Netskope Cloud Exchange Release Notes Version 4.1.0

GA Release Date: February 14, 2023

We are excited to announce our Cloud Exchange 4.1.0 updates! Get the latest features, issues fixed, and other updates in this release.

Feature updates in 4.1.0 are listed below.

Introduced RBAC for user access control at the module level. This allows you to attribute module-specific access control.
Added support for Cloud Exchange Service heartbeat to allow monitoring the up-time.
Added prefiltering support for Ticket Orchestrator alerts. This allows you to control the alerts that get ingested in Cloud Exchange platform. If you’re anticipating high alert volume of alerts, we recommend that you set up the prefilters and limit the alerts to be ingested.
Added support for purging Risk Exchange users and hosts, which allows you to purge slate users and hosts from Cloud Exchange.
Added tenant-level filtering by alert type for incoming alerts, which allows you to control the volume of alerts that get fetched by Cloud Exchange.
Added support for a Debug log level, which allows you to switch to Debug mode during troubleshooting mode.
Added support for custom CA certificates for when network traffic is TLS inspected.
Enhanced diagnostic scripts to include kernel logs by default, which improves the overall troubleshooting capability and reduces the MTTR.
Added support for the Openshift container platform and Kubernetes container orchestration platform using HELM charts. To learn more: GitHub – netskopeoss/K8S-OpenShift-CloudExchange.
Added the ability to check the compatibility of plugin version while updating the plugin, which blocks the incompatible plugin upgrades.

Updated the Netskope Tenant configuration to have the V2 API Token as a mandatory input.
Upgraded the Netskope plugins to migrate from v1/v2 endpoints to the dataexport endpoints.
Updated the Netskope Tenant configuration to have the V1 API Token as an optional input.
Updated the setup scripts to prompt users to take a backup of the .env file.
Updated the Netskope WebTx plugin configuration input labels to match with Netskope Tenant labels. Changed Service Account JSON to Subscription Key, and Subscription Path to Subscription Endpoint.
Added a sanity check to the URLs being ingested into Threat Exchange module.
Renamed the module Cloud Risk Exchange to User Risk Exchange.
Migrated the RabbitMQ image to an official docker provided image.
Migrated the Mongo image to an official docker provided image.

Removed use of V1 and V2 non legacy dataexport endpoints.

Here is the list of issues fixed in this release.

Improved the performance of WebTx data consumption by Cloud Exchange.
Improved the resiliency of WebTx data consumption operations by introducing a back pressure mechanism.
Fixed an issue with the Check For Update on RHEL and Podman OS.
Enhanced the WebTx plugin by introducing the support for HTTP proxy.
Fixed the alert filtering issue impacting Ticket Orchestrator.
Fixed the issue of Cloud Exchange operations being stuck.

The historical data pull will run indefinitely if the Infrastructure type of alert is selected in the Netskope Plugin configuration.
- Impact: Once historical pull is started with Infrastructure type of alerts, the process never ends and subsequent historical pull would get blocked. Data duplication can happen for this type of data.
- Workaround: Remove the Infrastructure type of alert from the plugin during the Log Shipper configuration.
The historical data fetch might experience performance issues. The time to complete the historical process might run for a prolonged period and impact the overall performance.
The Alert type filter option on the Log Shipper plugin configuration would not be applicable if the alert type filter is configured on Netskope Tenant configuration.
Workaround: Move the Log Shipper configuration level filtering criteria to tenant level after migration.
The default mapping for the newly introduced Incident event type is not available for Log Shipper plugins.
Workaround: Users would be required to add custom mapping to send Incident event types to the SIEM platforms.
The CLS global setting Page Size will have no impact on the functionality. Page Size global setting is to be deprecated in the future release.