Update a Data Profile Strata Cloud Manager

1. Log in to Strata Cloud Manager.
2. Select ConfigurationData Loss PreventionData Profiles and navigate to the data profile you want to modify.
3. Edit (

   ) the data profile.
4. Modify the data profile as needed.

   • See Create a Data Profile for details on configuring a data profile that uses predefined and custom data patterns and advanced detection methods.
   • See Create a Nested Data Profile for details on configuring a single data profile that contains multiple data profiles.
     For a nested data profile, the DLP rule settings apply to all data profiles added to the nested data profile
     Enterprise DLP doesn't support converting an existing data profile into a nested data profile.
   • See Create a Granular Data Profile for details configuring a single data profile that contains multiple data profiles to enable you to apply differentiated inline content inspection requirements and response actions within the same Security policy rule.
     You must push the Strata Cloud Manager configuration to the enforcement points using the Enterprise DLP when you create or update a granular data profile. For the Admin Scope, you must select All Admins to ensure all Enterprise DLP configuration changes propagate to impacted enforcement points.
     When you add or update a granular data profile, the data profile may temporarily stop enforcing until the push completes successfully on all enforcement points. During this time, traffic matching the profile's criteria can pass through unchecked.

     To minimize this enforcement gap, push your configuration changes immediately after saving or schedule granular data profile configuration pushes during a maintenance window.
     Enterprise DLP configuration changes don't display in Strata Cloud Manager config snapshots.
5. Test a Data Profile to verify it accurately detects the sensitive data you configured it to detect.
6. Save your changes.
7. (Nested and Granular Data Profiles) ConfigurationNGFW and Prisma Access and Push Config.

   You must select All Admins for the Admin Scope to ensure all Enterprise DLP configuration changes are push to impacted enforcement points. Learn more about when you need to push configuration changes.

   Enterprise DLP configuration changes don't display in Strata Cloud Manager config snapshots.

   • Update a granular data profile
     You don't need a Strata Cloud Manager push if you made the following changes:
     • Updating or adding an exception rule
     • Adding or removing Users or User Groups in an existing exception rule
   • Update the Match Scope for a nested or granular data profile.
     When you update a granular data profile by adding or removing child profiles, the profile may temporarily stop enforcing until the push completes successfully on all enforcement points. During this time, traffic matching the profile's criteria can pass through unchecked. To minimize this enforcement gap, push your configuration changes immediately after saving.