New Features And Enhancements In Release 103.0.0

Added loading indicator to the following pages which lets the user know data is being loaded in the background:

With this release Netskope is introducing a new Overview page to help you easily access recent dashboards and relevant insights. In addition, expect enhancements to the user interaction pages with the dashboard library and personal / group folders. This will reduce efforts required to set up NAA on day-zero and readily allows you to benefit from Netskope Advanced Analytics insights. 

BENEFITS:

Added an advanced option to include or exclude specific Team Drives from the scope of Google Drive API Data Protection policy wizard.

API Data Protection supports files up to 128 MB for DLP and threat protection, except for encryption as an action (including quarantine and legal hold with encryption). Policies with encryption action support files up to 32 MB only. A few points to consider before enabling this enhancement:

Enhanced the detection capability to inspect the from_user field accurately.

Added DLP support to Create and Edit issue activities in Atlassian Jira application.

Added instance_id support for Google Drive when Upload and Download activities are performed through AODocs application.

Added the ability to support inspection of large files (>200MB) uploaded to Google Drive when files getting chunked (app behaviour) into smaller parts during upload. Multipart uploads can fail if the client has a slow internet connection and takes longer than 10 minutes to upload a file.

Deprecated the support for Instance_id for Google BigQuery application. Use “Google Accounts” app for instance-based access control for GCP Console and CLI-based access.

Removed the following terms from the Medical Conditions (English) Entity:

Added new Base64-Encoded Data Entity to detect base64-encoded data within text.

Updated the Machine Language (ML)-based image classification model used by DLP  to improve accuracy and reduce false-positives.

In addition to submitting URL re-categorization requests through the tenant UI or Netskope URL, you can now use APIs to submit bulk URL re-categorization requests and check the status of these requests.

Changed the service names for the Windows Endpoint DLP agent:

The Endpoint DLP log level is now controlled by the stAgent log level UI. Right-click the Netskope Client icon in the system tray to modify and choose Advanced Debugging > Set Log Level setting.

When the product is paused using the Pause link in the device health page, the content examination system halts enforcement, and allows any file written to a USB device while in the Pause mode without inspection. This increases the IO throughput of operations against the USB-stored files.

Atlassian Confluence is deprecating many v1 Confluence Cloud API endpoints and are being replaced with v2 equivalent API endpoints. To leverage the v2 API endpoints, Netskope now requires a new set of permissions to be granted. To learn more: Permissions Required for Atlassian Confluence.

Microsoft 365 OneDrive (commercial) and SharePoint (commercial) apps are now available on the Next Generation API Data Protection platform. Please note the following important points:

Added references to CIS Microsoft 365 Foundations Benchmark v1.5.0 controls for suitable rules. This applies to Microsoft 365 app suite.

Starting from release 103.0.0, Netskope has removed the top-level widgets from the API-enabled Protection > Security Posture (Next Gen) > Compliance page. The widgets were originally available under the Raw Findings, Rules, and Resources tabs. They are now made available under the API-enabled Protection > Security Posture (Next Gen) > Overview page.

Reduced aggressive retries when Client downloads prelogon user configurations failed.When the API calls fail, Client retries the API call in increasing backoff time up to 1 hour. Before this change, when the API calls failed, Client retired every 1 min.

Newly created tenants will have the RBAC v2 feature enabled by default.

RBI included an enhancement that allows to leverage drag and drop to move elements inside the same isolated webpage (for example, web apps that support customized user’s view by moving sections or elements on the screen).

Prior to this enhancement, you could not drag and move elements inside the same isolated web page. This enhancement allows users to drag and move draggable elements inside the same isolated webpage (isolated tab).

A new machine learning based phishing detection engine is enabled in Standard Threat Protection. This engine improves phishing detection using a combination of techniques using metadata from enhanced scanning and ML based detection to identify phishing domains in realtime.and block access to those sites.

To learn more: Threat Protection.

You can now configure Netskope iOS client enrollment to support only Private Access connectivity. New VPN profile key ‘ForceDisabledSteering’ with boolean value to true disables Internet Security and force tunnel into an effectively no steering mode.

Enhanced the backoff mechanism whenever the Client encountered server error responses.

During the auto-upgrade process, in the event of a system restart/shutdown/crash/hard reboot/power failure in a Windows machine, there is a possibility that the client gets removed from the endpoint. 

To eliminate this issue, Netskope introduces a new installation monitor service “stAgentSvcMon.exe” that starts during the auto-upgrade process. This new monitor service is a copy of existing Netskope Client Service with limited functionality. Once the auto-upgrade process is completed, this monitor service is removed from the endpoint.

If an auto-upgrade process is in-progress and is interrupted by system restart/crash/shutdown/hard-reboot/power failure, the installation monitor service relaunch the client installation on the endpoint irrespective of any changes to the machine.

To learn more, view Netskope Client For Windows.

If client installation process such as upgrade/uninstallation fails in a Windows machine, the Client installer does not retract the changes done by the process resulting in the uninstallation of the Client on the endpoint. Client must handle any failure during installation and install the previous version if needed and ensure that the Client is working.

As part of this new feature:

To view the events displayed in the event of an Client upgrade failure on the Device details page:

To learn more, view Netskope Client For Windows

This was previously a Beta feature and with this release, it is available for all tenants.Netskope client supports user IDP enrollment using WebView2. It requires the minimum WebView2 106.0.1370.52 version.

To learn more, view Deploy Netskope Client via IdP.

Added validation for WebUI V2 in Create, Edit mode and CSV import.

The ‘enabled‘ column is now available in the CSV upload for IPSec and GRE and it refers to enabling the tunnel after creation.

To learn more: Importing IPSec Sites from a CSV File and Importing GRE Sites from a CSV File.

The Netskope POPs list now displays a new message This POP is not accepting new tunnels, next to each POP when the V2 feature flag is enabled. This message is hidden when the V2 feature flag is disabled thus restricting the users accessing them.

To learn more: IPSec and GRE.

Added a new button called Save And Copy POPS Info which saves and copies to the user’s clipboard with all the POPS information.

To learn more: Creating an IPSec Site and Creating a GRE Site.

In the IPSec create tunnel pop-up the POPs displayed are filtered out by ones that are overloaded. Only those accepting tunnels will be shown in UI V1 and V2.

To learn more: IPSec.

If a particular POP is overloaded it will now advertise that with accepting_tunnels false in the api and the UI will not show it in the options for creating new tunnels or for switching to when editing.

To learn more: IPSec and GRE.

This enhancement includes 9 additional pops to a tunnel along with a geographical pops by IP address or latitude and longitude. New filters are for the main page on pop, status, name and traffic type.

To learn more: IPSec and GRE.

Added Kilometers (km) or Miles for sorting distance from IP or Longitude or Latitude.

To learn more: Creating an IPSec Site and Creating a GRE Site.

Support multi-factor authentication (MFA) for Netskope admins log in to the Netskope management console using the local administrator accounts.

Added the options to obtain the legacy ACS URL formant and the ability to control the user authentication domain refresh interval.

A new REST API enables ingesting 3rd party risk impact as an input to a user’s User Confidence Index (UCI) score. This REST API reduces a user’s UCI by the specified number based on risk learned from a partner vendor (such as Endpoint Detection and Respons, IdP or Email). The API parameters allows to specify the user, source, timestamp, score (reduction) and reason to reduce the user’s UCI. These are shown in the Behavior Analytics incidents and also in the corresponding Behavior Analytics alerts.

A new alert provides information on anomalies impacting UCI created in Advanced UEBA using 3rd party API.