Fixed Issues In Release 99.0.0

Fixed Issues In Release 99.0.0

Here is the list of fixed issues in this release.

Issue NumberCategoryDescription
206571API Data ProtectionFixed an issue where the exposure type of some files was incorrect. This was due to an incorrect exposure calculation of a user in Microsoft Teams. Netskope miscalculated the users that were part of a sub-domain as ‘external’.
207523API Data ProtectionFixed an issue where Netskope API Data Protection failed to create a quarantine folder for OneDrive. This issue was observed when the primary email value was different from User Principal Name (UPN).
194809API Data ProtectionFixed an issue in Microsoft Office 365 Teams ongoing flow where incorrect cache locking logic adversely impacted end-to-end notification processing time.
199565API Data ProtectionFixed an issue where Netskope made a large number of webhook subscription refresh calls in a short period of time for Outlook resulting in a rate limit. The webhook subscription refresh API calls are now spread over a 4 hour window.
202147API Data ProtectionNetskope fixed an issue where All External Domains Except type policy was failing in SharePoint. The issue was caused due to the miscalculation of the domains a file shares.
210156API Data ProtectionFixed an issue where restoring the quarantined file was failing for Google Drive due to an auto mimeType conversion from application/msdosxprogram to Google native files (Google Sheets, Google Docs).
210322API Data ProtectionFixed an issue in retroactive scan for OneDrive on Active Directory groups having email ID with uppercase characters.
209438Behavior AnalyticsFixed an issue where UCI score was not updated in some cases for UBA alerts.
193149CASB Real-time ProtectionFixed an issue by implementing “from_user validation”. If the validation fails then the “from_user” value is incorrect and the data is dumped in logs for further analysis.
208421CASB Real-time ProtectionUpdated the connector to fix an issue where due to the filetype, nspolicy_lookup was not applied properly.
196739CASB Real-time ProtectionAdded Webex Meeting to the Netskope Cert-pinned application list.
183973,161173CASB Real-time ProtectionWith this fix, the start and end times for time based policies are shown in the end user’s local time zone, providing a clearer understanding of when the policy will be activated and deactivated.
157862CASB Real-time ProtectionFixed an issue where file uploads from cloud location was not detected. The fix provided Attach activity support for file uploads through the cloud.
209631CASB Real-time ProtectionFixed an activity detection issue in Gmail by introducing coverage for send, delete, and create activity.
211472CASB Real-time ProtectionNetskope fixed Google user-account-settings screen not loading issue in reverse proxy deployment.
177723CASB Real-time ProtectionNetskope fixed an issue to display the names of renamed user groups in the Real-time Protection policy detail view.
211673CASB Real-time ProtectionFixed a page reload issue in block policy encountered while uploading images to Google Docs.
212786Cloud Confidence Index (CCI)Updated the app location information to reflect the correct country.
196045Data ProtectionNetskope fixed an issue by validating regex entered for a new entity using the new Entity Modifier UI.
190668Data ProtectionNetskope fixed an issue where an error message was thrown when looking at DLP Incidents created by the File Classifier or a File Filter match in a DLP Profile.
212089Data ProtectionNetskope fixed an issue where UI throws error on clicking the next and previous buttons, when the workflow of an incident inside a filtered list is changed.
209955Data ProtectionNetskope fixed an issue by updating the datatype to overcome the assumption of maximum length for an entity name.
191303, 214959Endpoint DLPNetskope fixed the following issues:
  • Configuration and Policy value updates.
  • File paths displayed with mixed delimiters in the events and alerts UI.
  • Content control events in certain scenarios did not showed device information. Missing Forensic data for DLP Incidents in some incidents.
  • The Do not display this message again in device control block messages did not work to prevent messages from being shown again.
  • On the Alerts page, the User Alert in the Action column was not filtered correctly, and the Device field names in Events, Alerts, and Incidents was not matching the names used in Device Constraints.
  • Alerts not containing a Name value.
  • Endpoint Events only contained the device Vendor ID and not the manufacturer name.
  • For some endpoints, USB port blocking was not reset after removing the disallowed USB device.
  • In order to perform device control, both the Device Control and Content Control policies had to be present.
  • Other minor fixes on the Alerts page related to Endpoint DLP alerts.
208063Incident Management (IM)An issue was fixed by providing a distinctive identification to Incident-Lookup ClickHouse Queries through request headers.
201760Platform ServicesFixed an issue when using a Microsoft Active Directory (AD) group that was renamed before deletion caused stale entries. This prevented new user creation in a new AD group using the same group name.
207843Netskope Secure Web Gateway (NG SWG)Netskope fixed an issue by increasing the maximum connections to avoid connection failures when performing SAML forward proxy authentication.
210328Netskope Secure Web Gateway (NG SWG)When the API based HTTP Redirect feature was moved to the UI, the API based solution failed. This is now fixed.
194807Netskope Secure Web Gateway (NG SWG)Fixed an issue where malware alert transaction ID did not match with CTEP alert transaction ID in the web session.
204209Netskope Secure Web Gateway (NG SWG)Netskope fixed a parser behavior error in the URI by escaping whitespaces to “%20” for cs-uri-query and cs-uri.

For example, “/some bad uri” would become “/some%20bad%20uri”.

204710Netskope Secure Web Gateway (NG SWG)Netskope fixed an issue where the byte counts in Page Events might not include data for all transactions if it takes longer than 60 seconds to complete. For example, if a user browses to a OneDrive folder and downloads a very large file, the file is correctly associated with the Page Event but the bytes transferred for the download might not be included in the page event byte count.

With this fix, Page Event generation is delayed until all associated transactions are completed to include accurate byte counts in the Page Event.

205319Netskope Secure Web Gateway (NG SWG)Netskope fixed an issue by including native application support for Microsoft BITS user agent. From this release Microsoft BITS application OS is detected as Windows.
209517Netskope Secure Web Gateway (NG SWG)Activity changes were not displayed in the Pending Changes modal, this issue is fixed.
207416Netskope Secure Web Gateway (NG SWG)Netskope fixed an issue that caused inconsistent URL lookup results for certain URLs between each query.
210122Netskope Secure Web Gateway (NG SWG)Netskope fixed an ‘unable to load a site’ issue by disabling HTTP2 server push promise frames.
211415Netskope Secure Web Gateway (NG SWG)Netskope fixed an issue when the Client IP (c-ip) field in Transaction Events is empty whenever the Netskope Proxy received an empty machine IP from the Client.

The issue was resolved by validating the received machine IP on the Netskope Proxy and using the email address or original IP as fallback mechanism when the machine IP field is empty.

177652Netskope Secure Web Gateway (NG SWG)Fixed an issue when downloading a file on Box sometimes resulted in truncated file sizes when DLP policies are enabled.
208819UI PlatformNetskope fixed a session timeout issue which caused users to logout randomly.
210619Netskope Private Access (NPA)Fixed a REST APIv2 issue when API calls failed to deploy for a URL list that contained special characters such as %A8 or %ED.
215890Netskope Private Access (NPA)Netskope fixed an issue where API throws generic exceptions when invalid parameters are supplied to API Gateway.
204277Netskope Private Access (NPA)Netskope fixed an issue by making system DNS configuration changes when NPA was connected or disconnected, to notify third-party applications about NPA tunnel On/Off.
  • When NPA was connected, a dummy resolver was included by using setResolver(). Supplemental resolver is
  • When NPA was disconnected dummy resolver was removed.
191961Netskope Private Access (NPA)Netskope fixed an issue of incorrect NPA Private App over proxy detection in macOS Client.
211513Netskope Private Access (NPA)Additional debug logging was added to detect enrollment failure. Netskope supports NPA enrollment by using email ID, Electronic Data Interchange Personnel Identifier (EDIPI), and Department of Defense ID (DODID).
210025Netskope Private Access (NPA)Netskope fixed an issue where  NPA prelogon tunnel was unable to connect, when client-disable feature was also enabled.
205408Netskope Private Access (NPA)Netskope fixed a timing sequence issue that blocked a user from enrollment in ‘per user mode’
205276Remote Browser Isolation (RBI)Netskope fixed an issue that prevented customers to identify the RBI template applied to any isolate Real Time Protection Policy in the security admin audit logs. Prior to this fix, an audit log activity was visible if a template was applied to an RBI policy, but the RBI template was not identified.
9469Remote Browser Isolation (RBI)RBI fixed an issue with the identification of some RBI supported browsers in Linux. Prior to this fix RBI users were being shown the “browser has not been extensively tested” warning message for supported browsers. The warning message did not prevent users from browsing in isolation.
8715Remote Browser Isolation (RBI)RBI fixed an issue that prevented users from seeing RBI user notifications in some pages that use “ephemeral” new tabs to perform the operation, such as printing. With this fix, user notifications are now transported to the parent isolated tab so RBI users can acknowledge the notification (e.g. printing has been disabled)
210895Traffic SteeringIPSec employs a pool of threads to serve tenant traffic. However, due to uneven load sometimes traffic from all tenants land on the single thread causing severe reduction in service capacity.

This fix updated the load balancing algorithm IPsec GW uses to distribute between threads.

207243Traffic SteeringThe fix addressed an issue where the DNS bypass did not support IPv6. This happened when Dynamic Steering is enabled along with Off-Prem Web mode and NPA.
211578Traffic SteeringTo eliminate wrongly attributed user issues , the Client must examine the error handling when handling SYNC packets. The Client cannot report any wrongly attributed user information during steering as long as the Client never steers packet with the existing tunnel when the process ID or session ID of the packet is unavailable. This is fixed now.
210967Traffic SteeringFixed an issue where the Unenroll menu is in enabled state even when disabled from the tenant configuration.
204612Traffic SteeringFixed issues related to invalid applink data and race conditions for service task readiness check.
216474, 214890Traffic SteeringNetskope fixed a network traffic bypassing issue with cert pinned apps using AppIDs consisting of both lowercase and uppercase letters. For example, the Slack app for Android.
209265Traffic SteeringFixed an issue where the Netskope Client crashed whenever encrypt config is enabled on macOS Ventura 13.0.
208698Traffic SteeringFixed an issue where the Netskope Client was not reporting installation time if the user was not provisioned during install time.
208763Traffic SteeringNetskope fixed a Blue Screen Of Death (BSOD) issue due to DNS processing. This fixes unnecessary DNS processing in rx path and also avoids anything other than A, AAAA, SRV parsing, if only NPA is enabled.
204407Traffic SteeringNetskope fixed a socket connection issue between UI and main service after resuming from hibernation on Windows. The issue was fixed by introducing code to recheck and reset the connection after resuming from the hibernate event.
205186Traffic SteeringThe certificate pinned application rules should not be applied when the destination hostname is empty.
211186Traffic SteeringNetskope fixed an issue where the Client was getting incorrect process names for processes running in Windows Subsystem for Linux (WSL). Use another API that supports the process name on WSL to get the correct process name.
207595Traffic SteeringThis fix addressed an issue where Mac users were unable to enroll through IdP with Okta Verify. The WebView API used in the authentication mini-browser does not call custom URL schemes automatically. The Okta Verify was relying on “com-okta-authenticator:/” URL scheme . The fix added required code to handle cases like this one.
208174Traffic SteeringIPsec Gateway had aggressive timers for the endpoints and peer re-authentication. This issue was fixed by updating the timers.
204583Traffic SteeringNetskope fixed a recurring tunnel tearing down issue on Windows. The issue occurred when Windows network driver returned 1214 error code when a network packet was sent.
157634Web IPSNetskope resolved an issue where the CTEP alerts message URL field did not include the web traffic port steered over non standard HTTP ports.
207052Web IPSAn issue where CTEP domain allowlist and signature overrides could not be applied is now resolved.
Share this Doc

Fixed Issues In Release 99.0.0

Or copy link

In this topic ...