In the ever-evolving landscape of distributed computing, isolated security tool silos are no longer adequate.
The combination of increasingly sophisticated cyberattacks and the shift of assets to a hybrid multi-cloud environment constitutes a significant challenge.
Security and Risk Management (SRM) leaders seek to maximize the value of their current investments through the integration of security tools into a cohesive, scalable cybersecurity ecosystem.
These leaders aim to enhance operational efficiency, alleviate the workload on their teams, and improve responsiveness to both security threats and business needs and opportunities.
Netskope Cloud Exchange (CE) enables a collaborative ecosystem of tools and controls to secure a modern, distributed enterprise. It builds on a strategy of integrating composable, distributed security tools to achieve more effective collaboration between tools.
Outcomes include enhanced capabilities like:
- Granular visibility into security events alerts and transactions
- Automated orchestration of tickets, incidents and notifications for business critical alerts
- Near real time sharing of threat intel in the form of malicious IP addresses, hosts, domains, file hashes
- Implement zero trust security assessments by sharing risk scores across users, hosts, devices and apps
Netskope Cloud Exchange (CE) v5.0.1 release contains the following new features and enhancements to strengthen the security posture across global organizations:
-
CE as a VM
-
Introducing the NEW Cloud Exchange (CE) as a Virtual Machine (VM) to enable organizations/businesses to integrate their siloed security solutions across hybrid/multi-cloud environments like VMware OVA, AWS EC2 (AMI) & Microsoft Azure VM (VHDX) deployments.
CE as a VM (AMI) on AWS Marketplace
CE as a VM (VHDX) on Azure Marketplace
Â
CE v5.0.1 GA OVA build location https://cloud-exchange-store-beta.s3.amazonaws.com/cloudexchange/ova/cloud-exchange-5.0.1-20240314.ova
Â
-
High Availability Clustering
-
Enhanced High Availability (HA) with Active-Active clustering enabling superior performance & resiliency across the CE deployment with a minimum of 3 nodes/instances across ALL CE modules & plugins.
Â
-
Security Hardening
-
Enhanced security posture by restricting public internet access, preventing unauthorized 'root' level access to shell and maintenance password protection.
-
CentOS end of support guidance
-
In December 2020, the CentOS community and Red Hat announced the sunset of CentOS.
CentOS Project shifts focus to CentOS Stream – Blog.CentOS.org -
What does this mean for CentOS users?
-
CentOS 7 and 8 are the final releases of CentOS Linux. The end of support (EOS) dates for CentOS 7 and 8 are as follows:
-
CentOS 8 - December 31, 2021
-
CentOS 7 - June 30, 2024
-
-
-
Migration Options: You can choose to either migrate the config from CE instances that are running on CentOS to Ubuntu OR RHEL with the steps outlined at:
Upgrade or Migrate to the Latest Version of Cloud Exchange - Netskope Knowledge Portal
You can ALSO choose to migrate to CE as a VM (AWS AMI, Azure VHDX, VMware OVA) using the same steps.
-
Performance AND Sizing Improvements
-
Netskope Cloud Exchange (CE) v5.0.1 brings in significant performance improvements across CLS, CTE, CRE and CTO modules
-
Please refer to latest sizing guidelines at Cloud Exchange System Requirements - Netskope Knowledge Portal
-
NEW Cloud Exchange Plugins
a. CLS Data Dog v1.0.0
The Cloud Log Shipper (CLS) plugin for Data Dog shares events, alerts and web transaction logs, obtained from Netskope via the Netskope CLS plugin to Data Dog for enabling comprehensive reporting, granular visibility and control across an organization’s digital ecosystem.
b. CTE Anomali v1.0.0
The Cloud Threat Exchange (CTE) plugin for Anomali Threat Stream Platform fetches and shares threat intel (malicious file hashes, URL, Domain, IP addresses) enabling bi-directional IOC sharing for real time neutralization of cyber threats.
c. ARE VISO Trust v1.0.0
The Application Risk Exchange (ARE) plugin for VISO TRUST shares Cloud Confidence Index (CCI) scores for Apps, obtained from Netskope via the Netskope ARE plugin, to the VISO TRUST Platform for efficiently detecting unauthorized applications in real time, minimizing the potential for security blind spots.
Important NOTE
Â
-
Please refer to the detailed CE v5.0.1 GA release notes at Netskope Cloud Exchange Release Notes Version 5.0.1 - Netskope Knowledge Portal
-
CE v5.0.1 GA does NOT support CE "Small" stack sizing. The minimum system requirements for CE v5.0.1 GA are documented at ta_cloud_exchange/README.md at main · netskopeoss/ta_cloud_exchange and Cloud Exchange System Requirements - Netskope Knowledge Portal
-
Customers looking to deploy CE v5.0.1 on AWS ECS Fargate are strongly recommended to deploy CE v5.0.1 AWS AMIÂ
-
Customers looking to deploy CE v5.0.1 on OpenShift/K8S using Helm Chart are strongly recommended to deploy CE as a Container/VMÂ
-
Customers running CE v3.x deployments are STRONGLY recommended to migrate to CE v4.2.x and then to CE v5.0.x
Upgrading to the Latest Version of Cloud Exchange - Netskope Knowledge Portal
-
Customers running standalone CLS and CTE deployments are STRONGLY recommended to deploy fresh CE v5.0.x instances
-
Please note that CE v3.x reached EOL/EOS on 31st January 2024. CE v4.0.x and CE v4.1 will reach EOL/EOS on 31st July 2024.
-
Supported Migration Paths:
-
CE v3.x --> CE v4.2 --> CE v5.0.1 (Standalone/HA)
-
CE v4.0.x --> CE v4.2 --> CE v5.0.1 (Standalone/HA)
-
CE v4.1 --> CE v5.0.1 (Standalone/HA)
-
CE v4.2 --> CE v5.0.1 (Standalone/HA)
-
CE v5.0.0 --> CE v5.0.1 (Standalone/HA)
-
Migration from CE v5.0.0 (HA) to CE v5.0.1 (Standalone) deployment is NOT supported.
-
-
Please note that the following CE Professional Services SKUs are NOW available to quote:
-
NK-PS-CE-BASEÂ Â Â Â Â Â Â
-
NK-PS-ADDON-CEM
-
Please reach out to ps-scoping@netskope.com for more details.
-
-
For customer/prospects interested in CEaaS/Managed CE offering from Crest, please refer to the following links:
AWS Marketplace: Managed Cloud ExchangeÂ