Skyhigh Security Cloud Release Notes 6.1.2 (September 2022)
Skyhigh Secure Web Gateway (Cloud)
Rule set for blocking HTTP methods
6.1.2 includes a new rule set for HTTP methods. The rule set can be imported to enforce block action on HTTP methods. It is located under Common Rules in the policy tree. Block action can be executed for each HTTP method and provides control for policy execution.
For more information, see Block Requests for Web Access Based on HTTP Methods.
Download of RBI, Private Access, and Firewall data for Reporting with Forensics API
The scope of the REST API for Secure Web Gateway, which is also known as Forensics API, has been enlarged. In addition to downloading data from normal web traffic for reporting, the admin can now use it to download data from traffic of the following types:
Remote Browser Isolation (RBI)
- Private Access
For more information, see Reporting Examples.
Cloud Connector User role for SSE Hybrid Users
Skyhigh Cloud Connector access will be available for SSE Hybrid (WPS2) license users. Users or tenants with the Cloud Connector User role can access the Cloud Connector page to manage Cloud Connectors. For details, see Cloud Connector User Role for SSE Hybrid Users.
Export Service Provider metadata when configuring SAML authentication
6.1.2 contains a new option to export Service Provider metadata, making SAML configuration easier by leveraging the exported data to configure IdPs as well. The exported data can be imported to an IdP without manual configuration steps. This feature set will support multiple IdPs.
For more information, see Configure SAML Authentication for Secure Web Gateway.
Revoke SAML Authentication
You will soon be able to revoke the SAML authentication session for all users or a specific user if you find any suspicious behavior. For details, see Revoke SAML Authentication.
Import Private Application List
With the 6.1.2 release, admins will be able to import a list of private applications through a CSV file rather than adding the application names individually. For details, see Import Application List.
Discovered Private Applications
By monitoring different applications accessed by users, Skyhigh Private Access will help you identify the most accessed applications so you can configure the access policy based on their usage.
Multiple Port Support
While adding private applications, you will be able to configure port in multiple ways:
- Range (80-90)
- Individual (80, 90, 8080)
- Both (100-300, 80, 90)
Skyhigh Client Proxy
For detailed Release Notes, see Client Proxy 4.5.0 Release Notes.
Skyhigh Rebranding Changes
Updated the McAfee logo, name, and copyright with the Skyhigh logo, name, and copyright in the Client Proxy user interface.
NOTE: To view Client Proxy software details, see Access Client Proxy Registry Information.
|What is changed||Before||Now|
|Client Proxy software policy directory||C:\ProgramData\McAfee\MCP\Policy\MCPPolicy.opg||C:\ProgramData\Skyhigh\SCP\Policy\SCPPolicy.opg|
|Client Proxy software installation directory||
|Client Proxy Registry path||\HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\MCP||\HKEY_LOCAL_MACHINE\SOFTWARE\Skyhigh\SCP|
|Policy file name||MCPPolicy.opg||SCPPolicy.opg|
|Client Proxy services||MCPService.exe and MCPAbout.exe||SCPService.exe and SCPAbout.exe|
|Installer executable file||McpInstaller.x64.exe and McpInstaller.x86.exe||ScpInstaller.x64.msi and ScpInstaller.x86.msi|
|Information about Client Proxy (Windows)||About McAfee Client Proxy||About Skyhigh Client Proxy|
Using Port 443 for Secure Channel
Supports the usage of standard port 443 for the Secure Channel traffic. For more information, see Secure the Communication Channel between Client Proxy and WSGS.
Note: This feature is supported on Client Proxy 4.5.0. and later. The auto update of policy changes and traffic redirections fails when you enable Secure Channel on port 443 on the earlier versions of Client Proxy (<4.5.0).
Configure Port in Multiple Ways
Private Applications are identified by the host and port associated with an URL. To enhance the User Experience, the UI lets you configure a port range or the list of ports while adding the private applications in the Private Application Configuration page. For more information, see Add Applications.
You can configure ports in multiple ways:
- Range (80-90)
- Individual (80, 90, 8080)
- Both (100-300, 80, 90)
Support for IPv6
In a pure IPv6 network (for example, dual stack without IPv4), the Client Proxy clients will intercept IPv6 DNS queries for private applications and returns the IPv4 address of the private application.
Skyhigh CASB for Zoom Supported for GovCloud
Skyhigh CASB for Zoom is a comprehensive security and compliance integration for Zoom that complements its native capabilities to allow IT teams to protect data. Skyhigh CASB for Zoom is now supported for the GovCloud Skyhigh CASB environment. For details, see Skyhigh CASB for Zoom.
Classifications using Proximity Match
You can identify sensitive data with text patterns in a classification. Use a proximity match in your classification to define how many characters can separate items in advanced patterns, dictionaries, and keywords and still trigger a match. If two items are found within the selected number of characters, it's a match. For details, see Create a Classification Using Proximity.
Policy Template Updates
New and Updated Amazon EKS Container Policies
We have added eight new Amazon EKS Policy Templates, and 18 others are updated and improved for Docker and Containerd.
- EKS Docker Host policy templates have been renamed EKS Container Host. Rules and exceptions were added for both Docker and Containerd. They will evaluate rules based on runtime or container, whichever is applicable.
- Docker and Containerd remediation steps have been added to the Incident Cloud Card to guide you through resolving incidents. Now you can determine which runtime is raising a violation under the Marked Attributes parameter. For details, see Policy Templates for EKS.
Note: This change is available for new customers now, and will be available for all customers in the next release.
Updated Policies for AWS and GCP
Seven new policies were added for AWS. Also, some policies for AWS and GCP have been updated due to changes in recommendations and evaluation logic. For details see Policy Templates for AWS and Policy Templates for GCP.
Policy Templates for Azure Updated and Deprecated
Azure Microsoft Defender has updated and deprecated multiple security recommendations. For a list of Policy Templates that have recently been updated due to changed recommendations, see Find New and Updated Policy Templates. For deprecated Policy Templates, see Policy Templates for Azure - DEPRECATED.
Enhanced EDM Fingerprints (Limited Availability)
Enhanced Exact Data Matching (EDM), or structured fingerprints, allow you to monitor your organization's documents in a row and column format typically extracted from a database in CSV format. EDM from Skyhigh CASB and Secure Web Gateway are now unified in both products, and Enhanced EDM fingerprints created in Skyhigh CASB can now be used in Web Classifications. For details, see About Exact Data Match (EDM) Fingerprints.
DLP Integrator 6.1.2 (September 2022)
Skyhigh DLP Integrator 6.1.2 has been updated to support Exact Data Match (EDM) (Enhanced) fingerprints. DLP Integrator 6.1.2 or later is required for the EDM (Enhanced) fingerprint feature to work. For details, see Download the DLP Integrator.
EDM (Enhanced) fingerprints do not work with the DLP Integrator on MacOS, so that software download is no longer provided.