Skip to main content

Netskope Help

New Features and Enhancements for On-Premises Appliance Version 99.0.0
User/User-Group/Organization Unit(OU)/ Exclusion In Real-Time Protection Policies

With this release, you can exclude users, user groups, and organizational units when configuring the Source field in Real-time Protection policies.

Netskope-Real-Time-Protection-Policy-Exclusions.png

To learn more: Real-time Protection Policies

Note

This is a Limited Availability feature. Contact your Sales Representative or Netskope Support for more information.

Alert And Continue Policy Evaluation

With this release, it is now possible to configure Real-time Protection policies with DLP profiles and select the Continue policy evaluation after match option to continue policy evaluation after a policy match. This feature enables the Netskope Cloud to continue evaluating Real-time policies for additional DLP violations, instead of terminating and exiting policy evaluation after a match.

In order to use the Continue policy evaluation after match option, a Real-time policy must have one or more DLP profiles with actions set to Alert. Any DLP profile matches with actions other than Alert will result in the termination of policy processing.

When multiple DLP profile matches occur while using this feature, any incidents generated will list all matching DLP profiles and related policies. In addition to this, a single policy alert will continue to be generated and list all matching policies.

Continue-policy-evaluation-after-match.png

Note

This is currently a limited availability feature. Contact your Sales Representative or Support to enable this feature.

HTTP Header Profiles

In this release, Netskope enhances the HTTP Header Profile feature with new capabilities, such as new header support, regex, and so on.

To learn more: HTTP Header Profile.

Note

This is currently a limited availability feature. Contact your Sales Representative or Support to enable this feature.

Hold the server side connection while performing the certificate revocation status check on server certificates, to ensure that no traffic is allowed through to the client until the certificate revocation status checks are complete.

Domain Fronting Capability Enhancements

Enhanced domain fronting protection to match the Server Name Indication (SNI) with the HyperText Transfer Protocol (HTTP) request Host header.

To learn more: Managing Error Settings and Transaction Event Fields.

Note

This is currently a limited availability feature. Contact your Sales Representative or Support to enable this feature.

SAML

You can configure and concurrently enable multiple IdP services to authenticate users based on various criterion. To learn more, go to: Multiple and Concurrent IdP.

SNMP Status

The SNMP connection status update period was lengthen from 5 seconds to 20 seconds, so as to prevent unnecessary notifications during network glitches.

Alert Action Support

Netskope supported matching Real-time Protection policies and SSL decryption policies with the Do Not Decrypt action, but the Alert action was not supported. With this release, the Alert action is supported for the above scenario.

Note

Contact Netskope Support to enable this feature and choose actions such as Block, User Alert, Allow, or Alert for the Real-time Protection policies.

Generic Header Insertion Capability

Netskope extends the existing ability to insert headers for applications that honor specific headers to access application instances.

To learn more: Header Insertion

Note

This is a Controlled General Availability (formerly known as Limited Availability) feature. Contact your Netskope sales representative or support to enable this on your tenant.

Data Protection

Enable DLP Virtual Appliance to access upstream-proxy with username/password.