Netskope Help

New Features And Enhancements In Hotfix Release 95.1.0

Here is the list of the new features and enhancements.

Anonymous User Detection In Microsoft Office 365 Teams

API Data Protection can now detect anonymous users i.e., user joining the meeting without an email ID in Microsoft Office 365 Teams meeting. Netskope treats an anonymous user as an external user. The Netskope policy engine applies the appropriate action based on the exposure calculation of this user, in this case, external user.

You can view the anonymous user at the following Netskope UI locations:

  • Incidents > DLP > View More > Collaborators

    MS_Teams-Anonymous_User-DLP.png
  • Skope IT > Alerts > Alert Details > File

    MS_Teams-Anonymous_User-Skope_IT.png
  • API-enabled Protection > SAAS > Microsoft Teams > <MS Teams instance> > Messages with Violations > Message Details > Recipients

    MS_Teams-Anonymous_User-Dashboard.png
Exposure Classification For Microsoft Office 365 Teams Personal Account

If a user logs in to a Microsoft Office 365 Teams (chat or meeting) using a Microsoft personal account, Netskope displays such a user as Microsoft Personal Account (<uid #>). Netskope treats such a user as an external user.

New Set Of Cloud Security Posture Management (CSPM) Profiles

Netskope adds a set of new CSPM profiles that help Cloud Security Posture Management users in onboarding rule profiles incrementally. For each public cloud platforms supported, the new profiles are categorized by the services they are protecting as Identity and Access Management(IAM), Networking, Computing, and Storage and further split into Essential and Advanced per deployment priorities.

Improved Certificate Revocation Status

Hold the server side connection while performing the certificate revocation status check on server certificates, to ensure that no traffic is allowed through to the client until the certificate revocation status checks are complete.

ServiceNow Poll Interval

Netskope SSPM now supports poll at 24 hrs interval for ServiceNow. You can set up the poll interval by navigating to Settings > API-enabled Protection > SaaS > Classic. Click ServiceNow and then Setup Instance. Under Instance Types, check Security Posture and select the 24 hours interval from the drop-down menu.

New nsdiag Command

With this release, Netskope adds a new command nsdiag -x to check if a string match a regular expression. 

For example, nsdiag -x "chrom(e)*.exe" "chrome.exe". To learn more: Netskope Client Command Reference

Improved JAMF Netskope Client Uninstall Script

JAMF uninstall script helps to uninstall Netskope Client's network extension, only if the removable network extension profile is configured for Netskope client's Network extension.

Regex Support When Creating Certificate Pinned Applications

Certificate pinned application process names can now accept regular expressions. To learn more: Exceptions.

Note

This feature is in Beta. Contact your Sales Representative or Netskope Support for more information.

Netskope Client for MacOS Performance Improvement

Significant Netskope Client optimizations are delivered with this release, to use resources more efficiently on macOS platforms. Internal testing in low latency environments (For example, 1Gbps and <=2ms) indicates an increase in peak throughput by 30-50%, when Netskope Client is used to steer traffic to the Netskope Security Cloud. The feature flag enableMacPerformance has to be enabled on the tenant for the Mac Netskope clients to deliver higher performance.

Note

  • A known interop issue with AnyConnect tunnel all mode. If you have AnyConnect running, do not enable the flag.

  • Performance measurement depends on the link speed and essentially the last mile. Any increased latency or packet loss could lead to much different performance results.

  • This feature is in Beta. Contact your Sales Representative or Netskope Support for more information.

Gateway Selection Enhancement

As part of improving user experience via Netskope cloud, a new service has been created that helps Netskope Client in finding the optimal datacenter for tunnel establishment based on machine learning algorithms.To learn more: Netskope Client PoP Selection

Note

This feature is in Beta. Contact your Sales Representative or Netskope Support for more information.

Secure Enrollment Support

Netskope client enrolment further hardened by adding additional enrolment tokens that can be configured from the WebUI. This is an optional feature for customers. To learn more: Secure Enrollment

Note

This feature is in Beta. Contact your Sales Representative or Netskope Support for more information.

NS Client Support On Linux Platforms

Netskope Client now supports Linux platforms of x86_64 CPU running Ubuntu 18.04 or 20.04. The updated features are:

  1. Two traffic steering options for Cloud Access Security Broker(CASB) and Secure Web Gateway(SWG).

  2. Inter-op with the third-party VPN vendors such as Cisco Anyconnect and Palo Alto Networks GP.

  3. On-prem/Off-prem detection and handling.

  4. A fully functional Linux client Graphic User Interface(GUI) and Command-Line Interface(CLI).

  5. Linux client enrollment.

  6. WebUI support for Linux clients such as cert-pinned apps etc.

To learn more: Netskope Client in Linux Operating System

Note

This is currently a Beta feature. Contact your Sales Representative or Netskope Support for more information.

Android/ChromeOS Support For SWG

The Netskope Android App now supports SWG service. Web traffic can now be directed towards Netskope Security Cloud with this new version of Android App. Also, enhanced the domain and app bypass options.

Note

This feature is in Beta. Contact your Sales Representative or Netskope Support for more information.