Enterprise DLP
Panorama
Table of Contents
Panorama
Panorama
Modify an existing
Enterprise Data Loss Prevention (E-DLP)
data filtering profile on the Panorama™ management server
.- Log in to thePanoramaweb interface.
- Selectand specify theObjectsDLPData Filtering ProfilesDevice Group.
- Select a data filtering profile to edit.
- Edit the data filtering profile as needed.
- Modify the data filtering profile scan forFile Basedtraffic,Non-File Basedtraffic, or both.
- Modify thePrimary PatternandSecondary Patternmatch criteria.Modifying the data filtering profile match criteria onPanoramais supported only forEnterprise DLPdata filtering profiles created onPanorama. See File Based for Panorama for details on configuring data pattern criteria using predefined or custom data patterns.
- (Data Filtering Profile for Non-File Traffic Inspection Only) Modify theURL Category Excluded List from Non-FileandApplication List Excluded from Non-Fileto configure which URL and application traffic is excluded fromEnterprise DLPinspection.See Non-File Based for Panorama for more information.
- Edit the data filtering profile settings.
- Select the data filtering profileAction(AlertorBlock)If the data profile has both Primary and Secondary Patterns, changing the data filtering profile Action onPanoramadeletes all Secondary Pattern match criteria.
- Specify aFile Type.Leave the file type asanyto match any of the supported file types.
- Set theLog Severityrecorded for files that match this data filtering profile.
- ClickOK.
- Commit and push the new configuration to your managed firewalls to complete theEnterprise DLPplugin installation.This step is required forEnterprise DLPdata filtering profile names to appear in Data Filtering logs.TheCommit and Pushcommand isn’t recommended forEnterprise DLPconfiguration changes. Using theCommit and Pushcommand requires the additional and unnecessary overheard of manually selecting the impacted templates and managed firewalls in the Push Scope Selection.
- Full configuration push from Panorama
- SelectandCommitCommit toPanoramaCommit.
- SelectandCommitPush to DevicesEdit Selections.
- SelectDevice GroupsandInclude Device and Network Templates.
- ClickOK.
- Pushyour configuration changes to your managed firewalls that are usingEnterprise DLP.
- Partial configuration push from PanoramaYou must always include the temporary__dlpadministrator when performing a partial configuration push. This is required to keepPanoramaand the DLP cloud service in sync.For example, you have anadminPanoramaadmin user who is allowed to commit and push configuration changes. Theadminuser made changes to theEnterprise DLPconfiguration and only wants to commit and push these changes to managed firewalls. In this case, theadminuser is required to also select the__dlpuser in the partial commit and push operations.
- Select.CommitCommit toPanorama
- SelectCommit Changes Made Byand then click the current Panorama admin user to select additional admins to include in the partial commit.In this example, theadminuser is currently logged in and performing the commit operation. Theadminuser must clickadminand then select the__dlpuser. If there are additional configuration changes made by other Panorama admins they can be selected here as well.ClickOKto continue.
- Commit.
- Select.CommitPush to Devices
- SelectPush Changes Made Byand then click the current Panorama admin user to select additional admins to include in the partial push.In this example, theadminuser is currently logged in and performing the push operation. Theadminuser must clickadminand then select the__dlpuser. If there are additional configuration changes made by other Panorama admins they can be selected here as well.ClickOKto continue.
- SelectDevice GroupsandInclude Device and Network Templates.
- ClickOK.
- Pushyour configuration changes to your managed firewalls that are usingEnterprise DLP.
- Verify the changes you made to the data filtering profile.
- Log in to the DLP app on the hub.If you don’t already have access to the DLP app on the hub, see the hub Getting Started Guide. Only Superusers can access the hub.
- SelectData Profilesand search for the data filtering profile you updated.