New Features And Enhancements In Release 103.0.0
Here is the list of the new features and enhancements.
Loading Indicator
Added loading indicator to the following pages which lets the user know data is being loaded in the background:
Overview page
Personal view dashboards and widgets
Group view report and widgets
Netskope Library dashboards and widgets
UI Update
With this release Netskope is introducing a new Overview page to help you easily access recent dashboards and relevant insights. In addition, expect enhancements to the user interaction pages with the dashboard library and personal / group folders. This will reduce efforts required to set up NAA on day-zero and readily allows you to benefit from Netskope Advanced Analytics insights.
BENEFITS:
New Overview Page: Central place where users can access relevant insights for their persona; users can customize the experience to their environment.
Revamped Netskope Library: Better user experience in viewing available out-of-the-box dashboards in an organized fashion with better search capabilities and easier navigation.
New customization options: Dashboards and widgets filtering capability, create and attach custom tags to dashboards and filters, improved search capabilities.
New Favorites: Ability to favorite dashboards and widgets and automatically add them to a dedicated favorites folder.
New way to create dashboards: Users can now create dashboards by selecting out-of-the-box widgets from the widget library.
Exclude the Team Drives for Google Drive
Added an advanced option to include or exclude specific Team Drives from the scope of Google Drive API Data Protection policy wizard.
Large File DLP Support
API Data Protection supports files up to 128 MB for DLP and threat protection, except for encryption as an action (including quarantine and legal hold with encryption). Policies with encryption action support files up to 32 MB only. A few points to consider before enabling this enhancement:
With large files, there may be increased end to end latency for policy remediation actions.
Increase in forensic/quarantine/forensics data store size.
Note
The default file size is set to 32 MB. However, if you'd like to try this enhancement, contact your Netskope sales representative/support to enable this on your tenant.
Synthetic Support For Yahoo Japan Email
Enhanced the detection capability to inspect the from_user field accurately.
DLP Support For Edit And Create Activity
Added DLP support to Create and Edit issue activities in Atlassian Jira application.
Note
This DLP support is applicable to default Jira fields like summary, description, and environment only.
AODocs Instance Id Support
Added instance_id support for Google Drive when Upload and Download activities are performed through AODocs application.
Multipart Support For Google Drive
Added the ability to support inspection of large files (>200MB) uploaded to Google Drive when files getting chunked (app behaviour) into smaller parts during upload. Multipart uploads can fail if the client has a slow internet connection and takes longer than 10 minutes to upload a file.
Note
This is a controlled General Availability feature. Contact your Netskope sales representative/support to enable this on your tenant.
Instance Id Support
Deprecated the support for Instance_id for Google BigQuery application. Use "Google Accounts" app for instance-based access control for GCP Console and CLI-based access.
Ambiguous Medical Terms
Removed the following terms from the Medical Conditions (English) Entity:
Several ambiguous three- and four-letter acronyms, such as "std" and "aids".
Common "under the sink" or garage chemicals and OTC medications that are used in the context of overdoses or harm due to ingestion, but are not actually medical conditions in themselves, such as "aleve", "advil", "antacids", "mineral spirits", and "weed killers".
Common ingredients associated with allergies, but also are not medical conditions, such as "olive oil" and "sunflower seed oil".
Several terms associated with medical services, but are not conditions, such as "hospice", "intensive care unit", and "pharmacy". Several overly ambiguous terms such as "burning", "casualty", "splinter", and "tingling".
Detect Base64-encoded Data
Added new Base64-Encoded Data Entity to detect base64-encoded data within text.
Update DLP Image Classification Model
Updated the Machine Language (ML)-based image classification model used by DLP to improve accuracy and reduce false-positives.
URL Miscategorization
In addition to submitting URL re-categorization requests through the tenant UI or Netskope URL, you can now use APIs to submit bulk URL re-categorization requests and check the status of these requests.
Windows Endpoint DLP Agent Service Names
Changed the service names for the Windows Endpoint DLP agent:
Service Name | Display Name |
---|---|
epdlp | Netskope DLP Service |
epdlpdrv | Netskope DLP Content Control driver |
epdlp_dev_ctrl | Netskope DLP Device Control driver |
Endpoint DLP Log Level
The Endpoint DLP log level is now controlled by the stAgent log level UI. Right-click the Netskope Client icon in the system tray to modify and choose Advanced Debugging > Set Log Level setting.
USB File Operations Overhead
When the product is paused using the Pause link in the device health page, the content examination system halts enforcement, and allows any file written to a USB device while in the Pause mode without inspection. This increases the IO throughput of operations against the USB-stored files.
New Permissions for Atlassian Confluence
Atlassian Confluence is deprecating many v1 Confluence Cloud API endpoints and are being replaced with v2 equivalent API endpoints. To leverage the v2 API endpoints, Netskope now requires a new set of permissions to be granted. To learn more: Permissions Required for Atlassian Confluence.
Note
Existing Atlassian Confluence app instances should be re-granted in the Netskope UI.
Microsoft 365 OneDrive & SharePoint Commercial Apps Availability
Microsoft 365 OneDrive (commercial) and SharePoint (commercial) apps are now available on the Next Generation API Data Protection platform. Please note the following important points:
If you currently use the classic version of Microsoft 365 OneDrive and SharePoint apps
No action required. You should continue to use the classic version that you use today. Netskope will notify you via a banner message on the Netskope tenant UI when you can switch over to the Next Generation apps.
If you are currently not using the classic version of Microsoft 365 OneDrive and SharePoint apps
Netskope will make these apps available to you in phases. To check if these apps are available on your Netskope tenant, follow the instruction below:
Log in to your Netskope tenant and navigate to Settings > API-enabled Protection > SaaS > Next Gen.
Locate the OneDrive or SharePoint apps from the list.
For OneDrive & SharePoint, click either of the apps, then click the SETUP <app name> INSTANCE button. Under the Office 365 Environment drop-down, if you see Commercial, you are eligible to configure the app on the Next Generation API Data Protection platform.
If you do not see the apps, stay tuned, the apps will be made available in due course. In the meanwhile, you can continue to set up these apps available under Settings > API-enabled Protection > SaaS > Classic.
CIS Microsoft 365 Foundations Benchmark v1.5.0 Support
Added references to CIS Microsoft 365 Foundations Benchmark v1.5.0 controls for suitable rules. This applies to Microsoft 365 app suite.
Compliance Page Widgets
Starting from release 103.0.0, Netskope has removed the top-level widgets from the API-enabled Protection > Security Posture (Next Gen) > Compliance page. The widgets were originally available under the Raw Findings, Rules, and Resources tabs. They are now made available under the API-enabled Protection > Security Posture (Next Gen) > Overview page.
Backoff Mechanism
Reduced aggressive retries when Client downloads prelogon user configurations failed.When the API calls fail, Client retries the API call in increasing backoff time up to 1 hour. Before this change, when the API calls failed, Client retired every 1 min.
RBAC v2 Feature Flag
Newly created tenants will have the RBAC v2 feature enabled by default.
iCloud Settings Page
RBI included an enhancement that allows to leverage drag and drop to move elements inside the same isolated webpage (for example, web apps that support customized user’s view by moving sections or elements on the screen).
Prior to this enhancement, you could not drag and move elements inside the same isolated web page. This enhancement allows users to drag and move draggable elements inside the same isolated webpage (isolated tab).
Machine Learning Inline Phishing Detection
A new machine learning based phishing detection engine is enabled in Standard Threat Protection. This engine improves phishing detection using a combination of techniques using metadata from enhanced scanning and ML based detection to identify phishing domains in realtime.and block access to those sites.
To learn more: Threat Protection.
Disable Steering in NPA Only Mode
You can now configure Netskope iOS client enrollment to support only Private Access connectivity. New VPN profile key 'ForceDisabledSteering' with boolean value to true disables Internet Security and force tunnel into an effectively no steering mode.
New Backoff Mechanism For Client Configuration APIs
Enhanced the backoff mechanism whenever the Client encountered server error responses.
Netskope Client Auto-Upgrade
During the auto-upgrade process, in the event of a system restart/shutdown/crash/hard reboot/power failure in a Windows machine, there is a possibility that the client gets removed from the endpoint.
To eliminate this issue, Netskope introduces a new installation monitor service "stAgentSvcMon.exe" that starts during the auto-upgrade process. This new monitor service is a copy of existing Netskope Client Service with limited functionality. Once the auto-upgrade process is completed, this monitor service is removed from the endpoint.
If an auto-upgrade process is in-progress and is interrupted by system restart/crash/shutdown/hard-reboot/power failure, the installation monitor service relaunch the client installation on the endpoint irrespective of any changes to the machine.
To learn more, view Netskope Client For Windows.
Upgrade Failure Detection Improvements
If client installation process such as upgrade/uninstallation fails in a Windows machine, the Client installer does not retract the changes done by the process resulting in the uninstallation of the Client on the endpoint. Client must handle any failure during installation and install the previous version if needed and ensure that the Client is working.
As part of this new feature:
In the event of a Client upgrade failure, the Client installer reverts to the previously installed version.
In the event of a Client uninstallation failure, the Client installer reverts to the installed version.
Important
The auto-rollback during Client upgrade is available only for the Client version from 103.0.0 and later.
To view the events displayed in the event of an Client upgrade failure on the Device details page:
Uninstallation Failure
Upgrade Success
Upgrade Failure
To learn more, view Netskope Client For Windows
WebView2 IdP Enrollment
This was previously a Beta feature and with this release, it is available for all tenants.Netskope client supports user IDP enrollment using WebView2. It requires the minimum WebView2 106.0.1370.52 version.
To learn more, view Deploy Netskope Client via IdP.
Character Validation
Added validation for WebUI V2 in Create, Edit mode and CSV import.
Note
This is currently a Beta feature. Contact your Netskope sales representative or support to enable this on your test tenant.
Enabled Column In Sample CSV File
The 'enabled' column is now available in the CSV upload for IPSec and GRE and it refers to enabling the tunnel after creation.
To learn more: Importing IPSec Sites from a CSV File and Importing GRE Sites from a CSV File.
Note
This is currently a Beta feature. Contact your Netskope sales representative or support to enable this on your test tenant.
Feature Flag Enabled Message
The Netskope POPs list now displays a new message This POP is not accepting new tunnels, next to each POP when the V2 feature flag is enabled. This message is hidden when the V2 feature flag is disabled thus restricting the users accessing them.
Note
This is currently a Beta feature. Contact your Netskope sales representative or support to enable this on your test tenant.
Save and Copy Option
Added a new button called Save And Copy POPS Info which saves and copies to the user's clipboard with all the POPS information.
To learn more: Creating an IPSec Site and Creating a GRE Site.
Note
This is currently a Beta feature. Contact your Netskope sales representative or support to enable this on your test tenant.
IPSec UI Displaying POP
In the IPSec create tunnel pop-up the POPs displayed are filtered out by ones that are overloaded. Only those accepting tunnels will be shown in UI V1 and V2.
To learn more: IPSec.
Note
This is currently a Beta feature. Contact your Netskope sales representative or support to enable this on your test tenant.
Overloaded Tunnel Support
If a particular POP is overloaded it will now advertise that with accepting_tunnels false in the api and the UI will not show it in the options for creating new tunnels or for switching to when editing.
Note
This is currently a Beta feature. Contact your Netskope sales representative or support to enable this on your test tenant.
Additional Tunnel Support
This enhancement includes 9 additional pops to a tunnel along with a geographical pops by IP address or latitude and longitude. New filters are for the main page on pop, status, name and traffic type.
Note
This is currently a Beta feature. Contact your Netskope sales representative or support to enable this on your test tenant.
V2 API Integration
Added Kilometers (km) or Miles for sorting distance from IP or Longitude or Latitude.
To learn more: Creating an IPSec Site and Creating a GRE Site.
Note
Until the migration is completed users without a tunnel on V1 UI can only make use of V2 UI because to incompatible backends.
Note
This is currently a Beta feature. Contact your Netskope sales representative or support to enable this on your test tenant.
MFA Support For The Management Console
Support multi-factor authentication (MFA) for Netskope admins log in to the Netskope management console using the local administrator accounts.
Multiple SAML IDPs Enhancements
Added the options to obtain the legacy ACS URL formant and the ability to control the user authentication domain refresh interval.
Advanced UEBA UCI Score
A new REST API enables ingesting 3rd party risk impact as an input to a user's User Confidence Index (UCI) score. This REST API reduces a user's UCI by the specified number based on risk learned from a partner vendor (such as Endpoint Detection and Respons, IdP or Email). The API parameters allows to specify the user, source, timestamp, score (reduction) and reason to reduce the user's UCI. These are shown in the Behavior Analytics incidents and also in the corresponding Behavior Analytics alerts.
Anomaly Alert
A new alert provides information on anomalies impacting UCI created in Advanced UEBA using 3rd party API.
IPSec: Improved the content and structure for IPSec tunnels.
Creating an IPSec Site: New article on how to create an IPSec site.
Importing IPSec Sites from a CSV File: New article on how to import mutliple IPSec sites using a CSV file.
GRE: Improved the content and structure for GRE tunnels.
Creating a GRE Site: New article on how to create an GRE site.
Importing GRE Sites from a CSV File: New article on how to import mutliple GRE sites using a CSV file.
User Identity Methods for IPSec and GRE Tunnels: New article containing the user identity methods for IPSec and GRE tunnels.
Netskope Client Overview: Improved content with detailed description about Netskope Client.