Skip to main content
BlueXP classification

What's new with BlueXP classification

Contributors netapp-tonacki netapp-bcammett RSS

Learn what's new in BlueXP classification.

6 November (version 1.26.3)

The following issues have been fixed in this release

  • Fixed an inconsistency when presenting the number of files scanned by the system in dashboards.

  • Improved the scanning behavior by handling and reporting on files and directories with special characters in the name and metadata.

4 October (version 1.26)

Support for on-premises installations of BlueXP classification on RHEL version 9

Red Hat Enterprise Linux versions 8 and 9 do not support the Docker engine; which was required for the BlueXP classification installation. We now support BlueXP classification installation on RHEL 9.0, 9.1, and 9.2 using Podman version 4 or greater as the container infrastructure. If your environment requires using the newest versions of RHEL, now you can install BlueXP classification (version 1.26 or greater) when using Podman.

At this time we don't supported dark site installations or distributed scanning environments (using a master and remote scanner nodes) when using RHEL 9.x.

5 September (version 1.25)

Small and medium deployments temporarily unavailable

When you deploy an instance of BlueXP classification in AWS, the option to select Deploy > Configuration and choose a small or medium-sized instance is unavailable at this time. You can still deploy the instance using the large instance size by selecting Deploy > Deploy.

Apply tags on up to 100,000 items from the Investigation Results page

In the past you could only apply tags to a single page at a time in the Investigation Results page (20 items). Now you can select all items in the Investigation Results pages and apply tags to all the items - up to 100,000 items at a time. See how.

Identify duplicated files with a minimum file size of 1 MB

BlueXP classification used to identify duplicated files only when files were 50 MB or larger. Now duplicated files starting with 1 MB can be identified. You can use the Investigation page filters "File Size" along with "Duplicates" to see which files of a certain size are duplicated in your environment.

17 July 2023 (version 1.24)

Two new types of German personal data are identified by BlueXP classification

BlueXP classification can identify and categorize files that contain the following types of data:

  • German ID (Personalausweisnummer)

  • German Social Security Number (Sozialversicherungsnummer)

BlueXP classification is fully supported in Restricted mode and Private mode

BlueXP classification is now fully supported in sites with no internet access (Private mode) and with limited outbound internet access (Restricted mode). Learn more about BlueXP deployment modes for the Connector.

Ability to skip versions when upgrading a Private mode installation of BlueXP classification

Now you can upgrade to a newer version of BlueXP classification even if it is not sequential. This means that the current limitation of upgrading BlueXP classification by one version at a time is no longer required. This feature is relevant starting from version 1.24 onwards.

The BlueXP classification API is now available

The BlueXP classification API enables you to perform actions, create queries, and export information about the data you are scanning. The interactive documentation is available using Swagger. The documentation is separated into multiple categories, including Investigation, Compliance, Governance, and Configuration. Each category is a reference to the tabs in the BlueXP classification UI.

6 June 2023 (version 1.23)

Japanese is now supported when searching for data subject names

Japanese names can now be entered when searching for a subject's name in response to a Data Subject Access Request (DSAR). You can generate a Data Subject Access Request report with the resulting information. You can also enter Japanese names in the "Data Subject" filter in the Data Investigation page to identify files that contain the subject's name.

Ubuntu is now a supported Linux distribution on which you can install BlueXP classification

Ubuntu 22.04 has been qualified as a supported operating system for BlueXP classification. You can install BlueXP classification on a Ubuntu Linux host in your network, or on a Linux host in the cloud when using version 1.23 of the installer. See how to install BlueXP classification on a host with Ubuntu installed.

Red Hat Enterprise Linux 8.6 and 8.7 are no longer supported with new BlueXP classification installations

These versions are not supported with new deployments because Red Hat no longer supports Docker, which is a prerequisite. If you have an existing BlueXP classification machine running on RHEL 8.6 or 8.7, NetApp will continue to support your configuration.

BlueXP classification can be configured as an FPolicy Collector to receive FPolicy events from ONTAP systems

You can enable file access audit logs to be collected on your BlueXP classification system for file access events detected on volumes in your working environments. BlueXP classification can capture the following types of FPolicy events and the users who performed the actions on your files: Create, Read, Write, Delete, Rename, Change owner/permissions, and Change SACL/DACL. See how to monitor and manage file access events.

Data Sense BYOL licenses are now supported in dark sites

Now you can upload your Data Sense BYOL license into the BlueXP digital wallet in a dark site so that you are notified when your license is getting low. See how to obtain and upload your Data Sense BYOL license.

3 April 2023 (version 1.22)

New Data Discovery Assessment Report

The Data Discovery Assessment Report provides a high-level analysis of your scanned environment to highlight the system's findings and to show areas of concern and potential remediation steps. The goal of this report is to raise awareness of data governance concerns, data security exposures, and data compliance gaps of your data set. See how to generate and use the Data Discovery Assessment Report.

Ability to deploy BlueXP classification on smaller instances in the cloud

When deploying BlueXP classification from a BlueXP Connector in an AWS environment, now you can select from two smaller instance types than what is available with the default instance. If you are scanning a small environment this can help you save on cloud costs. However, there are some restrictions when using the smaller instance. See the available instance types and limitations.

Standalone script is now available to qualify your Linux system prior to BlueXP classification installation

If you would like to verify that your Linux system meets all prerequisites independently of running the BlueXP classification installation, there is a separate script you can download that only tests for the prerequisites. See how to check if your Linux host is ready to install BlueXP classification.

7 March 2023 (version 1.21)

New functionality to add your own custom categories from the BlueXP classification UI

BlueXP classification now enables you to add your own custom categories so that BlueXP classification will identify the files that fit into those categories. BlueXP classification has many predefined categories, so this feature enables you to add custom categories to identify where information that is unique to your organization are found in your data.

Now you can add custom keywords from the BlueXP classification UI

BlueXP classification has had the ability to add custom keywords that BlueXP classification will identify in future scans for a while. However, you needed to log into the BlueXP classification Linux host and use a command line interface to add the keywords. In this release, the ability to add custom keywords is in the BlueXP classification UI, making it very easy to add and edit these keywords.

Ability to have BlueXP classification not scan files when the "last access time" will be changed

By default, if BlueXP classification doesn't have adequate "write" permissions, the system won't scan files in your volumes because BlueXP classification can't revert the "last access time" to the original timestamp. However, if you don't care if the last access time is reset to the original time in your files, you can override this behavior in the Configuration page so that BlueXP classification will scan the volumes regardless of permissions.

In conjunction with this capability, and new filter named "Scan Analysis Event" has been added so you can view the files that were not classified because BlueXP classification couldn't revert last accessed time, or the files that were classified even though BlueXP classification couldn't revert last accessed time.

Three new types of personal data are identified by BlueXP classification

BlueXP classification can identify and categorize files that contain the following types of data:

  • Botswana Identity Card (Omang) Number

  • Botswana Passport Number

  • Singapore National Registration Identity Card (NRIC)

Updated functionality for directories

  • The "Light CSV Report" option for Data Investigation Reports now includes information from directories.

  • The "Last Accessed" time filter now shows the last accessed time for both files and directories.

Installation enhancements

  • The BlueXP classification installer for sites without internet access (dark sites) now performs a pre-check to make sure your system and networking requirements are in place for a successful installation.

  • Installation audit log files are saved now; they are written to /ops/netapp/install_logs.

5 February 2023 (version 1.20)

Ability to send Policy-based notification emails to any email address

In earlier versions of BlueXP classification you could send email alerts to the BlueXP users in your account when certain critical Policies return results. This feature enables you to get notifications to protect your data when you're not online. Now you can also send email alerts from Policies to any other users - up to 20 email addresses - who are not in your BlueXP account.

Now you can add personal patterns from the BlueXP classification UI

BlueXP classification has had the ability to add custom "personal data" that BlueXP classification will identify in future scans for a while. However, you needed to log into the BlueXP classification Linux host and use a command line to add the custom patterns. In this release, the ability to add personal patterns using a regex is in the BlueXP classification UI, making it very easy to add and edit these custom patterns.

Ability to move 15 million files using BlueXP classification

In the past you could have BlueXP classification move a maximum of 100,000 source files to any NFS share. Now you can move up to 15 million files at a time. Learn more about moving source files using BlueXP classification.

Ability to see the number of users who have access to SharePoint Online files

The filter "Number of users with access" now supports files stored in SharePoint Online repositories. In the past only files on CIFS shares were supported. Note that SharePoint groups that are not active directory based will not be counted in this filter at this time.

New "Partial Success" status has been added to the Action Status panel

The new "Partial Success" status indicates that a BlueXP classification action is finished and some items failed and some items succeeded, for example, when you are moving or deleting 100 files. Additionally, the "Finished" status has been renamed to "Success". In the past, the "Finished" status might list actions that succeeded and that failed. Now the "Success" status means that all actions succeeded on all items. See how to view the Actions Status panel.

9 January 2023 (version 1.19)

Ability to view a chart of files that contain sensitive data and that are overly permissive

The Governance dashboard has added a new Sensitive Data and Wide Permissions area that provides a heatmap of files that contain sensitive data (including both sensitive and sensitive personal data) and that are overly permissive. This can help you to see where you may have some risks with sensitive data. Learn more.

Three new filters are available in the Data Investigation page

New filters are available to refine the results that display in the Data Investigation page:

  • The "Number of users with access" filter shows which files and folders are open to a certain number of users. You can choose a number range to refine the results - for example, to see which files are accessible by 51-100 users.

  • The "Created Time", "Discovered Time", "Last Modified", and "Last Accessed" filters now allow you to create a custom date range instead of just selecting a pre-defined range of days. For example, you can look for files with a "Created Time" "older than 6 months", or with a "Last Modified" date within the "last 10 days".

  • The "File Path" filter now enables you to specify paths that you want to exclude from the filtered query results. If you enter paths to both include and exclude certain data, BlueXP classification finds all files in the included paths first, then it removes files from excluded paths, and then it displays the results.

BlueXP classification can identify the Japanese Individual Number

BlueXP classification can identify and categorize files that contain the Japanese Individual Number (also known as My Number). This includes both the Personal and Corporate My Number. See all the types of personal data that BlueXP classification can identify in your data.

11 December 2022 (version 1.18)

On-premises installation enhancements

The following enhancements have been added for the on-prem Data Sense installation:

  • Some additional prerequisites are now checked before the installation will start on an on-premises host. This helps to make sure your host system is 100% ready to have Data Sense software installed:

    • test for sufficient space on /var/lib/docker, /tmp, and /opt

    • test for the relevant permissions on all required folders

  • In the Configuration page, the Working Environments section now displays the Working Environment ID and the Scanner Group name. You'll need to know the Working Environment ID if you plan to use multiple Data Sense hosts to provide additional processing power to scan your data sources.

  • Also in the Configuration page, a new section shows the Scanner Groups you have set up, and the scanner nodes that are in each group.

13 November 2022 (version 1.17)

Support for scanning SharePoint On-Premises accounts

Data Sense now can scan both SharePoint Online accounts and SharePoint On-Premises accounts (SharePoint Server). If you need to install SharePoint on your own servers, or in sites without internet access, now you can have Data Sense scan the user files in those accounts. Learn more.

Ability to rescan multiple directories (folders or shares)

Now you can rescan multiple directories (folders or shares) immediately so that changes are reflected in the system. This allows you to prioritize rescanning of certain data before other data. See how to rescan a directory.

Ability to add additional on-premises "scanner" nodes to scan specific data sources

If you have installed Data Sense in an on-premises location, and you find that you need more scanning processing power to scan certain data sources, you can add more "scanner" nodes and assign them to scan those data sources. You can add the scanner nodes immediately after installing the manager node, or you can add a scanner node later.

If necessary, the scanner nodes can be installed on host systems that are physically closer to the data sources that you are scanning. The closer the scanner node is to the data, the better, because it reduces network latency as much as possible while scanning data. See how to install scanner nodes to scan additional data sources.

On-premises installers now perform a pre-check before starting the installation

When installing Data Sense on a Linux system, the installer checks whether the system meets all the necessary requirements (CPU, RAM, capacity, networking, etc.) before starting the actual installation. This helps catch issues before you spend time on the installation.