Skip to main content

Netskope Help

Fixed Issues In Hotfix Release 90.1.0

Here is the list of issues fixed in this release.

Issue Number

Category

Feature

Issue Description

140404

API Protection

Delay to load page

Previously, there was a delay to load the Settings page of API-Enabled Protection. The issue is fixed.

136720

API Protection

Acting User in Google Team Drive

Previously, if the Google Team Drive had multiple managers, the alert generated randomly picks a Team Drive manager as the "acting user".

The "acting user" is now correctly calculated based on the user performing the action.

135173

API Protection

Google Team Drive owner name

Previously, the Google Team Drive name was not displayed in the alerts generated. The issue is fixed now and the alerts generated display the Team Drive name.

129964

API Protection

Incorrect external collaborator information

Previously, the Incident page was displaying incorrect external collaborator information for Microsoft Teams. The issue is fixed.

124412

API Protection

Microsoft Office 365 OneDrive and SharePoint Webhook subscriptions renewal

Previously, Microsoft Office 365 OneDrive and SharePoint webhook subscriptions were not renewed correctly in the event of an update in the personal URL of an organizational user.

116928

API Protection

File download activity ingestion

Previously, API Data Protection activities such as "File Download" were also ingested into Netskope Anomaly Detection. The issue is fixed.

126150

CASB Inline Protection

Access Restriction

Fixed an issue where access to corporate instance was restricted for GitLab and Bitbucket.

139498

Netskope for IaaS

Wrapper rule evaluation

Fixed an issue in Security Posture where the AWS services did not work in wrapper rules (Rules that apply to the entire AWS instance) For example, AWS cannot have ElasticIp with [ ... ]`.

138411

Netskope for IaaS

Incorrect Network Watcher rule logic

Previously, the logic in the Azure rule, ensure_that_network_watcher_is_enabled, was incorrect. The issue is now fixed and the Azure rule, ensure_that_network_watcher_is_enabled, verifies whether NetworkWatcher is enabled or not.

137580

Netskope for IaaS

GCP rule for databases

Fixed the GCP rule, sql_inst_no_root_login_any_host, to match the Center for Internet Security audit procedure.

137585

Netskope for IaaS

GCP rule for VCP LogMetrics

Fixed the GCP rule, log_metric_filter_alerts_vpc_net, to match the Center for Internet Security audit procedure.

137584

Netskope for IaaS

GCP rule for retention policies on log buckets

Fixed the GCP rule, sink-bucket-log, to detect logging for a bucket.

137579

Netskope for IaaS

Enabled/Disabled state of NetworkWatcher

Previously, the enabled and disabled state of the NetworkWatcher feature for Azure subscription was incorrectly detected. This issue is fixed.

137578

Netskope for IaaS

Azure disk encryption status

The encrypted property of disks for the security posture in Microsoft Azure was incorrectly determined. The issue is fixed now.

137577

Netskope for IaaS

Missing rule for CIS GCP 1.2

The CIS GCP 1.2 profile was missing a rule for recommendation number 6.3.5. This issue is fixed.

137576

Netskope for IaaS

Missing rule: networking_vpc_flow_logs_for_vpc_net_subnets for CIS GCP 1.2

The CIS GCP 1.2 profile did not include the rule, networking_vpc_flow_logs_for_vpc_net_subnets, for recommendation 2.9 of the CIS benchmark. The issue is fixed.

137575

Netskope for IaaS

Missing rule: key_vault_logging for CIS Azure 1.3

The CIS Azure 1.3 profile did not include recommendation 5.1.5 (Rule name: key_vault_logging). The issue is fixed.

137574

Netskope for IaaS

The missing rule for CIS GCP 1.2

The CIS GCP 1.2 profile was missing a rule for recommendation number 5.5.3. The issue is fixed.

138143

Netskope for IaaS

Issues with security posture and GCP integration

The rules for compute instances failed for Google Kubernetes Engine (GKE) instances to which they are not applicable. The issue is fixed.

136903

NG SWG /CASB

Office 365 Native App Blocked

Previously in the Office 365 Auth Reverse Proxy service, the Outlook native apps did not block Windows 10 devices. The issue is fixed.

Important

If the Block Native Outlook Apps feature is enabled, it blocks all native Office 365 for security reasons.

128303

NG SWG

Transaction log parsing

Certain fields are not parsing quotes correctly. This issue is fixed.

112187

Steering

Deprecate REST API tokens

Netskope client deprecated the REST API token for Netskope client deployment. The client will use the existing API for Org ID to download the branding file using an email address.

126814

Steering

Blocked and Disconnected State in Netskope Client

The delay in the automatic proxy detection leads the Netskope client to go into a blocked and disconnected state. To fix this issue, a timeout value of 10 seconds is introduced in the automatic proxy detection.

133739

Steering

Network Traffic not processing correctly

When NPA is enabled on a tenant, the Netskope client the network traffic is intermittently dropped. The issue is fixed.

135328

Steering

Intermittent disconnections in the Client

Earlier, the Netskope client failed to read the correct configuration and establish a tunnel. The issue is now fixed by synchronizing the configuration initialization when the tunnel is established.

139813

Steering

Client blocks macOS Big Sur traffic intermittently

Bypass traffic is intermittently blocked when the client is running macOS Big Sur. This issue is fixed.

131406, 138326

Steering

Upload Failure in Frame.io and Slack

There was an intermittent failure while uploading files using Frame.io and Slack and the upload progress bar displayed incorrect progress when running macOS Big Sur. The issue is fixed.

130672

Steering

Internet Connection Issue

In this release, we fixed the issue where the internet connection was blocked intermittently due to packet loss.

131749

Steering

ICMP requests

When the Netskope Client fails to close in 'All Traffic' steering mode, ICMP requests are not dropped.

136859

Web UI

File Size Constraint option for one category

You can now select the Constraint option: File Size if there is at least one category to support the constraint. Previously, you cannot add the File Size option unless it supports all categories.

135919

Web UI

Requires Source Criteria

In Inline Policy configuration, whenever you select the "Any Web Traffic" option, at least one Source Criteria is required.