Create and Upload an Encrypted EDM Data to Enterprise DLP in Interactive Mode
Focus
Focus
Enterprise DLP

Create and Upload an Encrypted EDM Data to Enterprise DLP in Interactive Mode

Table of Contents

Create and Upload an Encrypted EDM Data to Enterprise DLP in Interactive Mode

Use the Exact Data Matching (EDM) CLI app in Interactive mode to create and upload an EDM data set in CSV or TSV format to Enterprise Data Loss Prevention (E-DLP).
Where Can I Use This?What Do I Need?
  • NGFW (Managed by Panorama or Strata Cloud Manager)
  • Prisma Access (Managed by Panorama or Strata Cloud Manager)
  • Enterprise Data Loss Prevention (E-DLP) license
    Review the Supported Platforms for details on the required license for each enforcement point.
Or any of the following licenses that include the Enterprise DLP license
  • Prisma Access CASB license
  • Next-Generation CASB for Prisma Access and NGFW (CASB-X) license
  • Data Security license
Upload an encrypted hash Exact Data Matching (EDM) data set to Enterprise DLP using the EDM CLI app in Interactive mode to successfully create an EDM filtering profile. In Interactive Mode, you must specify the EDM data set path for upload and configure the upload parameters directly through the EDM CLI app.
  1. Access the Common Services Identity and & Access settings and add a Service Account to generate the Client ID and Client Secret.
    If you already have a Service Account created, you can Reset Client Secret to recover a lost Client Secret.
    The Client ID and Client Secret are used to authenticate and connect the EDM CLI app to Enterprise DLP.
    When you create the Service Account, the Client ID and Client Secret are displayed in the Client Credentials. You can manually copy the Client Credentials or Download CSV File to download the Client Credentials in plaintext locally to your device
  2. Review the Supported EDM Data Set Formats and prepare the EDM data set for upload to Enterprise DLP.
  3. Enter Interactive mode in the EDM CLI app to begin the EDM data set upload.
    1. Open the terminal and navigate to the package-edm-secure-cli-<version>-<platform> directory where the EDM CLI app is located.
    2. Enter Interactive mode in the EDM CLI app.
      • Windows
        admin: edm-secure-cli.bat interactive
      • Linux
        admin: ./edm-secure-cli.sh interactive
      Entering this command begins the interactive upload process for EDM data sets to Enterprise DLP.
  4. Enter the path of the EDM data set for upload.
  5. Enter the delimiter used to specify boundaries between values in the EDM data set.
    The “,” and “tab (t) delimiters are supported for CSV or TSV files. The EDM CLI app uses the delimiter “,” by default. The EDM data set might only use one delimiter.
  6. Enter the EDM data set file encoding method.
  7. Enter the error threshold percentage for the EDM data set.
    The EDM CLI app doesn't create an encrypted version of the EDM data set isn't created if it encounters errors exceeding the specified error threshold percentage.
  8. Specify whether the EDM data set has a header row.
  9. Specify whether to allow uploads of EDM data sets that include empty or blank cells.
    Enter true to allow rows that include empty or blank cells in an EDM data set.
    Enter false to reject rows that include empty or blank cells in an EDM data set.
  10. Specify whether the EDM CLI app should abort the EDM data set upload if the EDM data set includes more than the maximum number of cells supported.
    Enter true to upload the maximum number of data set cells supported.
    Enter false to abort EDM CLI app if the EDM data set has more than the maximum number of data set cells supported.
  11. Enter the number of columns in your EDM data set.
    This step is required to accurately map your CSV or TSV columns to the supported data types to allow Enterprise DLP to accurately ingest your EDM data set.
  12. Map your columns using the supported Data Types Value to accurately map each column in your EDM data set to a specific Data Type.
    The EMD CLI app presents a table with each Data Type Name and the corresponding Data Type Value. You can also view this table in the README.txt file packaged with the EDM CLI app.
    When you create an advanced data profile on Strata Cloud Manager, you’re required to add at least one column where the column values occurs up to 12 times in the selected EDM data set for the Primary Field.
    When mapping your columns to a specific Data Type, be sure to include at least one column with up to 12 occurrences across the entire EDM data set. Otherwise, Enterprise DLP is unable to match traffic against the EDM data profile you create using this EDM data set.
  13. Specify whether to upload the EDM data set to Enterprise DLP. Enter y to continue uploading the EDM data set or n to upload the EDM data set later.
    Entering n creates a secured copy of the EDM data set in the package-edm-secure-cli-<version>-<platform> directory for you to review.
    You can skip the remaining steps below and Upload an Encrypted EDM Data Set to Enterprise DLP later.
  14. Enter y to create a new EDM data set and enter the data set name.
    If you enter n and are uploading to Enterprise DLP, you’re still prompted to enter an EDM data set name. This updates the existing EDM data set you previously uploaded to Enterprise DLP.
  15. Specify the authentication mechanism used to upload the EDM data set to Enterprise DLP.
    1. When prompted about whether you have access and refresh token, enter n.
      The is required to enter the Client ID and Client Secret.
    2. Enter the Client ID and Client Secret.
  16. (Proxy server only) When prompted, enter y if the local device from which you’re uploading requires a proxy server to connect to the internet.
    You’re required to provide the following information for your proxy server.
    • Proxy hostname
    • Proxy port number
    • Proxy username
    • Proxy password
  17. Enter Y or y to confirm the EDM data set upload configuration is correct and begin uploading to Enterprise DLP.
    A secured copy of the EDM data set specified is created in the package-edm-secure-cli-<version>-<platform>. In the directory, a new folder is created with the name of the EDM data set you appended with the date and time it was created. This folder contains the encrypted output.zip file of your EDM data set that you uploaded to Enterprise DLP.
    The EDM CLI app displays a progress bar and success message to notify you whether the upload is successful.
    During the upload process, the EDM CLI app connects to Enterprise DLP to verify that you created the output.zipfile using a supported EDM CLI app version. The upload to Enterprise DLP fails if you created the output.zip file using a unsupported EDM CLI app version.
  18. Monitor the upload status of the EDM data set.
    The time it takes for an EDM data set uploaded to DLP cloud service to be available on Strata Cloud Manager depends on the EDM data set size and internet connectivity speed. For example, a 4GB EDM data set upload typically takes about 30 minutes to display on Strata Cloud Manager and be usable in an advanced data profile.
    1. Log in to Strata Cloud Manager.
    2. Select ManageConfigurationData Loss PreventionDetection MethodsExact Data Matching.
    3. The EDM data set upload is complete when the Indexing Status column displays Complete.