Skip to main content

Netskope Help

Fixed Issues In Release 99.0.0

Here is the list of fixed issues in this release.

Issue Number

Category

Description

206571

API Data Protection

Fixed an issue where the exposure type of some files was incorrect. This was due to an incorrect exposure calculation of a user in Microsoft Teams. Netskope miscalculated the users that were part of a sub-domain as ‘external’.

207523

API Data Protection

Fixed an issue where Netskope API Data Protection failed to create a quarantine folder for OneDrive. This issue was observed when the primary email value was different from User Principal Name (UPN).

194809

API Data Protection

Fixed an issue in Microsoft Office 365 Teams ongoing flow where incorrect cache locking logic adversely impacted end-to-end notification processing time.

199565

API Data Protection

Fixed an issue where Netskope made a large number of webhook subscription refresh calls in a short period of time for Outlook resulting in a rate limit. The webhook subscription refresh API calls are now spread over a 4 hour window.

202147

API Data Protection

Netskope fixed an issue where All External Domains Except type policy was failing in SharePoint. The issue was caused due to the miscalculation of the domains a file shares.

210156

API Data Protection

Fixed an issue where restoring the quarantined file was failing for Google Drive due to an auto mimeType conversion from application/msdosxprogram to Google native files (Google Sheets, Google Docs).

210322

API Data Protection

Fixed an issue in retroactive scan for OneDrive on Active Directory groups having email ID with uppercase characters.

209438

Behavior Analytics

Fixed an issue where UCI score was not updated in some cases for UBA alerts.

193149

CASB Real-time Protection

Fixed an issue by implementing "from_user validation". If the validation fails then the "from_user" value is incorrect and the data is dumped in logs for further analysis.

208421

CASB Real-time Protection

Updated the connector to fix an issue where due to the filetype, nspolicy_lookup was not applied properly.

196739

CASB Real-time Protection

Added Webex Meeting to the Netskope Cert-pinned application list.

183973,161173

CASB Real-time Protection

With this fix, the start and end times for time based policies are shown in the end user's local time zone, providing a clearer understanding of when the policy will be activated and deactivated.

157862

CASB Real-time Protection

Fixed an issue where file uploads from cloud location was not detected. The fix provided Attach activity support for file uploads through the cloud.

209631

CASB Real-time Protection

Fixed an activity detection issue in Gmail by introducing coverage for send, delete, and create activity.

211472

CASB Real-time Protection

Netskope fixed Google user-account-settings screen not loading issue in reverse proxy deployment.

177723

CASB Real-time Protection

Netskope fixed an issue to display the names of renamed user groups in the Real-time Protection policy detail view.

211673

CASB Real-time Protection

Fixed a page reload issue in block policy encountered while uploading images to Google Docs.

212786

Cloud Confidence Index (CCI)

Updated the app location information to reflect the correct country.

196045

Data Protection

Netskope fixed an issue by validating regex entered for a new entity using the new Entity Modifier UI.

190668

Data Protection

Netskope fixed an issue where an error message was thrown when looking at DLP Incidents created by the File Classifier or a File Filter match in a DLP Profile.

212089

Data Protection

Netskope fixed an issue where UI throws error on clicking the next and previous buttons, when the workflow of an incident inside a filtered list is changed.

209955

Data Protection

Netskope fixed an issue by updating the datatype to overcome the assumption of maximum length for an entity name.

191303, 214959

Endpoint DLP

Netskope fixed the following issues:

  • Configuration and Policy value updates.

  • File paths displayed with mixed delimiters in the events and alerts UI.

  • Content control events in certain scenarios did not showed device information. Missing Forensic data for DLP Incidents in some incidents.

  • The Do not display this message again in device control block messages did not work to prevent messages from being shown again.

  • On the Alerts page, the User Alert in the Action column was not filtered correctly, and the Device field names in Events, Alerts, and Incidents was not matching the names used in Device Constraints.

  • Alerts not containing a Name value.

  • Endpoint Events only contained the device Vendor ID and not the manufacturer name.

  • For some endpoints, USB port blocking was not reset after removing the disallowed USB device.

  • In order to perform device control, both the Device Control and Content Control policies had to be present.

  • Other minor fixes on the Alerts page related to Endpoint DLP alerts.

208063

Incident Management (IM)

An issue was fixed by providing a distinctive identification to Incident-Lookup ClickHouse Queries through request headers.

201760

Platform Services

Fixed an issue when using a Microsoft Active Directory (AD) group that was renamed before deletion caused stale entries. This prevented new user creation in a new AD group using the same group name.

207843

Netskope Secure Web Gateway (NG SWG)

Netskope fixed an issue by increasing the maximum connections to avoid connection failures when performing SAML forward proxy authentication.

210328

Netskope Secure Web Gateway (NG SWG)

When the API based HTTP Redirect feature was moved to the UI, the API based solution failed. This is now fixed.

194807

Netskope Secure Web Gateway (NG SWG)

Fixed an issue where malware alert transaction ID did not match with CTEP alert transaction ID in the web session.

204209

Netskope Secure Web Gateway (NG SWG)

Netskope fixed a parser behavior error in the URI by escaping whitespaces to "%20" for cs-uri-query and cs-uri.

For example, "/some bad uri" would become "/some%20bad%20uri".

204710

Netskope Secure Web Gateway (NG SWG)

Netskope fixed an issue where the byte counts in Page Events might not include data for all transactions if it takes longer than 60 seconds to complete. For example, if a user browses to a OneDrive folder and downloads a very large file, the file is correctly associated with the Page Event but the bytes transferred for the download might not be included in the page event byte count.

With this fix, Page Event generation is delayed until all associated transactions are completed to include accurate byte counts in the Page Event.

205319

Netskope Secure Web Gateway (NG SWG)

Netskope fixed an issue by including native application support for Microsoft BITS user agent. From this release Microsoft BITS application OS is detected as Windows.

209517

Netskope Secure Web Gateway (NG SWG)

Activity changes were not displayed in the Pending Changes modal, this issue is fixed.

207416

Netskope Secure Web Gateway (NG SWG)

Netskope fixed an issue that caused inconsistent URL lookup results for certain URLs between each query.

210122

Netskope Secure Web Gateway (NG SWG)

Netskope fixed an 'unable to load a site' issue by disabling HTTP2 server push promise frames.

211415

Netskope Secure Web Gateway (NG SWG)

Netskope fixed an issue when the Client IP (c-ip) field in Transaction Events is empty whenever the Netskope Proxy received an empty machine IP from the Client.

The issue was resolved by validating the received machine IP on the Netskope Proxy and using the email address or original IP as fallback mechanism when the machine IP field is empty.

177652

Netskope Secure Web Gateway (NG SWG)

Fixed an issue when downloading a file on Box sometimes resulted in truncated file sizes when DLP policies are enabled.

208819

UI Platform

Netskope fixed a session timeout issue which caused users to logout randomly.

210619

Netskope Private Access (NPA)

Fixed a REST APIv2 issue when API calls failed to deploy for a URL list that contained special characters such as %A8 or %ED.

215890

Netskope Private Access (NPA)

Netskope fixed an issue where API throws generic exceptions when invalid parameters are supplied to API Gateway.

204277

Netskope Private Access (NPA)

Netskope fixed an issue by making system DNS configuration changes when NPA was connected or disconnected, to notify third-party applications about NPA tunnel On/Off.

  • When NPA was connected, a dummy resolver was included by using setResolver(). Supplemental resolver is npa.test.domain.name.internal

  • When NPA was disconnected dummy resolver was removed.

191961

Netskope Private Access (NPA)

Netskope fixed an issue of incorrect NPA Private App over proxy detection in macOS Client.

211513

Netskope Private Access (NPA)

Additional debug logging was added to detect enrollment failure. Netskope supports NPA enrollment by using email ID, Electronic Data Interchange Personnel Identifier (EDIPI), and Department of Defense ID (DODID).

210025

Netskope Private Access (NPA)

Netskope fixed an issue where  NPA prelogon tunnel was unable to connect, when client-disable feature was also enabled.

205408

Netskope Private Access (NPA)

Netskope fixed a timing sequence issue that blocked a user from enrollment in 'per user mode'

205276

Remote Browser Isolation (RBI)

Netskope fixed an issue that prevented customers to identify the RBI template applied to any isolate Real Time Protection Policy in the security admin audit logs. Prior to this fix, an audit log activity was visible if a template was applied to an RBI policy, but the RBI template was not identified.

9469

Remote Browser Isolation (RBI)

RBI fixed an issue with the identification of some RBI supported browsers in Linux. Prior to this fix RBI users were being shown the “browser has not been extensively tested” warning message for supported browsers. The warning message did not prevent users from browsing in isolation.

8715

Remote Browser Isolation (RBI)

RBI fixed an issue that prevented users from seeing RBI user notifications in some pages that use “ephemeral” new tabs to perform the operation, such as printing. With this fix, user notifications are now transported to the parent isolated tab so RBI users can acknowledge the notification (e.g. printing has been disabled)

210895

Traffic Steering

IPSec employs a pool of threads to serve tenant traffic. However, due to uneven load sometimes traffic from all tenants land on the single thread causing severe reduction in service capacity.

This fix updated the load balancing algorithm IPsec GW uses to distribute between threads.

207243

Traffic Steering

The fix addressed an issue where the DNS bypass did not support IPv6. This happened when Dynamic Steering is enabled along with Off-Prem Web mode and NPA.

211578

Traffic Steering

To eliminate wrongly attributed user issues , the Client must examine the error handling when handling SYNC packets. The Client cannot report any wrongly attributed user information during steering as long as the Client never steers packet with the existing tunnel when the process ID or session ID of the packet is unavailable. This is fixed now.

210967

Traffic Steering

Fixed an issue where the Unenroll menu is in enabled state even when disabled from the tenant configuration.

204612

Traffic Steering

Fixed issues related to invalid applink data and race conditions for service task readiness check.

216474, 214890

Traffic Steering

Netskope fixed a network traffic bypassing issue with cert pinned apps using AppIDs consisting of both lowercase and uppercase letters. For example, the Slack app for Android.

209265

Traffic Steering

Fixed an issue where the Netskope Client crashed whenever encrypt config is enabled on macOS Ventura 13.0.

208698

Traffic Steering

Fixed an issue where the Netskope Client was not reporting installation time if the user was not provisioned during install time.

208763

Traffic Steering

Netskope fixed a Blue Screen Of Death (BSOD) issue due to DNS processing. This fixes unnecessary DNS processing in rx path and also avoids anything other than A, AAAA, SRV parsing, if only NPA is enabled.

204407

Traffic Steering

Netskope fixed a socket connection issue between UI and main service after resuming from hibernation on Windows. The issue was fixed by introducing code to recheck and reset the connection after resuming from the hibernate event.

205186

Traffic Steering

The certificate pinned application rules should not be applied when the destination hostname is empty.

211186

Traffic Steering

Netskope fixed an issue where the Client was getting incorrect process names for processes running in Windows Subsystem for Linux (WSL). Use another API that supports the process name on WSL to get the correct process name.

207595

Traffic Steering

This fix addressed an issue where Mac users were unable to enroll through IdP with Okta Verify. The WebView API used in the authentication mini-browser does not call custom URL schemes automatically. The Okta Verify was relying on "com-okta-authenticator:/" URL scheme . The fix added required code to handle cases like this one.

208174

Traffic Steering

IPsec Gateway had aggressive timers for the endpoints and peer re-authentication. This issue was fixed by updating the timers.

204583

Traffic Steering

Netskope fixed a recurring tunnel tearing down issue on Windows. The issue occurred when Windows network driver returned 1214 error code when a network packet was sent.

157634

Web IPS

Netskope resolved an issue where the CTEP alerts message URL field did not include the web traffic port steered over non standard HTTP ports.

207052

Web IPS

An issue where CTEP domain allowlist and signature overrides could not be applied is now resolved.