New Features And Enhancements In Hotfix Release 107.1.0

Endpoint SD-WAN integration with Netskope Client (BWAN + SWG/CASB + NPA)

Netskope Endpoint SD-WAN is now fully integrated as part of the Netskope Client, working together with SWG, CASB, and NPA enabling the industry’s first unified SASE client. It can be deployed standalone to extend SD-WAN deployment to remote users. It can also be deployed together with Netskope Private Access to bring SD-WAN capabilities to ZTNA, as Netskope ZTNA Next – a full VPN replacement solution. In this release, Endpoint SD-WAN is available for the Windows OS.

Bandwidth Control Service

The Bandwidth Control feature allows you to rate limit bandwidth intensive applications and categories. This capability is supported for all web traffic on IPSec/GRE tunnel services.

IPS For Non-web traffic

Introduced Intrusion Prevention support for scanning non-web traffic with Cloud Firewall.

Custom Image Classifier

DLP Profiles now include support for creating ML-based custom image classifiers. With this new functionality, administrators can upload similar image files to train a custom image classifier. Once trained, the custom classifier can be referenced within a DLP profile. The classifier will be able to detect images that are similar to the files that were used to train the classifier.

Additionally, once created administrators can also edit custom classifiers and adjust the detection threshold as well as upload positive and negative training files to improve the efficacy of detection.

Confluence, Google Workspace  And Jira Support

Next Generation SaaS Security Posture Management now supports following apps in the product. With this Netskope can help you assess and manage the security posture of these apps. It also comes with set of predefined rules. 

1. Atlassian Confluence, to learn more see Next Generation SaaS Security Posture Management for Atlassian Confluence Cloud.
2. Atlassian Jira, to learn more see Next Generation SaaS Security Posture Management for Atlassian Jira Cloud.
3. Google Workspace, to learn more see Next Generation SaaS Security Posture Management for Google Workspace.

3rd-party Connected Apps Risk Profiling Support

Next Generation SaaS Security Posture Management now supports risk profiling of 3rd-party connected apps under the ​Application​​ widget in the Overview page. You can see the summary of all 3rd-party connected apps categorized on the risk levels.

To learn more, see 3rd-party Connected Apps Risk Levels.

Improved Salesforce Detection Rule

Next Generation SaaS Security Posture Management has replaced the Salesforce rule ‘Remote site settings are configured’ with ‘Active remote site settings configurations should not disable protocol security’ rule. The new rule has improved vulnerability detection logic and replaces the old one in the existing compliance standards and categorization mappings.

Threat And Data Protection For RBI

RBI introduced support for DLP and Threat Protection policies for file upload and download traffic through RBI. With this feature, RBI customers can safely enable uploads and downloads in isolated browsing sessions, creating additional real-time protection policies to scan the files for Threat Protection and DLP.

The integration of RBI with Netskope Threat Protection and Data Protection Microservices allows NG-SWG to process all traffic generated in isolation and brings additional benefits to RBI customers:

• Configurable File Uploads and Downloads settings in RBI templates
• Full visibility of user activity in isolation, leveraging app inline connectors to detect user activities
• Leverage Threat Protection and DLP profiles for isolated and not-isolated traffic
• Increased visibility over potential threats stopped by RBI
• Localized content in isolation

RBI Template Enhancements

Netskope RBI introduced an enhancement in the RBI templates creation and edit page to simplify the configuration of the remote browsing experience.

Settings are reorganized in two groups (Isolation Indicators and Isolation Settings). Help texts, settings, and descriptions have been updated as well. The following setting names are updated: 

• Pop-up Message (previously “Toast (Warning message)”)
• Copy from isolated page (previously “Copy to clipboard”)
• Paste into isolated page (previously “Paste from clipboard”)

Longest Prefix Match For NRD And NOD Category

All subdomain and URL’s will have the same category as its parent domain for Newly Registered Domains (NRD) and Newly Observed Domains (NOD).