Netskope Help

New Features and Enhancements In Hotfix Release 90.1.0

Here is the list of the new features and enhancements.

Category

Feature

Detailed Description and Benefits

API Protection

Microsoft Office 365 GCC Environment Support

Netskope now supports API Data Protection for Microsoft Office 365 GCC environment.

Important

Netskope currently does not support Microsoft 365 multi-geo instances on Microsoft Office 365 GCC environment.

Behavior Analytics

Anomalies page deprecation

With this release, the Anomalies page will be deprecated. As notified in past releases, the Anomalies page functionality is now fully transitioned to the Behavior Analytics page, pre-defined (9) rule-based policies.

To learn more: Rule-Based Policies.

CASB Inline Protection

Attach activity in Gmail

All file attachments in Gmail are now detected as Attach instead of Upload.

CASB Inline Protection

Update the Invision app connector

The Invision connector now detects the following activities:

  • Upload

  • Download

  • Share

  • Post

  • Create

  • Delete

CASB Inline Protection

DLP for Share and Edit activity in the Box application

In this release, the data loss prevention (DLP) policy is disabled for Share and Edit activity in the Box application.

Use Post activity to add a comment before sending an email to all collaborators.

CASB Inline Protection

Login activities in WeTransfer

Netskope now supports login activities using Email ID in the WeTransfer application.

The following activities are detected :

  • Login attempt

  • Login successful

  • Login failed

  • Logout

CASB Inline Protection

Google Docs-Jira integration

Google Docs is now integrated into Jira allowing you to add document URLs and edit from Jira.

CASB Inline Protection

Send event in Google Calendar

With this release, the Share button is renamed as Send in your Google calendar. You can see the Send button after you create, edit, or delete events from your calendar.

CASB Inline Protection

Google Sites version update

Google Sites is now updated with the new version and provides detection of different activities.

CASB Inline Protection

File size option

The file-size option is enabled for all categories supporting Download activity.

Data Protection

DLP data identifier

A DLP predefined data identifier has been added to detect Austrian Passport Numbers.

Data Protection

Single bypass alert and incident creation for password and AIP-protected files

With this release, a single bypass alert is created whenever there is at least one DLP profile that cannot be evaluated because of a password-protected or AIP-protected file.

The policy name in the bypass alert is set to ‘All DLP Profiles’. This eliminates the duplicate and multiple bypass alerts that are currently created for each profile and every policy whenever a password or AIP-protected files cannot be inspected.

In addition, whenever there is a DLP profile match, the new behavior results in generating an incident for password and AIP-protected files.

Data Protection

New DLP Passport-Terms entities

Added new separate entities for Passport Number Terms for the following languages to provide a more granular selection:

  • English

  • French

  • Italian

  • Portuguese

Data Protection

New Japan-specific data identifiers

The DLP rules now consist of the following new Japan-specific predefined data identifiers:

  • Passport Number

  • Drivers License

Directory Services

Netskope Adapters

The Netskope Adapter (NS Adapter) has been tested to ensure compatibility with the current cloud platform. Its version number has been updated to confirm this compatibility. No other changes have been made to the NS Adapter in this release.

Netskope for IaaS

Active and Inactive SSH PublickeysCount

In this release, Active and Inactive SSHPublicKeysCount are available in CSA AWS IAM User Entity.

Netskope for IaaS

AWS Relational Database Service clusters

CSPM (AWS) now lists AWS Relational Database Services (RDS) cluster instances and allows you to write custom rules.

Netskope for IaaS

Metadata for SSH public keys

Security posture now displays the metadata for SSH public keys for an AWS IAM user.

Netskope for IaaS

Azure classic storage account

With this release, Netskope CSA lists Classic Storage Account under ClassicStorageAccount entity type for Microsoft Azure.

Netskope for IaaS

AWS internet gateways

CSPM (AWS) lists instances of AWS Internet Gateways and allows users to create rules.

Netskope for IaaS

Elastic File System instances in AWS

In Cloud Security Posture Management (CSPM), you can now create rules to check Elastic File System (EFS) instances in AWS.

Netskope for IaaS

Instance setup changes

The permissions required for setting up an instance as a Forensics destination are reduced to account-level permissions, as opposed to previous subscription-level permissions.

To learn more: Configure an Azure AD Application for Forensics

NG SWG

Search by Sanctioned Instances and App Suite

You can search by Sanctioned Instances and App Suite on the Alerts and Application event pages.

NG SWG

SHA-256 to sign SAML-Forward Proxy authentication requests

SHA-256 is now supported. Previously, Netskope supported the SHA-1 algorithm to sign your authentication requests.

With this release, all your SAML - Forward Proxy authentication requests are signed using the SHA-256 algorithm instead of SHA-1.

If you are using ADFS as an IdP, move your ADFS Relying Party Trusts to SHA-256.

NG SWG

Chromebook support for SWG

Traffic steering and protection is available from Chromebooks for web traffic.

To learn more, see Explicit Proxy

NG SWG/CASB

Bypass Cert-Pinned Apps

In this release, new exceptions are added in the steering configuration to bypass cert-pinned Apps. These will be added in exceptions for all steering configs.

Private Access

Private app traffic steering enhancement

When steering traffic to a private application, Netskope client will not steer traffic into NPA, if the destination port is not part of the private application definition.

Private Access

TCP processing enhancement

TCP processing capability with respect to the NPA platform has been enhanced to eliminate inefficiencies stemming from certain TCP protocol options.

Reports

Knowledge hub for Advanced Analytics

The launch of the new Knowledge Hub for Advanced Analytics helps you to come up to speed on Advanced Analytics key capabilities and learn more about the existing dashboards through videos.

Reports

Threat protection dashboard

The threat protection dashboard is now enhanced to suit your requirements. You can perform one of the following while scheduling dashboards:

  • Schedule a dashboard directly from the Netskope Shared folder to get automatic Netskope dashboard updates.

  • Copy the dashboard into your group or personal folders, if you prefer to use the dashboard version at the time of schedule.

SSPM

CIS benchmark rules

In this release, SSPM includes additional CIS Benchmark rules for Zoom.

Steering

New option in nsdiag

The Netskope debugging tool nsdiag is equipped with one more flag -f that displays client details such as status, tunnel status, Gateway, OnPremStatus, Gateway IP, Tunnel Protocol, and Explicit Proxy. This helps in a headless client scenario to understand the Netskope client details.

For example, Usage >.\nsdiag.exe -f Tunnel status:: NSTUNNEL_CONNECTING. Client status:: enable. Gateway:: gateway-nsclient.goskope.com. OnPremDetection:: On-Premises. Explicit Proxy:: false. Gateway IP:: 163.116.199.35. Tunnel Protocol:: TLS.

To learn more, see Netskope Client Command Reference

Steering

Self-Protection Feature

In this release, Netskope supports the Self-protection feature on Windows 10 ARM64 laptops.

Steering

Self-Protection Feature Enable

Earlier, the Netskope Client Self-protection feature was enabled only after the creation of the tunnel. Now, the client caches the Self-protection status and immediately enables the self-protection status after reboot.

Steering

Global Protect

Netskope Client improves Global Protect interoperability for bypassing traffic.

Contact Support to enable this feature in your account.

Steering

macOS 12 Monterey Support

In this release, Netskope Client extends the support for macOS 12 Monterey.

Steering

Windows 11 Support

In this release, Netskope Client extends support for Windows 11.

Steering

iOS 15.1 Support

In this release, Netskope Client has qualified support for iOS 15.1.

Steering

Windows Server 2022 Support

Netskope Client has qualified support for Windows Server 2022.

Steering

OS version for Windows 11

Microsoft displays 10.0.2220 as the OS version for Windows 11. The Netskope Client displays the same qualified version in the Web UI.