Netskope Cloud Exchange Release Notes Version 5.1.1

Release Date: April 7, 2025

Core	UI
5.1.1 Cloud Exchange as a VM (OVA, AMI, Azure Image, VHDX) are built on Ubuntu 22.04. Cloud Exchange as a VM customers (5.0.1 and 5.1.0) can now directly upgrade to 5.1.1. Cloud Exchange as a VM customers (5.0.1 and 5.1.0) can now upgrade the underlying OS from Ubuntu 20.04 to Ubuntu 22.04.	Added info note for sync indicators workflow of Threat Exchange. Added data types in Business Rule fields.

Core	UI
Updated RabbitMQ Image from v3.13.1 to v4.0.7. To set up a Cloud Exchange version other than the latest version, instead of using the menu options, now you will need to check that specific Cloud Exchange version tag (like 5.1.0). Changed minimum docker version to 25.0.3, and the recommended version to 28.0.0. For HA, the required Pymongo version is changed to 4.6.3. Maintenance password encryption update. For OVA, Hyper-V CE as a VM cteadmin user has been granted privileges for upgrading the underlying OS as well as Cloud Exchange platform version. Updated Risk Exchange to query Netskope for record updates every hour. Updated Field learning to detect field data types (like string, number, boolean).	Optimized plugins page loading time.

Core

Updated RabbitMQ Image from v3.13.1 to v4.0.7.
To set up a Cloud Exchange version other than the latest version, instead of using the menu options, now you will need to check that specific Cloud Exchange version tag (like 5.1.0).
Changed minimum docker version to 25.0.3, and the recommended version to 28.0.0.
For HA, the required Pymongo version is changed to 4.6.3.
Maintenance password encryption update.
For OVA, Hyper-V CE as a VM cteadmin user has been granted privileges for upgrading the underlying OS as well as Cloud Exchange platform version.
Updated Risk Exchange to query Netskope for record updates every hour.
Updated Field learning to detect field data types (like string, number, boolean).

Optimized plugins page loading time.

Core	UI
Removed version selection from the setup script.	N/A

Core	UI
If all the previously shared IoC(s) are retracted at once, and there are no indicators left to share, Cloud Exchange and the Threat Exchange plugin will assign a default value to the configured URL list, file hash list, or private app. Retracted IoCs are getting filtered in Business rule evaluation. Fetching of updates for Default repository. Proxy toggle not working for Risk Exchange configurations. Reduced the file permissions of the data directory for other linux users.	While configuring a Ticket Orchestrator Queue, the user is not able to select the value from the dropdown of the fields using the mouse click, but can do so using the keyboard. For a Risk Exchange record, if the value contains “0” it is displayed as “-” Unable to save the Threat Exchange plugin with only the URL list option.

Core

If all the previously shared IoC(s) are retracted at once, and there are no indicators left to share, Cloud Exchange and the Threat Exchange plugin will assign a default value to the configured URL list, file hash list, or private app.
Retracted IoCs are getting filtered in Business rule evaluation.
Fetching of updates for Default repository.
Proxy toggle not working for Risk Exchange configurations.
Reduced the file permissions of the data directory for other linux users.

While configuring a Ticket Orchestrator Queue, the user is not able to select the value from the dropdown of the fields using the mouse click, but can do so using the keyboard.
For a Risk Exchange record, if the value contains “0” it is displayed as “-”
Unable to save the Threat Exchange plugin with only the URL list option.

In the Ticket Orchestrator module, there is an issue in the UI where the page goes blank when expanding an event/alert that contains complex data, like lists of dictionaries, nested dictionaries, or dictionaries with list elements in the Ticket Orchestrator module. However, this does not affect the Ticket Orchestrator module lifecycle, such as business rule filtering or ticket creation.
RabbiMQ data migration is not supported due to change of queue type from Classic to Quorum queue. This is not applicable if you are migrating from 5.1.0.
Under Risk Exchange Schema Editor, while configuring/adding a Field Schema, the data type Value Map only supports String to Integer mappings for normalizing risk scores. For example, mapping values like high, low, and medium to its numeric equivalent.
When using the Risk Exchange action for a Tag Application, there is an API limitation where the total length of all tags, including the commas used to separate static values, must not exceed 4,120 characters. If this limit is exceeded, the last tags or characters may be trimmed without any error message being generated. The system does not yet provide an explicit error when the tag length exceeds the limit.
In older versions (e.g. 5.0.x, 4.x or earlier) of Cloud Exchange, you might start seeing errors while importing Netskope plugins and Risk Exchange 3rd-party vendor plugins:
Error occurred while importing plugin netskope.plugin.***