Skip to main content

Welcome to Skyhigh Security!

Skyhigh Security

Skyhigh Security Cloud Release Notes 6.1.2 (September 2022)

Skyhigh Secure Web Gateway (Cloud)

Rule set for blocking HTTP methods

6.1.2 includes a new rule set for HTTP methods. The rule set can be imported to enforce block action on HTTP methods. It is located under Common Rules in the policy tree. Block action can be executed for each HTTP method and provides control for policy execution.

For more information, see Block Requests for Web Access Based on HTTP Methods.

clipboard_e6c4dd611be907c42810d87139a23c423.png

Download of RBI, Private Access, and Firewall data for Reporting with Forensics API

The scope of the REST API for Secure Web Gateway, which is also known as Forensics API, has been enlarged. In addition to downloading data from normal web traffic for reporting, the admin can now use it to download data from traffic of the following types:

  • Remote Browser Isolation (RBI)

  • Private Access
  • Firewall

For more information, see Reporting Examples.

Cloud Connector User role for SSE Hybrid Users

Skyhigh Cloud Connector access will be available for SSE Hybrid (WPS2) license users. Users or tenants with the Cloud Connector User role can access the Cloud Connector page to manage Cloud Connectors. For details, see Cloud Connector User Role for SSE Hybrid Users
Cloud Connector.png

Export Service Provider metadata when configuring SAML authentication

6.1.2 contains a new option to export Service Provider metadata, making SAML configuration easier by leveraging the exported data to configure IdPs as well. The exported data can be imported to an IdP without manual configuration steps. This feature set will support multiple IdPs.

For more information, see Configure SAML Authentication for Secure Web Gateway.

clipboard_e40468bad27a4647bc1c42ba7ea422238.png

Private Access 

Revoke SAML Authentication  

You will soon be able to revoke the SAML authentication session for all users or a specific user if you find any suspicious behavior. For details, see Revoke SAML Authentication

Import Private Application List 

With the 6.1.2 release, admins will be able to import a list of private applications through a CSV file rather than adding the application names individually. For details, see Import Application List.

Discovered Private Applications 

By monitoring different applications accessed by users, Skyhigh Private Access will help you identify the most accessed applications so you can configure the access policy based on their usage.

appdiscovery.png

Multiple Port Support 

While adding private applications, you will be able to configure port in multiple ways: 

  • Range (80-90)
  • Individual (80, 90, 8080)
  • Both (100-300, 80, 90)

Skyhigh Client Proxy

For detailed Release Notes, see Client Proxy 4.5.0 Release Notes.

Skyhigh Rebranding Changes 

Updated the McAfee logo, name, and copyright with the Skyhigh logo, name, and copyright in the Client Proxy user interface.

NOTE: To view Client Proxy software details, see Access Client Proxy Registry Information.

What is changed Before Now
Client Proxy software policy directory C:\ProgramData\McAfee\MCP\Policy\MCPPolicy.opg C:\ProgramData\Skyhigh\SCP\Policy\SCPPolicy.opg
Client Proxy software installation directory

C:\Program Files\McAfee\MCP

C:\Program Files\Skyhigh\SCP
Client Proxy Registry path  \HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\MCP \HKEY_LOCAL_MACHINE\SOFTWARE\Skyhigh\SCP
Policy file name MCPPolicy.opg SCPPolicy.opg
Client Proxy services MCPService.exe and MCPAbout.exe  SCPService.exe and SCPAbout.exe
Installer executable file McpInstaller.x64.exe and McpInstaller.x86.exe ScpInstaller.x64.msi and ScpInstaller.x86.msi
Information about Client Proxy (Windows) About McAfee Client Proxy About Skyhigh Client Proxy

Using Port 443 for Secure Channel

Supports the usage of standard port 443 for the Secure Channel traffic. For more information, see Secure the Communication Channel between Client Proxy and WSGS.

Note: This feature is supported on Client Proxy 4.5.0. and later. The auto update of policy changes and traffic redirections fails when you enable Secure Channel on port 443 on the earlier versions of Client Proxy (<4.5.0).

Configure Port in Multiple Ways

Private Applications are identified by the host and port associated with an URL. To enhance the User Experience, the UI lets you configure a port range or the list of ports while adding the private applications in the Private Application Configuration page. For more information, see Add Applications.

You can configure ports in multiple ways:

  • Range (80-90)
  • Individual (80, 90, 8080)
  • Both (100-300, 80, 90)

Support for IPv6

In a pure IPv6 network (for example, dual stack without IPv4), the Client Proxy clients will intercept IPv6 DNS queries for private applications and returns the IPv4 address of the private application. 

Skyhigh CASB

Skyhigh CASB for Zoom Supported for GovCloud

Skyhigh CASB for Zoom is a comprehensive security and compliance integration for Zoom that complements its native capabilities to allow IT teams to protect data. Skyhigh CASB for Zoom is now supported for the GovCloud Skyhigh CASB environment. For details, see Skyhigh CASB for Zoom

Data Protection

Classifications using Proximity Match

You can identify sensitive data with text patterns in a classification. Use a proximity match in your classification to define how many characters can separate items in advanced patterns, dictionaries, and keywords and still trigger a match. If two items are found within the selected number of characters, it's a match. For details, see Create a Classification Using Proximity

Policy Template Updates

New and Updated Amazon EKS Container Policies

We have added eight new Amazon EKS Policy Templates, and 18 others are updated and improved for Docker and Containerd.

  • EKS Docker Host policy templates have been renamed EKS Container Host. Rules and exceptions were added for both Docker and Containerd. They will evaluate rules based on runtime or container, whichever is applicable.
  • Docker and Containerd remediation steps have been added to the Incident Cloud Card to guide you through resolving incidents. Now you can determine which runtime is raising a violation under the Marked Attributes parameter. For details, see Policy Templates for EKS

Note: This change is available for new customers now, and will be available for all customers in the next release.

Updated Policies for AWS and GCP

Seven new policies were added for AWS. Also, some policies for AWS and GCP have been updated due to changes in recommendations and evaluation logic. For details see Policy Templates for AWS and Policy Templates for GCP

Policy Templates for Azure Updated and Deprecated

Azure Microsoft Defender has updated and deprecated multiple security recommendations. For a list of Policy Templates that have recently been updated due to changed recommendations, see Find New and Updated Policy Templates. For deprecated Policy Templates, see Policy Templates for Azure - DEPRECATED

Enhanced EDM Fingerprints (Limited Availability)

Enhanced Exact Data Matching (EDM), or structured fingerprints, allow you to monitor your organization's documents in a row and column format typically extracted from a database in CSV format. EDM from Skyhigh CASB and Secure Web Gateway are now unified in both products, and Enhanced EDM fingerprints created in Skyhigh CASB can now be used in Web Classifications. For details, see About Exact Data Match (EDM) Fingerprints.

DLP Integrator 6.1.2 (September 2022)

Skyhigh DLP Integrator 6.1.2 has been updated to support Exact Data Match (EDM) (Enhanced) fingerprints. DLP Integrator 6.1.2 or later is required for the EDM (Enhanced) fingerprint feature to work. For details, see Download the DLP Integrator.

EDM (Enhanced) fingerprints do not work with the DLP Integrator on MacOS, so that software download is no longer provided. 

  • Was this article helpful?