SphereShield Package v4.9.9 Release Notes

Release date: Jul 13, 2022

System Main Components Versions:

  • Admin Portal 5.6.14 (new)

    • Infra 5.6.14.1 (new)

  • Ethical Wall Engine 5.6.0.1 (new)

  • Maintenance Service 6.2.0.1 (new)

  • ADSync Adapter 1.3.0 (new)

  • Service Agent 1.6.2 (new)

  • Bastion 2.0.6.1 (new)

    • Teams Protector 1.3.0.0 (new)

    • Internal Services API 1.2.3.2 (new)

  • CASB Adapter 3.3.5 (new)

    • CASB MS Office Application 1.3.5.3 (new)

    • CASB SharePoint Application 1.0.3.1 (new)

    • CASB Webex Teams Application 1.1.7.1 (new)

    • CASB Messaging BL 1.2.3.1 (new)

    • CASB Common 1.2.5.2 (new)

    • Infra 5.6.15-rc2 (new)

  • DLP Interface 1.5.1

  • Teams Bot 4.0.3.5

  • Asana Provider 1.0.1-rc1

  • Installer 1.7.5.5 (new)

Important to know:

  • It is recommended to upgrade the entire package for optimal performance and to avoid errors.

  • When upgrading any component you should first update Database, Admin Portal & ADSync Adapter.

  • You must upgrade Bastion, Teams Protector & Internal Services API together

Known Issues

Teams Protector

  • Incoming messages from external users are not filtered

  • Incoming Screen Sharing from external users sometimes not filtered

Webex Webhook Services

  • Call Membership Webhooks are not supported.

  • Messaging Webhooks only support files. Blocking message is still supported through polling.

Admin Portal

  • Maintenance Service restart button doesn’t actually restart Maintenance service, only removes the prompt.

Main changes

  • The main change is to how we calculate and cache Ethical Wall Policies. The new method we use vastly reduces cache size and boosts policy calculation rate and frequency.

  • We now use an independent SharePoint Azure Application, so we are now capable of providing exclusively SharePoint and OneDrive Governance and Ethical Wall. The SharePoint Application also enhances performance for complete SphereShield Solutions with Compliance and Security.

  • Webex: We now support Inline File blocking through Webhooks, so your files will not be compromised for even a second. Inline File blocking works for both DLP and Ethical Wall.

  • Channel Management: We now have improved support for channels including private channels.

Admin Portal

  • Added setting UseAzureCommonRedirect to improve efficiency and maintainability.

  • Ethical Wall Policy rules page now include Audio/Video/Screen sharing for API When using Webex.

  • Added a link in Cloud Sessions page to Service Usage Report.

  • Added a line graph for a time period to show Unique User Sessions.

  • Added description in Service Usage Report.

  • Added SharePoint Application settings to the Cloud Services Integration menu.

  • Changed Cloud Sessions description.

  • Added Viewing Profile Policies Cache table in Portal in Profile Policy Cache page.

  • Added Viewing User Profile on Users page in plus sign field.

  • Reordered EW menu (see two pictures above).

  • Delete Webhook Subscription table contents when resetting Cloud settings.

  • Redesigned Site Security page.

  • Fixed GUI bug in MS Teams Management when CM is off.

  • Improved Auditing description.

  • Added option to remove restart popups in AP.

  • Added setting for user profile validity.

  • New setting: Update eDiscovery Chat Participants

  • Added new setting for Webhooks file events

Ethical Wall Engine

  • To use Profiles Cache Mechanism, in EW settings set “User profile based EW cache mechanism” to “Yes” (Value in DB “EWProfileCache”)

  • Fixed an issue with storing and updating data in memory.

  • Fixed an issue where EW doesn't return violated users for P2P queries.

  • Now checking user participant in both email and UPN columns for EW.

  • Added support in EW user groups searching to deal with Unknown.

  • Improved logs - easier to see what policy causes the block - added the name of the policy for each rule that the user violated.

  • Added function to reset memory cache of user

  • Fixed usage of old federation user groups table.

  • Handle of users without UPN (for Webex)

Maintenance Service

  • Fix errors during remove old data from DB

  • Not updating managed field of users

  • Improved performance of auditing task

  • Fixed Geofencing errors in SphereShield.

  • Added DB data to the log file.

  • Added method to run User Profiles update.

  • Added method to run Profile Policies update.

Active Directory Sync Adapter (ADSync Adapter)

  • Added monitoring of not deleted users (when a policy is removed it deletes users from Managed User Groups, added monitoring for when it fails).

  • Changed the “EableSyncUsersInfoTable” config syntax to the “EnableSyncUsersInfoTable” while providing backwards compatibility to “EableSyncUsersInfoTable”

  • Added log “top 10 users going to be removed” to the AD-Sync log.

  • Fixed a bug where AD-Sync did not remove nested groups when it should have.

  • AD-Sync is now copying the UPN field to the email field in the USERS table on users without an email address.

Service Agent

  • Changed Bastion default values in Agent configuration file.

  • Added automatic method to check if the ADSync has hung and restart it if necessary.

  • Improved Database performance by removing use of table listener for controlling the monitored service from portal.

  • Added application name to connection string to “ServiceAgent” to allow better SQL profiling.

  • Added log if restart to service is done from portal

Bastion

  • Fixed issues related to downloading large files

The original fix handled only a case when the download is the first action of specific session.
After the fix, it will handle even if the download is not the first action and then will reset the session to its default behavior
It was not shown up during our internal testing and dev, only in real cases with large databases and user numbers

  • Added client IP in Bastion log and Session ID when created.

  • Improved Bastion restart process.

Teams Protector

  • Added feature to insert external user info into the Users table using eDiscovery on Proxy mode.

  • Added an error log when ISA is non responsive.

  • Added auditing for adding user/group to SharePoint - block, monitor and allowed.

  • Fixed issue where EW summary details are missing the policy name in some cases in the logs.

  • Improved filtering remote control by external meeting participant.

  • Fixed an issue where the wrong meeting policy was being retrieved from cache.

  • Fixed problem with auditing of P2P blocks.

  • Request and response body sizes are logged when over 200 KB.

  • Option to instruct client to download files via CDN and not proxy

  • Forward Proxy no longer requires JsValidator.exe. (CDN server still requires it).

  • Ethical Wall now works with external SfB user in meetings.

  • When getting download HTTP requests Bastion ignores the request and bypasses it, letting it reach the client directly.

  • Fixed issue where blocking Remote Control doesn’t work.

  • Fixed issue where logs weren’t showing meeting name.

  • Added log that shows regular + connected participant counts.

  • Fixed issues with keeping track of external meeting participants for Ethical Wall.

Internal Services API (ISA)

  • ISA now using new Ethical Wall V5 functions for profiles.

  • ISA now using EW version 5.6.0.1

  • ISA now using DLP version 1.5.1.

CASB API Adapter

  • Merged all config files into one config.

  • Added presets for several setup scenarios in preparation for setup tool.

MS Office Application

  • Added support for handling wiki in Private Channels

  • When merging channels, if there is no wiki tab in target channel the user has to click on the wiki tab.

  • Added auditing message about private channel and wiki not being copied.

  • Improved the click tab info in the details of auditing - added message “To complete the operation please click on the wiki tab in the new channel XXX”

  • When Channel Management is done successfully, user is asked to delete the files from the original Channel SharePoint Site manually.

  • Fixed issue where duplicate users would be stored in the Users table.

SharePoint Application

  • Support CASB Common 1.2.5.2.

  • Added support for the SharePoint Azure Application.

  • Fixed bug in CSOM when failed to execute a query in the second time.

  • Changed User-Agent header format.

  • Improved CSOM performance.

  • Improved Long Run Process behavior for SharePoint.

  • Added event ID when getting site details in the logs.

  • Support site information changes - When changing the site URL of a site, the SharePoint app will sync this into the SHAREPOINT_SITES table.

  • Delete removed sites - When deleting a site - the SharePoint app will delete it from the SHAREPOINT_SITES table.

Webex Teams (Spark) Application

  • Inspect files inline before reaching the destination.

  • Fixed a method to support MessagingBL 1.2.3.1.

  • If Webhook Operation is needed - need to set “Enable Webhook” to true in Adapter configuration.

  • The adapter will continue from the current time the service recovered and in parallel, analyze older events from the time it had stopped.

  • If there is a gap larger than 5 min log will present warning.

  • Webex will be written in the Users table under Cloud Application column

CASB Messaging Business Logic (MessagingBL)

  • Support Ethical Wall 5.6.0.1 with profiles.

  • Handle multiple applications for Webex - Added support to use both Webex Spark and Webex Meetings.

  • Fixed bug in Webex Application.

  • Changed the conversation scope to meeting in eDiscovery.

  • Changed conversation type values in eDiscovery.

  • Added support for the ability to differentiate between UPN and Email.

Installer

  • Fixed a typo causing error when trying to restart the Bastion Agent.