Netskope Cloud Exchange Release Notes Version 5.0.1
Netskope Cloud Exchange Release Notes Version 5.0.1
GA Release Date: March 12, 2024
We are excited to announce our Cloud Exchange 5.0.1 updates! Here’s the latest features and changes, fixed issues, and known issues in this release.
Added
Core
UI
CE as a VM Image will be available in AWS cloud marketplace for AMI, and Azure cloud marketplace for VHDX. OVAs will be available on S3. The OVA image will be available for download via S3 bucket under Netskope’s AWS account. Please reach out to CE support for more details.
CE as a VM (OVA): Eliminates sudo privilages for cteadmin user in OVA apart from certain commands that are required for CE Operations.
CE as a VM (OVA): Stores maintenance password securely and hidden from cteadmin user.
Docker hub connectivity won’t be needed as we have bundled all the needed images.
GitHub Connectivity is now optional because you can upload the plugin from the UI in a .zip/tar format.
Threat Exchange: Added the action Add to private app to share URL(s) along with tags with the Netskope tenant.
Added Malware Type and Malware Name as a comment in Threat IoCs in the Threat Exchange module.
Added granular URL types (Host, IPv4, IPv6, URL, Domain) in the Threat Exchange module.
Added support of debug application logs sharing in the Syslog for CE plugin.
Added support of sending WebTx fields that have null values in WebTx Log Shipper as a null value in case of json, and a default value in case of CEF format.
Added the Enable Tagging option to the Threat Exchange module configuration of type choice with choices “Yes”, and “No”.
Added the Allow Empty Values option to the Log Shipper WebTx Plugin configuration of type choice with choices “Yes”, and “No”.
Changed
Core
Optimized Threat Exchange to support sharing of more indicators.
Enhanced diagnose script to include plugin details (status, version, last run time), disk details, count of active and inactive indicators, count of users/hosts, count of stored alerts, count of application, and RabbitMQ current occupied volume for better troubleshooting.
Restricted CE deployment on a host in which SE linux is enabled.
Email address is now mandatory to deliver a seamless Cloud Exchange deployment, management and support experience.
Enhanced Pulling Task Locking mechanism to avoid duplicated data and improved resiliency in all CE deployments on restart of containers/VMs/nodes.
Removed
Core
Customers who want to deploy CE v5.0.1 on AWS ECS Fargate are strongly recommended to deploy CE v5.0.1 AWS AMI.
Fixed an issue where VM status is not showing ready status on Azure cloud after deploying CE as a VM VHDX Image.
Fixed an issue in HA setup on AMI when MongoDB container is taking 20-35 secs to startup, which is causing errors.
Fixed an issue where plugin update is not populating newly added fields of type password.
Known Issues/Limitations
Users cannot install any additional packages in CE as VM (in OVA) as we have restricted the root privileges for the cteadmin user. The cteadmin user can only execute a predefined set of commands with root privileges.
Netskope does not recommend installing any additional agent or package in CE as VM instances, as the resource consumption by the agent might affect the performance of CE.
No direct upgrade path for CE as a VM from CE v5.0.1 to newer version. You’ll need to setup a new VM using the respective image, and then you’ll need to use the backup and restore option.
Elimination of root access will not be part of Cloud images (AMI, VHDX).
A cteadmin user will be able to see the maintenance password in cloud images (AMI, VHDX) because the cteadmin user has sudo privileges.
End user will be able to see maintenance password in High availability deployment through Shared storage in CE as a VM Image.
For custom repositories, CE will require connectivity to that particular repo for pulling plugins on CE startup.
Migration from an older CE version to CE v5.0.1 results in 1-2 hrs of delays of pulling of any types of data may be observed, in case of Podman based deployment and HA deployment.
Duplicate historical tasks will be run in parallel resulting into 409 errors on deletion and re-configuration of SIEM mapping for same source and destination in Log Shipper only, when deletion and reconfiguration should happens in few mins.
CE HA Nodes need to be restarted when Majority RabbitMQ nodes status is down and RabbitMQ Cluster is experiencing the split brain issue.
The Core container might experience trouble connecting with the MongoDB container on CE startup, resulting in Auto reconnect errors in logs, and restart of core container a few times, which will be auto resolved in a few minutes.
