Release date:
...
System Main Components Versions:
Admin Portal 5.6.16.2 (new)
Infra 5.6.16.1 (new)
Ethical Wall Engine 5.6.0.2 (new)
Maintenance Service 6.3.0 (new)
ADSync Adapter 1.3.0
Service Agent 1.6.2
Bastion 2.0.6.2 (new)
Teams Protector 1.5.0.0 (new)
Internal Services API 1.2.4 (new)
CASB Adapter 3.3.6 (new)
CASB MS Office Application 1.3.5.6 (new)
CASB SharePoint Application 1.0.3.3 (new)
CASB Webex Teams Application 1.2.0.1 (new)
CASB Messaging BL 1.2.3.2 (new)
CASB Common 1.2.6.1 (new)
Infra 5.6.16.1 (new)
DLP Interface 1.5.1
Teams Bot 4.0.3.5
Asana Provider 1.0.1-rc1
Compliance App 1.0.2 (new)
Installer 1.7.5.5
Important to know:
| Info |
|---|
|
...
...
When upgrading any component you should first update the Database, Admin Portal & ADSync Adapter.
| Info |
|---|
|
| Info |
|---|
|
...
Known Issues & Limitations
Channel Management
| Info |
|---|
Applies to previous versions as well |
Due Private Channel operations periodically need to be repeated, due to an open issue with Microsoft’s Graph API, private channels are unstable - sometimes actions may not work and sometimes they may. When Graph API is functional, private channel actions are completely verified.
Teams Protector
| Info |
|---|
Applies to previous versions as well. |
Incoming Screen Sharing from external users is sometimes not filtered.
When working exclusively in Proxy mode (without the Adapter) , auditing is not correct when and external users are blocked from sending a message to internal.
| Expand | ||
|---|---|---|
| ||
When Bastion works alone (without the Adapter) we can't get the UPN of the external user, and there's an additional user that's supposed to be audited (external@unknown.teams) When Bastion works alongside the Adapter we get the external user's UPN but the auditing lists the block as coming from the API  |
Webex Webhook Services
...
messages to internal users, this is sometimes not accurately audited
Teams for Webex Webhooks
| Info |
|---|
Webex has dropped support for Webhooks for Call Memberships |
Call Membership Webhooks are not supported.
Messaging Webhooks only support supports files. Message Blocking message is still supported through polling.
Admin Portal
The Maintenance Service restart button doesn’t actually restart Maintenance service, only removes the prompt. may only be restarted via Windows, not in the Sphereshield Admin Portal
Main Changes
Microsoft Teams Compliance
Fix for blocking external messages in Proxy mode
We have fixed Fixed the ability to block incoming communication from external users - we can now block messages being sent by . Sphereshield now blocks messages from an external user to an internal user.
PAC file, certificate and Bastion XML must be updated to support Web Socket functionality for incoming messages. See here: https://agatsoftware.atlassian.net/wiki/spaces/SKYP/pages/2725937410/Special+Releases+-+Extra+Instructions#1.4.0.0---Websocket-Notifications
This version or higher is required to filter incoming messages
...
Ability to block Webex audio and video meetings, recording meetings, eDiscovery for Meetings, and more.etc
Microsoft Teams Channel Management
Private channels: Support for handling Wiki tabs.
Shared channels: Support for Shared Channels.
Compliance App
The SphereShield Compliance App is an Azure App which provides capabilities for the CASB API Adapter to use the user Teams & Graph Token.
This can be used to update user messages (for both the sender and the recipient) .
Before using Without the compliance app, the API was is limited to deleting the message only on the recipient side using update policy which is targeted for DLP scenarios.
With the compliance app, we are now able to edit the Sphereshield can edit sender messages even if a chat has started externally.
For more information, including setup and installation: SphereShield Compliance App Information
...
Added option to reinspect user’s AD groups and policies without restarting the CASB API Adapter and Bastion Proxy.
Components Release Notes
...
Fixed link to download files from eDiscovery
Fixed export and restore Channel Management operations
Added a general disclaimer in Channel Management portal page
Channel Management: added a limit to 3 simultaneous actions at a time
Changed Webex cloud service integration description
Added alert in eDiscovery settings page if SMTP is not set
Added Last Updated column to Channel Management auditing table
eDiscovery - Added support for edited messages in MS Teams
eDiscovery Archiving
New page: eDiscovery Archiving Integration Auditing
Added new New setting: Enable eDiscovery archiving integration
Added new New setting: email address for sending eDiscovery content
Added new New setting eDiscovery Archiving frequency (min)
Added new New setting: eDiscovery archiving Provider
Added new New table: eDiscovery Archiving Integration Auditing
Added new New setting: Archiving Email Max Size (MB)
Added new New setting: Archiving Email Max messages
Channel Management: added icon for shared channel
Applied changes in eDiscovery message with multiple files
Changed eDiscovery dashboard icon
Channel Management failed operation message
Added support Support for AWS SMTP Service (SES)
Service Usage Report - Added checkbox in advanced search in Cloud Sessions page "Show Only Unique Users Per Day"
If selected, only one row for per user per day should will appear in the table (it will be the last row of the that user in for that day).
Added dropdown to Activity Type in Ethical Wall Activity Auditing
Added Compliance App status to the internal users list
Added recording in Ethical Wall for API in Webex deployment
Updated eDiscovery tooltip in settings
Removed values from conversation type search in eDiscovery
Added search in eDiscovery by conversation scope
Added search in eDiscovery by session title
Webex portal settings - added “Groups to be inspected” and “External Webhook site URL” settings.
Added settings to delete communication from eDiscovery after a configurable amount of time
Added settings to configure Compliance App in Cloud Services Integration page
Fixed eDiscovery icons
Fixed eDiscovery description
Fixed Logs and Settings explanation
Added option to show media records in eDiscovery
...
Added Archiving Integration option to eDiscovery
Added process to remove old rows from the USERS_REFRESH_CACHE table
...
Bastion
Fixed a bug where adding trouter.teams.microsoft.com to bastion.xml hosts and passthrough as well to the PAC file, the client has had connectivity problems (shows “reconnecting…”).
...
Update for code injection to support new MS Teams clients being rolled out. Update required to continue monitoring which users have been added or removed from meetings.
Fix for backend CDN server.
Profile based cache now supports UPN based rules too.
Hourly cache reset now clears legacy EW policy cache too.
Option to change log setting on the fly by sending an http request (if relevant contact Support).
Health check no longer checks internet connectivity via forward proxy.
PAC file, certificate and Bastion XML must be updated to support Web Socket functionality for incoming messages. See here: https://agatsoftware.atlassian.net/wiki/spaces/SKYP/pages/2725937410/Special+Releases+-+Extra+Instructions#1.4.0.0---Websocket-Notifications
This version or higher is required to filter incoming messages.
Web Socket functionality for filtering incoming messages.
Fix for bug introduced in 1.3.0.0 where conversation participants weren’t always recognized correctly, causing actions to be permitted when they should have been blocked.
Fix for P2P auditing message where sender was sometimes specified as recipient.
Fix for P2P auditing message where policy for profile was previously cached.
...
Added support for meeting participants control (Ethical Wall for joining participants to PMR and schedule meetings).
Support recording control (Ethical Wall on recording in meeting, to enable this: set Enable Webex Recording Control to Yes in Ethical Wall settings via the Portal)
Added support for Webex Meetings in eDiscovery (Audit meeting data in eDiscovery includes meeting chats).
Added support for Groups to be inspected for Webex
Added support for edited messages in eDiscovery.
Added support for inline file checking with Ethical Wall and DLP checking simultaneously.
...