Skip to main content

Netskope Help

Netskope Cloud Exchange Release Notes Version 3.4.0

We are excited to announce our Cloud Exchange 3.4.0 updates! Get the latest features, issues fixed, and other updates in this release.

The Cloud Exchange 3.4.0 maintenance release includes several vulnerability patches to the Docker base image. To upgrade, follow these instructions: Migrating from CE 3.1 or newer to CE 3.4.0.

Added
  • Syslog Service Plugin for Cloud Exchange itself

  • The ability to take response actions during a designated maintenance window in Risk Exchange

  • Nested folder view for Business Rules to enable users to better organize complex rule sets

  • Logs sent via CLS in the last X timeframe to the Log Shipper UI dashboard

  • Log counts on the Log Shipper SIEM Mapping page to show usage per connector

  • The ability to delete locally uploaded plugins from UI

  • Formal support for Ubuntu 20.04 LTS

  • A Configure New Plugin button in all modules to redirect to the plugins page with the filter applied for that module

  • Functionality to change default maintenance password during initial setup and subsequent log in

  • Existing users will be asked for an email address for the analytics report to better inform users

  • Functionality to extract MD5 and SHA256 hashes from Netskope (Threat Exchange)

Changed
  • All drop-downs are now searchable

  • Ticket Orchestrator performance enhancement: introduced multiple threads for multiple targets

  • Made search query rule boxes collapsible to expand view of datasets

New Plugins Released/Updated
  • AlienVault for Log Shipper

    • Uses default SYSLOG mapping file

  • Arcsight for Log Shipper

    • Added support for custom log source identifier

  • LogRhythm for Log Shipper

    • Added support for custom log source identifier

  • Solarwinds for Log Shipper

    • Added default SYSLOG mapping file

  • Syslog generic for Log Shipper

    • Added support for custom log source identifier

  • CrowdStrike for Risk Exchange

    • Added support for invoking CrowdStrike Real-time Response Script to trigger device reclassification in Netskope based on ZTA score

These can all be found via the Check for Updates button for the default netskopeoss plugin github repo on the Plugin Repository page under Settings.

Vulnerability Reports
  • Core: Total: Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 2, CRITICAL: 0)

  • UI: Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

  • RabbitMQ: Total: 134 (UNKNOWN: 0, LOW: 90, MEDIUM: 12, HIGH: 25, CRITICAL: 7)

  • MongoDB: Total: 181 (UNKNOWN: 0, LOW: 113, MEDIUM: 21, HIGH: 38, CRITICAL: 9)

  • Watchtower: Total: 27 (UNKNOWN: 3, LOW: 0, MEDIUM: 7, HIGH: 17, CRITICAL: 0)

Note

The vulnerabilities are in the nginx:alpine base image with curl and openssl. We'll be monitoring the image for fixes and keep you posted.

Here is the list of issues fixed in this release.

  • Fixed Diagnose script to work with podman services

  • Fixed SSO to work on Cloud Exchange (JWT token issue)

Here is the list of known issues in this release.

  • You need to upgrade to 3.4.0 from the CLI using the new setup script if you are using a version of Cloud Exchange older than 3.3.3. If you upgrade from the Cloud Exchange UI to 3.4.0, there are a number of global environmental variables that will not be set, preventing the Cloud Exchange proxy from being used for communication with docker and github, among other services.

  • Cloud Exchange has to be restarted when there is a plugin update that has changes to multiple python files.

  • If Cloud Exchange was installed previously using ZIP instead of GIT, you will need to back up the database and migrate it to the new directory as specified in the migration instructions.

  • If Cloud Exchange is installed on a RHEL host, it cannot be configured within podman to always automatically restart. Upon failure, you will need to manually restart Cloud Exchange.

  • If you wish to rotate among different DNS servers you cannot simply modify the resolv.conf file inside the cloud_exchange_core (podman or docker). There is a documented workaround for this unsupported configuration.