New Features And Enhancements In Release 118.0.0
New Features And Enhancements In Release 118.0.0
Here is the list of the new features and enhancements.
To check your tenant software version, navigate to Settings > General.
Advanced Analytics
Storage Based Retention
This feature provides visibility into storage-based entitlement and UI consumption for customers with Advanced Analytics. Based on the displayed storage consumption, you can have insights of their data volume for different events and avoid overages.
CASB Real-time Protection
Upload Activity Detection for Google Gemini
Added Upload activity detection support for Google Gemini application.
New Domain for Google Drive
Added new domain “drive.fife.usercontent.google.com” for Google Drive application.
Post Activity Detection for Synthesia
Commenting on a video in Synthesia.io application now generates a Post activity.
Miro Application Connector Enhancement
Enhanced Miro application connector to support the following activities:
-
Create
-
Add
-
Delete
-
Invite
-
Share
-
Upload
-
Publish
Enable DLP Support for Upload and Publish activities.
Cloud TAP
Controlled General Availability (GA) of Cloud TAP
The Netskope Cloud TAP solution captures traffic between a managed endpoint with Netskope Client or branch offices using IPsec or GRE tunnels, and the Netskope cloud security platform. This solution sends a copy of the captured traffic from Netskope cloud to a customer provided cloud-based object store in AWS, Azure, or Google Cloud Platform (GCP). Given that most traffic today is TLS encrypted, session keys are also securely provided.
Netskope also provides a tool to decrypt traffic in a customer environment. Post decryption you will have an option either to send traffic to any NDR tool (or any tool that can accept traffic in VxLAN or Geneve protocol) or to store in a PCAP format.
Data Protection
Support for New Predefined Entities
Added support for 62 new predefined Entities:
-
Company Tax ID Numbers (GR, HN, MY, PT, RU, VE)
-
Identity Card Numbers (MT)
-
National ID Numbers (AR, HN, LU, PL)
-
National ID Number Terms (AR, HN, LU)
-
Passport Numbers (AR)
-
Passport Number Terms (AR)
-
Social Security Numbers (AT, IE)
-
Taxpayer ID Numbers (AT, CO, CY, GR, HN, MX, MY, NZ, PT, RU, SI, VE)
-
Taxpayer ID Number Terms (AT, BE, CA, CO, CY, CZ, DE, ES, FR, GR, HN, HU, IE, LI, LT, LU, MT, MX, NL, NZ, PL, PT, RU, SE, SI, VE)
-
Taxpayer ID Number Terms (EU, English, Dutch, French, Italian, Portuguese)
Other predefined Entity updates:
-
Added support for lowercase Taxpayer ID Numbers (FR, IN)
-
Reduced false positives for VAT Numbers (GR, SI)
-
Reduced false positives for National ID Numbers (ZA)
Endpoint DLP (EPDLP)
Original File Access for EPDLP
Starting this release, we will extend the DLP Original file access to Endpoint DLP. A download icon is now present next to the incident number above the Endpoint DLP Incident Detail section.
This feature requires a Forensic Profile along with Forensics enabled under Settings. The Endpoint Original File download checkbox is disabled by default and can be optionally enabled. Once the option is enabled, the files are automatically stored in a Forensics folder in the SaaS application specified in the Forensic Profile.
Network File Share Device Control
Network File Share Device Control is now also available for the macOS Endpoint DLP agent upon request.
Next Generation API Data Protection
Support Microsoft Purview Information Protection Write Capability Action
Microsoft Purview Information Protection (MPIP, formerly Microsoft Information Protect) is a Digital Rights Management (DRM) solution provided by Microsoft to help classify, label, and protect data. Starting this release, Next Generation API Data Protection has introduced a new policy action – Apply Sensitivity Label. With this action, you can apply an MPIP label on DLP-sensitive Microsoft 365 OneDrive, SharePoint, and Google Drive files.
The policy action is available when you Configure a Next Generation API Data Protection Policy.
Before you can apply an MPIP sensitivity label, you should set up an MPIP instance first. To learn more: Digital Rights Management.
General Availability (GA) of Egnyte
Starting this release, Next Generation API Data Protection has introduced the support for Egnyte. Next Generation API Data Protection for Egnyte can now support policy creation, DLP, threat protection using ongoing scan, alerts and more. To learn more:
-
For features supported, see Next Generation API Data Protection Feature Matrix per Cloud App.
-
To configure Egnyte, see Configure Egnyte for the Next Generation API Data Protection.
-
For a list of activities monitored by Netskope, see Activities Monitored by Netskope.
Policy Enhancement – Scan Content Type for Storage & Messaging Apps
Starting this release, a new criteria Scan Content Type is introduced under Policies > API Data Protection > SAAS > Next Gen > New Policy > Object. With this enhancement, you can specify additional content filtering criteria for storage and messaging apps.
-
For Storage:
-
Personal Drive
-
Team Drive
-
-
For messaging:
-
Direct message
-
Private channels
-
Public channels
-
To learn more: Scan Content Type.
The policy enhancement is available when you Configure a Next Generation API Data Protection Policy.
Netskope Secure Web Gateway (NG SWG)
Support for Time-based Rules for SSL Bypassed Traffic
Time based real-time policies are now applicable for traffic that matches an SSL decryption policy. As a result, if there is traffic that matches an SSL do not decrypt rule and remains encrypted will be evaluated for relevant attributes in a real-time policy with a policy schedule. If such traffic has actions like block, alert or bypass, they will be enforced. This may change existing policy lookup behavior for SSL bypass traffic.
Real-time Protection Policies using Custom AD Attributes
Introduced the ability to create real-time protection policies using custom user attributes when user information is synced from the directory importer.
Netskope Private Access (NPA)
Support for IPv6 DNS TCP Packet Drop
For IPv6 DNS queries over TCP, if the hostname in the DNS query is a private app, Netskope client will block the DNS request.
Support DNS over TCP
NPA now supports the ability to resolve IPv4 DNS over TCP, without requiring Publisher DNS to be enabled in the private application definition.
Browser Access User Portal
End-users can now access a portal provisioned by an admin to view and launch authorized ZTNA Browser Access applications. Learn more.
Enhanced macOS Client Tunnel Status
Enhanced Netskope Client on macOS to share Private Access tunnel status on Client icon, Mouse hover and on the Menu. Updated status includes:
-
Enabled/Disabled
-
Re-authentication Time
-
Grace period warning
-
Error due to re-authentication.
To learn more: Using Netskope Client.
Platform Services
SCIM Query Attributes Support for Group Membership
Introduced query parameters, “attributes” and “excludedAttributes” for SCIM GET /Groups/{id}. This feature only supports member attributes.
Remote Browser Isolation (RBI)
RBI Policy Creation
RBI isolates traffic corresponding to a user, visiting a webpage with a web browser (like, Chrome, Firefox, etc.).
With this new feature RBI now requires adding the Browser source criteria to all Isolate policies, preventing non-browser traffic match these RBI policies. List of browsers restricted to supported RBI Browsers.
Customers creates more effective isolate and reduces non isolable requests sent to RBI, which might affect user experience due to unnecessary traffic processing.
Existing isolate policies will keep working as is, with no changes. New and edited isolate policies will require the browser criteria.
To learn more, visit RBI Best Practices
SaaS Security Posture Management (SSPM)
Enhancements to Apps and 3rd Party Apps page
Apps & 3rd Party Apps pages have been enhanced to support even larger scales of data and the algorithm used to generate the overall security Posture Score per application has been enhanced to take into consideration 3rd Party Apps with all levels of risk.
To learn more: SPM Posture Score
New Predefined Rules Shipped in 118.0.0
1 new predefined rule is shipped with this release. They cover the following categories:
-
Apps:
-
ServiceNow: 1
-
-
Security Domains:
-
IAM: 1
-
SSPM Rule Changes
The predefined rules have been updated as follows:
Consolidation of Rules
-
14 ServiceNow rules have been deprecated and replaced with a single rule that accomplishes the same functionality. If existing SSPM policies include the deprecated rules, they will be replaced with the new rule.
-
1 AzureAD and 1 Workday rule is renamed.
Resource Type changes
-
9 ServiceNow and 2 Workday rules have been updated to evaluate against a new resource type.
Threat Protection
Event Thresholding Support
IPS limits duplicate alerts per signature to 30 alerts every 5 minutes. This avoids generation of excessive alert volume.
To learn more: About IPS Settings.
Support for Submitting False Positive Cases
This new feature allows you to submit support cases for suspected false positives in the tenant UI for malware files seen in the Incidents > Malware table. A support portal account is required to use this feature.
To learn more: About Malware.
File Retention Option for Detected Malware
The Malware Retention profile for real-time Threat Protection policy allows you to retain and obtain a copy of malicious files. Files are uploaded to IaaS folder/location designated and configured by the customer in the retention profile.
Traffic Steering
Periodic Device Classification Update
The admin can now configure a value between 1-120 minutes in the Periodic Device Classification under Client Configuration (previously the minimum value was 5 and from release 118.0.0, Netskope updated the minimum value to 1).
To learn more: Netskope Client Configuration.
Master Password for macOS
With 118.0.0, Netskope Client now supports Master Password for macOS devices.
To learn more, view Client Configuration.
One-Time Password-Based Client Disable
Netskope is introducing One-Time Password-based disable option for Netskope Client. With 118.0.0, this feature is supported on Windows platforms for SWG services. Other platforms/OSes will be added in the future releases.
Admins have to configure this first on the tenant UI under the option Allow disabling of Internet Security in Settings > Security Cloud Platform > Client Configuration > Tamperproof. Once enabled, it generates a dynamic password for each device which can be accessed or viewed from the Devices page. Use this password to disable the Netskope Client SWG services.
To learn more: Netskope Client Configuration.
Antivirus (AV) and OS Check Support
This was earlier available as Beta in the earlier releases and is now available in Controlled GA for Windows and macOS devices.
OS Version Check
This feature checks and classifies device compliance for the detected OS version that matches or is above the version information configured by the administrator.
Supported OS: macOS (Controlled GA), Windows (Controlled GA). Already supported in iOS and Android.
AV check
This feature checks the status of the selected AV running in the Windows and macOS devices.
-
Supported Antivirus products: CrowdStrike, SentinelOne, Carbon Black, Microsoft Defender.
-
Supported OS: Windows, macOS
To learn more: Device Classification for Windows and Mac.
Top-Level Domains (TLD)
The steering configurations now support Top-Level Domains (TLD).
General Availability of Secure Enrollment
This was earlier available as a controlled-GA feature and starting 118.0.0, Secure Enrollment is available for all tenants on the webUI.
Secure enrollment is a mechanism to enforce the strict authentication of Netskope Client Enrollment.
To learn more: Secure Enrollment.