Fixed Issues In Release 112.0.0

Fixed Issues In Release 112.0.0

Here is the list of fixed issues in this release.

Issue NumberCategoryDescription
369107Advanced AnalyticsFixed an issue where the Scheduled page was unable to load due to dashboards configured with a legacy feature.
357192API Data ProtectionCorrected an issue where ‘case sensitivity’ impacted the validation of the administrator email address for instance setup under Classic API Protection for Box.
295234API Data ProtectionPolicy action for Introspection in malware incidents is fixed to show quarantine or restore action instead of detection.
388437CASB Real-time ProtectionCopy Link to Post navigation is not supported as part of Share activity for LinkedIn.
383892CASB Real-time ProtectionIn real-time protection policies for Dropbox, policy actions when copying an existing shared link is not be supported.

Only an event for the Copy link action will be generated in SkopeIT.
355595CASB Real-time ProtectionFixed an issue by adding support for a new domain,””.
318963CASB Real-time ProtectionFixed an issue where mail body cannot contain limit more than 16k characters, due to which DLP could not be done. This fix increases the limit to accommodate bigger payloads.
353451CASB Real-time ProtectionFixed incorrect domain mapping for Doodle app.
387561CASB Real-time ProtectionFixed an issue by adding support for new traffic changes in Edit activity using Live Excel.
351623Cloud Confidence Index (CCI)Added to Cloud App ‘X’ for discovery.
347409Data ProtectionFixed a cosmetic bug displaying incorrect ‘Action’ on certain API based Incidents generated from cache-based verdicts.
356850Netskope Private Access (NPA)Fixed an issue on a Citrix Server where the NPA Client retries connection very frequently causing high CPU usage. The fix checks the current condition which prevents NPA client from retry.
333539Netskope Secure Web Gateway (NG SWG)Fixed an issue where now IPS will not miss HTTP clear requests with different destination hosts when client device reuses the same TCP connection.
Also fixed Dedicated Egress IP not being assigned due to above scenario.
355350Netskope Secure Web Gateway (NG SWG)When send-policy-alerts flag is set for a tenant, an application event is sent for the alert policy. No extra events will be sent for the given application post that.
365489Netskope Secure Web Gateway (NG SWG)Rules with both alert-and-continue and email notifications enabled, now properly sends additional email notifications when matched.
337822Netskope Secure Web Gateway (NG SWG)Fixed a rare case where proxy failed to load app related data like app instance, tag, and CCI.
344447Netskope Secure Web Gateway (NG SWG)Support custom notification block template for CLI based requests.
333149Netskope Secure Web Gateway (NG SWG)Fixed an issue where Access Method selection of IDP configuration was ignored. With this release, only selected Access Methods will be authenticated by the configured IDP.
335348Netskope Secure Web Gateway (NG SWG)Fixed an issue where RTP with User criteria was not getting applied for traffic subjected to SSL DND in EPoT mode.
370272Netskope Secure Web Gateway (NG SWG)Fixed an issue where the presence of a root label (that is, trailing dot) in a domain caused a different URL lookup result from the result when the trailing dot was omitted.
358173Netskope Secure Web Gateway (NG SWG)Fixed an error message “Invalid Group Selection”, that appeared on reviewing suggestions for old file type to new file type conversion in Real time policies page, and saving these policies from Review suggestions.
361351Netskope Secure Web Gateway (NG SWG)Fixed an issue where Cors request was redirected to SAML auth due to which Outlook webmail signature settings were not saved.
351841Netskope Secure Web Gateway (NG SWG)
If an admin does not want page events to include such information from child transactions if the main page itself does not match an Isolate or Forward to Proxy policy then they can request that the feature flag page_events:ignore-child-trxn-json be enabled for the tenant.

Previously this feature flag only affected page events marked as “User Generated”, not background traffic not marked as “User Generated”. Now the feature flag will apply to all page events regardless of the value of the “User Generated”. With this feature enabled then page events will only include Forward to Proxy or RBI information if the main page matches a Forward to Proxy or Isolate policy.
17940Remote Browser Isolation (RBI)Solved a bug that happened in macOS when the user was trying to scroll down using the laptop trackpad or mouse scroll gesture, in which the scroll bar repeatedly went to the top of the page, making the scroll unusable.

The bug was fixed after updating a component that was using an envirnment variable pointing to an outdated binary. After the fix has been deployed users scrolling experience in macOS works seamlessly.
15120Remote Browser Isolation (RBI)Fixed a bug in RBI that pushed extra entries in the browser history that did not reflect exactly the URL address changes while browsing in isolation. With this fix, the user’s browsing history reflects correctly the user browsing history of navigated URLs.
17953Remote Browser Isolation (RBI)RBI rejects any website that has an incomplete certificate trust chain. Admins may want to open such websites in isolation rather than their production environment, as a precaution.
With this fix, when the system encounters an incomplete certificate trust chain, the component validating the certificate of RBI forwards the request to the RBI browser. The RBI browser in turn can pull the rest of the certificate into the chain.
9449SaaS Security Posture Management (SSPM)Upon removal or disabling of a rule from an existing policy, all existing findings for the particular rule will now be removed from API-Enabled Protection > Findings (Security Posture SaaS).
301344Traffic SteeringFixed dynamic steering On/Off prem firewall configuration that caused empty firewall exception in config API.
349504Traffic SteeringFixed timestamp mismatch issue where the previous two event timestamps were not aligned in one device entry and caused confusion.
350411Traffic SteeringIn the previous releases, the Netskope Client Configuration webUI can display long email and long device classification in Windows configuration UI. This caused an issue where the user cannot use the Configuration Update link to trigger an update. As a workaround, users encountering this issue can use the command nsdiag.exe -u to download configuration instead.
345264Traffic SteeringFixed an issue on Windows hardware supporting modern standby machines, where NS Client auto upgrade failed after reboot. It was caused by auto-upgrade triggered by the power change system event before the service finish was initialized.
361139Traffic SteeringFixed an issue where Java App process name was not detected due to the Java app’s IPV4 packet using IPv4-mapped-on-IPv6 format on the “/proc/net/tcp6″.
349219Traffic SteeringThe DEM context used for sending out cached DME messages can be corrupted due to a timing issue. In this fix, added logic to prevent this DEM context corruption issue and thereby preventing the Netskope Client crash issue.
368890Traffic SteeringThe initial sleep mode battery saving feature for Android has a logic hole when Netskope tunnel flip-flopping with screen on/off. Fixed this issue and the screen on event now properly restores pre-screen off tunnel status.
384041Traffic SteeringEarlier, when the Client is configured with Dynamic Steering On-prem traffic method set to None along with Fail Close mode, Netskpe Client Configuration webUI is supposed to show the status as “Netskope Client disabled – Traffic Steering set to None” but instead it showed “Netskope Client fail closed.”
Fixed this issue to display the status as “Netskope Client disabled – Traffic Steering set to None” whenever the Dynamic Steering On-Prem traffic method is set to None along with Fail Close.
378514Traffic SteeringFixed an issue where the nsbranding.json configuration file is deleted on MAC whenever a user is deleted.
369598Traffic SteeringFixed an issue where the Client crashed whenever a user enabled SNI Check on the webUI.
370428Traffic SteeringFixed an inconsistent traffic bypassing performance on the OS DNS by enabling a feature flag disableJavaDnsCache. This disables Java DNS caching whenever the Netskope tunnel is in connected state. Currently this is supported only on Windows.
376995Traffic SteeringUpdated client status nsdeviceuid according to the latest client configuration downloaded.
369663Traffic SteeringFixed duplicate exception handling in driver and service.
343344Traffic SteeringFixed the XSS encoding issue for URL on the User Notification page. Prior to this fix, if the user contains a link with an encoded text like ``, the non-encoded part is also encoded after it is saved (``). This fix keeps the original user input if the link pass the XSS check.
351853Traffic SteeringWith this fix, whenever RBAC V2 is enabled, the Cert Pinned Application tab under App Definition is displayed for Web and Cloud App when their access control is enabled.
360719Traffic SteeringEarlier, if admin configures “&” as part of the User Notification dialog button, Windows did not render it properly. This issue is now fixed and ‘&’ character is displayed correctly on the notification dialog.
294257Traffic SteeringEarlier, in a multi-user deployment, non provisioned users were able to access protected application even when the Netskope Client is in Fail Close mode. This issue is now fixed and non-provisioned users are blocked access to protected applications in fail close mode.
372092Traffic SteeringThe Netskope Client was using machine ID as the serial number on Linux devices. This fix will add the system serial number and is displayed on the tenant WebUI Device page.
367773Traffic SteeringEarlier, the admin could not pin the gateway when prc_dp_geofence feature flag was enabled. This issue is now fixed and the admin can pin the gateway by making this entry along with x.x.x.x in hosts file.
398387Traffic SteeringWith this fix, Netskope Client now classifies the non-web traffic as firewall traffic from a cert-pinned app with bypass by tunnel setting.
398819Traffic SteeringIf proxy is configured on the machine and if the GSLB POP list was obtained directly from the GSLB service, then preference must be given to connecting directly to the gateway list before connecting through the proxy.
339052Traffic SteeringImprove the iOS bypass performance by conducting system level bypass. However, if NPA is enabled, local private IPv4 ranges are still being bypassed via app-bypass.
345274Traffic SteeringFixed wrong gateway hostname when there is a network change.
Share this Doc

Fixed Issues In Release 112.0.0

Or copy link

In this topic ...