Skip to main content

Netskope Help

New Features And Enhancements In Release 100.0.0

Here is the list of the new features and enhancements.

DLP Incidents Page Enhancements

Netskope API Data Protection updated the following:

  • On the DLP Incidents page (Incidents > DLP), the Acting User field is changed to Last Modified By. This denotes the user that made the latest changes to the object/file when Netskope processed it.

    Incidents-DLP_Last-Modified.png
  • The File Owner is the creator of the object/file in the application.

    Incidents-DLP_File-Owner.png

To learn more: About DLP.

Note

The above changes only apply to DLP incidents generated post the roll out of this enhancement i.e., release 100.0.0. This doesn't affect/modify DLP incidents generated before release 100.0.0.

Custom Tombstone in Quarantine Profile Enhancement

Netskope API Data Protection has added support for ms-excel (.xls) and ms-powerpoint (.ppt) MIME type as custom tombstone files. In addition, a custom tombstone text can now be applied on an ms-excel (.xls) file type.

Note

A custom tombstone text cannot be applied on an ms-powerpoint (.ppt) MIME type. Netskope applies the default tombstone text on an an ms-powerpoint (.ppt) MIME type.

Microsoft Office 365 SharePoint Site Exclusion Enhancement

Note

This is a controlled General Availability feature. Contact your Netskope sales representative/support to enable this on your tenant.

Netskope API Data Protection has added support to exclude Microsoft Office 365 SharePoint site(s) from the policy wizard page. When excluded, the policy will skip scanning the site(s).

SharePoint_Exclude-Sites.png

Note

It is important to note that the site(s) added to the exclusion list will be included for policy processing within a retroactive scan. This is a known issue and a fix is on the way soon.

New Custom Table Support in ServiceNow

Note

This is a controlled General Availability feature. Contact your Netskope sales representative/support to enable this on your tenant.

In addition to default tables, API Data Protection now supports custom tables in ServiceNow. Follow the instructions in Configure ServiceNow for API Data Protection and then navigate to Policies > API Data Protection and configure a ServiceNow policy. Under Content > Select Objects, the UI should list the custom table(s).

AWS Connector Support

Enhanced AWS Connectors to provide coverage for Gov Cloud.

Google Cloud Storage Support

Prior to this release, files from Google Cloud Storage was accessed and downloaded without authentication over public links which were not mapped to any Instance ID.

To address this gap, public-link will be added as a placeholder Instance ID for cases where the downloads are happening over unauthenticated public links and Instance Identification is not possible. 

This provides admin the ability to take specific enforcement actions for unauthenticated public link downloads as required.

Google Firebase Storage Connector

Netskope adds Google Firebase storage application connector with the support for the following activities:

  • Create

  • Edit

  • Delete

  • Upload

  • Download

Slack Instance_id Update

This feature when enabled uses the Slack Workspace Id as the Instance in Netskope policies for Download events.

Note

For all other events except Download, the Slack Workspace Name should be used as the Instance in Netskope policies.

This is currently behind a feature flag. Contact your Sales Representative or Support for more details and enablement.

URL Categorization For Baidu Application

Netskope updates all the Baidu applications as per their category.

Response Header Support

Netskope adds x-robots-tag response header to prevent crawlers and indexers from indexing the rproxy pages.

Additional Information For SAML HTML page

The SAML HTML error page is updated to be more verbose for fast and easy resolution.

Application Category Modifications

Netskope updates the application category for:

  • Acronis app from  Cloud Backup to Security.

  • Hightail app from Cloud Storage to Collaboration.

UN Entity Name Updates

Netskope:

  • Updates the region tags for Russia and Ukraine to reflect Europe instead of Asia, in accordance with UN classification.

  • Replaces the entity references for Turkey with Türkiye, as per the UN adoption of the name change. Ad hoc entity searches still continue for the term "Turkey" indefinitely.

  • Detects "東京市" ("Tokyo") for the "Localities (JP; Cities)" entity.

Case Sensitive Support for File Profile

When configuring a File Profile, you can now enable the Case Sensitive switch to allow case matching for file names or extensions. Netskope enables this setting by default.

To learn more: Adding a File Profile.

UI Policy Export

The policy export button supports the ability to export the Real-time Protection policy via the CSV or JSON formats. This download exports the policy based on the current administrator's access level.

Passport Entity Support

Netskope adds the following:

  • Passport Numbers and Passport Number Terms entities for the following 17 countries:

    • Belgium

    • Bulgaria

    • Switzerland

    • China

    • Czechia

    • Denmark

    • Greece

    • Hungary

    • Ireland

    • Isle of Man

    • Latvia

    • Lithuania

    • Malaysia

    • Poland

    • Portugal

    • Romania

    • Sweden

  • Regional Identifier entities for each of the 27 European Union member states detecting country names and adjectival and demonymic forms such as "Germany" and "German".

  • Austria Passport Number Terms.

National ID Entity Support

Netskope adds the following:

  • 27 new National ID Number Terms entities to the following countries: 

    • Austria

    • Bulgaria

    • Croatia

    • Czech Republic

    • Denmark

    • Estonia

    • Finland

    • Greece

    • Hungary

    • Iceland

    • Indonesia

    • Latvia

    • Lithuania

    • Macau

    • Malaysia

    • Norway

    • Poland

    • Portugal

    • Romania

    • Serbia

    • Slovenia

    • Sri Lanka

    • Sweden

    • Switzerland

    • Thailand

    • UAE

    • Venezuela

  • English updates to the existing National ID Number Terms entities for the following 11 countries:

    • Belgium

    • Chile

    • China

    • Colombia

    • Dominican Republic

    • Hong Kong

    • India

    • South Korea

    • Spain

    • Taiwan

    • Türkiye

  • A new generic Nonspecific ID Numbers entity, which detects various forms of "id" with optional number indicators, such as "id#", "id no.", "id num", and "id number". Netskope recommends only using this entity for rules with extremely close proximity to other entities or for custom entities.

Enhanced Behavior for Endpoint Content Control Policy Alerts

Netskope enhances Content Control policies behavior that does not contain a File Profile, File Origin, or DLP profile with the Action set to Alert. Before, these policies generated alerts and incidents for all files copied to a USB device, now these policies generate alerts and not incidents.

Block WebDAV Access

Netskope Cloud Real-Time Protection policies now provide the ability to control access to WebDAV traffic, by providing the ability to configure WebDAV extension methods and headers under HTTP Header Profiles.

HTTP Header Profiles

Netskope enhances the HTTP Header Profile feature with new capabilities, such as new header support, regex, etc.

To learn more: HTTP Header Profile

Inline Policy File Size Update

You can create file-size-only Real-time Protection policies for files up to 1024 GB. Prior to this update, the limit was 1.9 GB.

Note

This is a Controlled General Availability feature. Contact your Netskope sales representative or support to enable this on your tenant.

NPA AOAC Support

When NPA Windows Prelogon from WebUI is enabled, Client treats AOAC support as enabled. If prelogon is not enabled, AOAC support is controlled by the feature flag AOAC Support for Windows 10.

Policy Wizard Enhancements

Netskope has rolled out the following policy wizard enhancements:

  • User profile filter: A set of users as defined in the user profile. User profiles allow you to upload a CSV file with all the users email addresses to include or exclude in a scan for policy violations.

  • Number of internal collaborators: To set thresholds for when content sharing triggers a policy violation, select the More Than or Less Than radio button and enter the number of internal collaborators that need to be detected for a policy violation to occur.

  • File type: Apply the policy for a specific file type category. A few file type category examples are audio, image, word processor, presentation, video, etc.

Isolation Indicators

Netskope enables all isolation indicators by default in an RBI template when Read-Only user action control is enabled, reflecting the expected behavior for end users. These Isolation indicators are not editable (greyed out) if Read-Only is enabled.

R100_216123_RBI.png
Warning Message

Netskope removed the "has not been extensively tested" warning message.

To learn more: RBI Supported Browsers

WebView2 IdP Enrollment

Netskope Client supports user IdP enrollment using WebView2 that requires a minimum version: 106.0.1370.52.

Note

Configure the feature flag HKCU\software\Netskope with key: webview2 and value DWORD 1 while using GPO during the user login.

This feature is in Beta currently. Contact your Sales Representative or Support to enable this feature.

To learn more, view Deploy Netskope Client via IdP.

ProgramData Folder Access

Netskope enhances Client self-protection mechanism for ProgramData folder.

To learn more, view Netskope Client Hardening.

Note

This feature is behind a self-protection feature flag. Contact your Sales Representative or Support to enable this for your account.

Disable Netskope Client

With macOS Ventura v13.0, a new Mobile Device Management (MDM) setting is required to enforce tamper proofing to Netskope Client.

To learn more, view Netskope Client for macOS.

Support for iOS 16

With this release, Netskope extends its support for iOS version 16.

To learn more, view Netskope Client Supported OS and Platform.

SAML Authentication Refresh Interval

You can now lower the SAML Authentication Refresh Interval to less than one day.

To learn more: Forward Proxy Authentication

Note

This is a controlled General Availability feature. Contact your Netskope sales representative/support to enable this on your tenant.

In addition to documenting all new and improved features, here is the list of articles with key documentation updates: