once in 24 hours only.
443415SkopeITFixed the logic for duplicate App Instance validation during App Instance creation.
461851Traffic SteeringFixed an issue by reducing tunnel flapping during network change or sleep/wake condition.
463329Traffic SteeringFixed an issue where tunnelling through proxy was not working when GSLB was enabled.
454765Traffic SteeringFixed an issue with the traffic bypassing for a few proprietary TCP connection. Basically, the bypassing socket is closed before all the data packets are sent that leads to data loss. To fix this issue, added logic to ensure that all bypassing data packets are sent out before the bypassing socket is shutdown.
453051Traffic SteeringFixed an issue where the Netskope Client service received a SIGTERM signal that caused the tunnel to reconnect.
465363Traffic SteeringFixed an Android ANR (crash) issue that occurred when it took more than five seconds for tunnel to reconnect after network switch.
451987Traffic SteeringThe Netskope Client consistently checks for alternative steering methods before initiating a tunnel connection. In the event of a network switch, the tunnel connection is restarted to enable the detection of other steering methods.
However, if the connection manager thread breaks amidst the network switch timeout, it leads to simultaneous activation of both the alternative steering method detection and the tunnel connection. Consequently, the Client tunnel remains active alongside the alternative steering method. This issue is now fixed by updating the Client to disconnect all active tunnels upon detection of an alternative steering method.
470539Traffic SteeringFixed an issue where the flag that was used to eliminate the occurrences of the launch a new auto-upgrade, while another auto-upgrade launch is in progress, was not getting reset, this issue was specific to macOS.
457109Traffic SteeringFixed an issue where the users are unable to run outer packet captures on Netskope Client unless they disabled “Protect Client configuration and resources” in Tamperproof settings.
If Protect Client configuration and resources is enabled on Windows:

  1. The “Save Driver Logs” and “Outer Packet Capture” buttons in the Netskope Client UI is greyed out.

  2. Using “nsDiag.exe -d start -o <output driver log file path>” command to capture driver log, “nsDiag -d stop” is used to stop capturing.

  3. Using “nsDiag.exe -p start -o <output outer packet file path>” command to capture outer packet, “nsDiag -p stop” is used to stop capturing.

  4. Both commands require Admin privilege due to security concern. 

  5. Both commands do not support output wide characters file path for now.

Neither the driver log nor the outer packet file is collected in the local or remote log bundle. If self-protection is disabled, the default files location are in %ProgramData% directory. There are no changes on other platforms.
455776Tunnel SteeringIn GRE Gateway there was a change in behaviour for version 116.0.0, wherein all the tunnels for QOS tenants will go down if QOS service goes down, but with this fix in 117.0.0, we are defaulting back to the original behaviour where if health of QOS service goes down only the tunnels linked to QOS for respective tenant’s will go down.
Share this Doc

Fixed Issues In Release 117.0.0

Or copy link

In this topic ...