Skip to main content

Netskope Help

New Features And Enhancements In Release 96.0.0

Here is the list of the new features and enhancements.

Pivot Rank Field For Ranked Dimension

In this release, Netskope updates the Pivot Rank Limit field to limit the top X number of ranked dimensions. This field also allows the user to drill down on a pivot ranked dimension.

User Behavior Analytics (UBA) Custom Sequential Rule Enhancements

Netskope enhances Advanced UBA custom sequential rules with risky countries filter selection. The predefined risky countries policy is updated with IP-based exception (for trusted IPs or VPNs) from the same country.

SlideShare Activity Update

With this release, Netskope removes Share from the application activity list.

Forward Message Activity Rename

With this release, Netskope changes Google Group forward message activity from Post to Send.

App Suite Membership

Netskope updates the App Suite List to include the following Real-Time Policy Enforcement:

  • Adobe

  • Amazon Web Services

  • Atlassian

  • Microsoft Office 365 (GCC)

  • Google Suite

  • Microsoft Office 365

  • Yahoo

  • Zoho

Google Meet Connector Enhancement

Netskope adds a new connector for the Google Meet application that allows to use policies and supports the following activities:

  • Create 

  • Join

  • Record

  • Post with DLP support

  • Share

Joining, Posting and Sharing of content without logging into Google account displays instance ID as Unauthenticated.

Data Loss Prevention (DLP) Support For Dropbox Files

Uploading files larger than 4MB in Dropbox app is now subject to DLP and threat inspection.

Enhanced File Detection

Netskope adds new file type and intuitive workflow for granular selection of file types, categories, and so on with enhanced detection.

SuccessFactors Connector Enhancement

Netskope supports Send and Move activities for the SuccessFactors application. Now along with moving forms and sending feedback emails, you can configure policies in real-time based on Move and Send activities.

DLP Support For Vimeo Comments

Netskope supports DLP for comments posted on public and user created videos in Vimeo.

DLP Support For SharePoint

With this release, larger files uploaded to SharePoint application is subjected to DLP and threat inspection except for files uploaded from Yammer and MS Planner. Some navigations getting multiple hits intermittently will be fixed in future releases.

Application Category Modifications

With this release, Netskope updates application category for:

  • Vimeo app from Consume to Content Management.

  • HelloSign app from Collaboration to Business Process Management.

Renamed Google Workspace

Google Workspace is now renamed to Google Accounts that governs login to all Google apps and services including Google Cloud Platform (GCP).

Seamless Policy Update

In this release, Netskope updates NPA configuration and policy which is seamlessly learned by NS Client and does not require the Client to reconnect. This enhancement is available on Windows and OS X platforms.

Hardware Device ID Support

Netskope supports duplicate hardware device ID when the Client is installed in per user mode.

Google Cloud Platform (GCP) Center for Internet Security (CIS) Profile v1.3.0

In this release, Netskope adds CIS Google Cloud Platform Foundation Benchmark v1.3.0 as part of Security Posture predefined profiles.

Azure Center for Internet Security (CIS) Profile v1.4.0

In this release, Netskope adds CIS Microsoft Azure Foundations Benchmark v1.4.0 as part of Security Posture predefined profiles.

File Type Feature Enhancement

With this release, file type capability in the Real-time Protection policy provides granular file and file category selection. In addition, detection was improved by using true file types. The file size is limited to 1.99 GB and will be expanded in the future.

New HTTP Methods

HTTP Header Profile supports the following HTTP methods defined in the Web-based Distributed Authoring and Versioning (WebDAV) extension:

  • move

  • copy

  • mkcol

  • propfind

  • propmatch

  • lock

  • unlock

Isolate Action Type For Filter Query

The enhanced presentation and filtering features in Skope IT > Page Events allows to identify and filter Page Events by Action. This enables to easily identify the pages sent to Netskope RBI for web isolation and filter them with the help of column Action:isolate.

RBI-178401-1.png

You can also click on the filter icon to apply the filter.

RBI-178401-2.png

The advanced search capability is enhanced to suggest Action:isolate while building the query to filter Page Events.

RBI-178401-3.png
Enhanced Malicious Site Searching

On the Malicious Sites page, you now can search for a specific malicious site by domain name or URL. Also, the Site column was renamed to Threat Match Value.

To learn more: About Malicious Sites.

Policyless CTEP/Web IPS Configuration Experience

Netskope simplified the Client Traffic Exploit Protection (CTEP) configuration by making it a policyless experience. On the CTEP Settings page, you now can enable or disable CTEP as well as create a list of exceptions. You cannot create or edit CTEP policies in real-time protection policies. You must disable or delete any existing CTEP policies for the policyless configuration to take effect.

The CTEP Settings page.

To learn more: About IPS Settings.

Certificate Pinned Application Management

Netskope introduces a new Certificate Pinned Apps tab under App Definitions that improve the admin workflow when creating and managing certificate pinned applications. Admins can create a new certificate pinned app as well as edit and delete the custom certificate pinned apps.

The Certificate Pinned Apps tab on the App Definition page.

To learn more: Certificate Pinned Applications.

macOS Performance Improvement

With this release, the enableMacPerformance feature flag can be enabled on macOS Netskope Client to improve performance significantly. This flag is enabled by default and the Client uses VIF on macOS as part of this improvement.

Note

To disable this flag, contact your Sales Representative or Netskope Support.

While working on this enhancement “enableMacPerformance”, Netskope observed an interoperability issue  with Cisco Anyconnect in full-tunnel mode. To address the same, when the Client tunnel is established, a probe process starts within three seconds to detect AnyConnect full tunnel mode. The Client switches to lwip (method prior to enableMacPerformance flag) if the probe is unsuccessful and generates a “tunnel down due to error” event. If this occurs, the Client might  disconnect and reconnect intermittently for 10-20 seconds. As a workaround, Netskope recommends adding the macOS Client VIF IP range (100.127.100.0/24) to Cisco AnyConnect split tunnel exclusion range. To learn more on AnyConnect interop, Cisco AnyConnect

Important

This behavior change exists only for macOS devices.

Linux Device Classification Support

Netskope implemented Linux Device classification on Netskope Cloud.

Linux_DC.png

To learn more: Device Classification for Linux.

Note

This is currently a beta feature. Contact your Sales Representative or Netskope Support for more information.

IKEv1 Support Deprecated for IPSec Tunnels

Netskope no longer supports Internet Key Exchange (IKEv1). Any IKEv1 messages will be explicitly blocked and tunnel creation will fail.

In addition to documenting all new and improved features, here is the list of articles with key documentation updates: