Netskope Help

Delay to load page

Previously, there was a delay to load the Settings page of API-Enabled Protection. The issue is fixed.

Acting User in Google Team Drive

Previously, if the Google Team Drive had multiple managers, the alert generated randomly picks a Team Drive manager as the "acting user".

The "acting user" is now correctly calculated based on the user performing the action.

Google Team Drive owner name

Previously, the Google Team Drive name was not displayed in the alerts generated. The issue is fixed now and the alerts generated display the Team Drive name.

Incorrect external collaborator information

Previously, the Incident page was displaying incorrect external collaborator information for Microsoft Teams. The issue is fixed.

Microsoft Office 365 OneDrive and SharePoint Webhook subscriptions renewal

Previously, Microsoft Office 365 OneDrive and SharePoint webhook subscriptions were not renewed correctly in the event of an update in the personal URL of an organizational user.

File download activity ingestion

Previously, API Data Protection activities such as "File Download" were also ingested into Netskope Anomaly Detection. The issue is fixed.

Access Restriction

Fixed an issue where access to corporate instance was restricted for GitLab and Bitbucket.

Wrapper rule evaluation

Fixed an issue in Security Posture where the AWS services did not work in wrapper rules (Rules that apply to the entire AWS instance) For example, AWS cannot have ElasticIp with [ ... ]`.

Incorrect Network Watcher rule logic

Previously, the logic in the Azure rule, ensure_that_network_watcher_is_enabled, was incorrect. The issue is now fixed and the Azure rule, ensure_that_network_watcher_is_enabled, verifies whether NetworkWatcher is enabled or not.

GCP rule for databases

Fixed the GCP rule, sql_inst_no_root_login_any_host, to match the Center for Internet Security audit procedure.

GCP rule for VCP LogMetrics

Fixed the GCP rule, log_metric_filter_alerts_vpc_net, to match the Center for Internet Security audit procedure.

GCP rule for retention policies on log buckets

Fixed the GCP rule, sink-bucket-log, to detect logging for a bucket.

Enabled/Disabled state of NetworkWatcher

Previously, the enabled and disabled state of the NetworkWatcher feature for Azure subscription was incorrectly detected. This issue is fixed.

Azure disk encryption status

The encrypted property of disks for the security posture in Microsoft Azure was incorrectly determined. The issue is fixed now.

Missing rule for CIS GCP 1.2

The CIS GCP 1.2 profile was missing a rule for recommendation number 6.3.5. This issue is fixed.

Missing rule: networking_vpc_flow_logs_for_vpc_net_subnets for CIS GCP 1.2

The CIS GCP 1.2 profile did not include the rule, networking_vpc_flow_logs_for_vpc_net_subnets, for recommendation 2.9 of the CIS benchmark. The issue is fixed.

Missing rule: key_vault_logging for CIS Azure 1.3

The CIS Azure 1.3 profile did not include recommendation 5.1.5 (Rule name: key_vault_logging). The issue is fixed.

The missing rule for CIS GCP 1.2

The CIS GCP 1.2 profile was missing a rule for recommendation number 5.5.3. The issue is fixed.

Issues with security posture and GCP integration

The rules for compute instances failed for Google Kubernetes Engine (GKE) instances to which they are not applicable. The issue is fixed.

Office 365 Native App Blocked

Previously in the Office 365 Auth Reverse Proxy service, the Outlook native apps did not block Windows 10 devices. The issue is fixed.

Transaction log parsing

Certain fields are not parsing quotes correctly. This issue is fixed.

Deprecate REST API tokens

Netskope client deprecated the REST API token for Netskope client deployment. The client will use the existing API for Org ID to download the branding file using an email address.

Blocked and Disconnected State in Netskope Client

The delay in the automatic proxy detection leads the Netskope client to go into a blocked and disconnected state. To fix this issue, a timeout value of 10 seconds is introduced in the automatic proxy detection.

Network Traffic not processing correctly

When NPA is enabled on a tenant, the Netskope client the network traffic is intermittently dropped. The issue is fixed.

Intermittent disconnections in the Client

Earlier, the Netskope client failed to read the correct configuration and establish a tunnel. The issue is now fixed by synchronizing the configuration initialization when the tunnel is established.

Client blocks macOS Big Sur traffic intermittently

Bypass traffic is intermittently blocked when the client is running macOS Big Sur. This issue is fixed.

Upload Failure in Frame.io and Slack

There was an intermittent failure while uploading files using Frame.io and Slack and the upload progress bar displayed incorrect progress when running macOS Big Sur. The issue is fixed.

Internet Connection Issue

In this release, we fixed the issue where the internet connection was blocked intermittently due to packet loss.

ICMP requests

When the Netskope Client fails to close in 'All Traffic' steering mode, ICMP requests are not dropped.

File Size Constraint option for one category

You can now select the Constraint option: File Size if there is at least one category to support the constraint. Previously, you cannot add the File Size option unless it supports all categories.

Requires Source Criteria

In Inline Policy configuration, whenever you select the "Any Web Traffic" option, at least one Source Criteria is required.