Here is the list of the new features and enhancements.
With this release, it is now possible to configure Real-time Protection policies with DLP profiles and select the Continue policy evaluation after match option to continue policy evaluation after a policy match. This feature enables the Netskope Cloud to continue evaluating Real-time policies for additional DLP violations, instead of terminating and exiting policy evaluation after a match.
In order to use the Continue policy evaluation after match option, a Real-time policy must have one or more DLP profiles with actions set to Alert. Any DLP profile matches with actions other than Alert will result in the termination of policy processing.
When multiple DLP profile matches occur while using this feature, any incidents generated will list all matching DLP profiles and related policies. In addition to this, a single policy alert will continue to be generated and list all matching policies.
Note
This is currently a limited availability feature. Contact your Sales Representative or Support to enable this feature.
The DLP incident view now includes an option to download the file content that violates DLP policy. A download icon is now present next to the incident number above the incident detail section. This feature requires a Forensic Profile along with Forensics enabled under Settings.
The Original File download option can be enabled or disabled. Once the option is enabled, the files are automatically stored in a Forensics folder in the SaaS application specified in the Forensic Profile.
To learn more: About DLP and Enable a Forensic Profile.
Note
This is currently a limited availability feature. Contact your Sales Representative or Support to enable this feature.
With this release, Netskope displays user notifications and generates malicious site alerts for Uniform Resource Locator (URL) filtering policies in the Security Risk category. An alert is raised even if a user visits an offline URL under the Security Risk category.
With this release, Netskope adds support to provide To User details on adding or inviting members to teams or channels. Whenever a user sends an invite to the team or channel an Invite activity is detected and To User details are displayed.
In this release, Netskope adds the Untagged option to the App Instance Tag policy criteria. This option matches app instances without tags.
To learn more: Real-time Protection Policies
With this release, Netskope logs WebSocket traffic in Transaction Events. The x-type transaction event field is set to WebSocket. One transaction event is generated for each TCP connection.
To learn more: Transaction Event Fields
Enhanced domain fronting protection to match the Server Name Indication (SNI) with the HyperText Transfer Protocol (HTTP) request Host header.
To learn more: Managing Error Settings and Transaction Event Fields.
Note
This is currently a limited availability feature. Contact your Sales Representative or Support to enable this feature.
Netskope now supports reading XFF for traffic through IPSec and GRE tunnels. You can configure specific tunnels or IP addresses to trust XFF and apply XFF IP address in policies.
To learn more: Security Cloud Platform Configuration.
As part of improving user experience via Netskope cloud, a new service has been created that helps Netskope Client in finding the optimal datacenter for tunnel establishment based on machine learning algorithms. To learn more: Netskope Client POP Selection
Note
This feature is in Beta. Contact your Sales Representative or Netskope Support for more information.