New Features and Enhancements for Virtual Appliance Version 99.0.0
DPoP Virtual Appliance
User/User-Group/Organization Unit(OU)/ Exclusion In Real-Time Protection Policies
With this release, you can exclude users, user groups, and organizational units when configuring the Source field in Real-time Protection policies.
To learn more: Real-time Protection Policies
Note
This is a Limited Availability feature. Contact your Sales Representative or Netskope Support for more information.
Alert And Continue Policy Evaluation
With this release, it is now possible to configure Real-time Protection policies with DLP profiles and select the Continue policy evaluation after match option to continue policy evaluation after a policy match. This feature enables the Netskope Cloud to continue evaluating Real-time policies for additional DLP violations, instead of terminating and exiting policy evaluation after a match.
In order to use the Continue policy evaluation after match option, a Real-time policy must have one or more DLP profiles with actions set to Alert. Any DLP profile matches with actions other than Alert will result in the termination of policy processing.
When multiple DLP profile matches occur while using this feature, any incidents generated will list all matching DLP profiles and related policies. In addition to this, a single policy alert will continue to be generated and list all matching policies.
Note
This is currently a limited availability feature. Contact your Sales Representative or Support to enable this feature.
HTTP Header Profiles
In this release, Netskope enhances the HTTP Header Profile feature with new capabilities, such as new header support, regex, and so on.
To learn more: HTTP Header Profile.
Note
This is currently a limited availability feature. Contact your Sales Representative or Support to enable this feature.
Hold the server side connection while performing the certificate revocation status check on server certificates, to ensure that no traffic is allowed through to the client until the certificate revocation status checks are complete.
Domain Fronting Capability Enhancements
Enhanced domain fronting protection to match the Server Name Indication (SNI) with the HyperText Transfer Protocol (HTTP) request Host header.
To learn more: Managing Error Settings and Transaction Event Fields.
Note
This is currently a limited availability feature. Contact your Sales Representative or Support to enable this feature.
SAML
You can configure and concurrently enable multiple IdP services to authenticate users based on various criterion. To learn more, go to: Multiple and Concurrent IdP.
SNMP Status
The SNMP connection status update period was lengthen from 5 seconds to 20 seconds, so as to prevent unnecessary notifications during network glitches.
Alert Action Support
Netskope supported matching Real-time Protection policies and SSL decryption policies with the Do Not Decrypt action, but the Alert action was not supported. With this release, the Alert action is supported for the above scenario.
Note
Contact Netskope Support to enable this feature and choose actions such as Block, User Alert, Allow, or Alert for the Real-time Protection policies.
Generic Header Insertion Capability
Netskope extends the existing ability to insert headers for applications that honor specific headers to access application instances.
To learn more: Header Insertion
Note
This is a Controlled General Availability (formerly known as Limited Availability) feature. Contact your Netskope sales representative or support to enable this on your tenant.
DLP Virtual Appliance
Data Protection
Enable DLP Virtual Appliance to access upstream-proxy with username/password.