Netskope Help

In this release, Netskope updates the Pivot Rank Limit field to limit the top X number of ranked dimensions. This field also allows the user to drill down on a pivot ranked dimension.

Netskope enhances Advanced UBA custom sequential rules with risky countries filter selection. The predefined risky countries policy is updated with IP-based exception (for trusted IPs or VPNs) from the same country.

With this release, Netskope removes Share from the application activity list.

With this release, Netskope changes Google Group forward message activity from Post to Send.

Netskope updates the App Suite List to include the following Real-Time Policy Enforcement:

Netskope adds a new connector for the Google Meet application that allows to use policies and supports the following activities:

Joining, Posting and Sharing of content without logging into Google account displays instance ID as Unauthenticated.

Uploading files larger than 4MB in Dropbox app is now subject to DLP and threat inspection.

Netskope adds new file type and intuitive workflow for granular selection of file types, categories, and so on with enhanced detection.

Netskope supports Send and Move activities for the SuccessFactors application. Now along with moving forms and sending feedback emails, you can configure policies in real-time based on Move and Send activities.

Netskope supports DLP for comments posted on public and user created videos in Vimeo.

With this release, larger files uploaded to SharePoint application is subjected to DLP and threat inspection except for files uploaded from Yammer and MS Planner. Some navigations getting multiple hits intermittently will be fixed in future releases.

With this release, Netskope updates application category for:

Google Workspace is now renamed to Google Accounts that governs login to all Google apps and services including Google Cloud Platform (GCP).

In this release, Netskope updates NPA configuration and policy which is seamlessly learned by NS Client and does not require the Client to reconnect. This enhancement is available on Windows and OS X platforms.

Netskope supports duplicate hardware device ID when the Client is installed in per user mode.

In this release, Netskope adds CIS Google Cloud Platform Foundation Benchmark v1.3.0 as part of Security Posture predefined profiles.

In this release, Netskope adds CIS Microsoft Azure Foundations Benchmark v1.4.0 as part of Security Posture predefined profiles.

With this release, file type capability in the Real-time Protection policy provides granular file and file category selection. In addition, detection was improved by using true file types. The file size is limited to 1.99 GB and will be expanded in the future.

HTTP Header Profile supports the following HTTP methods defined in the Web-based Distributed Authoring and Versioning (WebDAV) extension:

The enhanced presentation and filtering features in Skope IT > Page Events allows to identify and filter Page Events by Action. This enables to easily identify the pages sent to Netskope RBI for web isolation and filter them with the help of column Action:isolate.

You can also click on the filter icon to apply the filter.

The advanced search capability is enhanced to suggest Action:isolate while building the query to filter Page Events.

On the Malicious Sites page, you now can search for a specific malicious site by domain name or URL. Also, the Site column was renamed to Threat Match Value.

To learn more: About Malicious Sites.

Netskope simplified the Client Traffic Exploit Protection (CTEP) configuration by making it a policyless experience. On the CTEP Settings page, you now can enable or disable CTEP as well as create a list of exceptions. You cannot create or edit CTEP policies in real-time protection policies. You must disable or delete any existing CTEP policies for the policyless configuration to take effect.

To learn more: About IPS Settings.

Netskope introduces a new Certificate Pinned Apps tab under App Definitions that improve the admin workflow when creating and managing certificate pinned applications. Admins can create a new certificate pinned app as well as edit and delete the custom certificate pinned apps.

To learn more: Certificate Pinned Applications.

With this release, the enableMacPerformance feature flag can be enabled on macOS Netskope Client to improve performance significantly. This flag is enabled by default and the Client uses VIF on macOS as part of this improvement.

While working on this enhancement “enableMacPerformance”, Netskope observed an interoperability issue  with Cisco Anyconnect in full-tunnel mode. To address the same, when the Client tunnel is established, a probe process starts within three seconds to detect AnyConnect full tunnel mode. The Client switches to lwip (method prior to enableMacPerformance flag) if the probe is unsuccessful and generates a “tunnel down due to error” event. If this occurs, the Client might  disconnect and reconnect intermittently for 10-20 seconds. As a workaround, Netskope recommends adding the macOS Client VIF IP range (100.127.100.0/24) to Cisco AnyConnect split tunnel exclusion range. To learn more on AnyConnect interop, Cisco AnyConnect

Netskope implemented Linux Device classification on Netskope Cloud.

To learn more: Device Classification for Linux.

Netskope no longer supports Internet Key Exchange (IKEv1). Any IKEv1 messages will be explicitly blocked and tunnel creation will fail.