>
    Modify a DLP Rule on Strata Cloud Manager
    Focus
    Download PDF
    Focus
    1. Home
    2. Enterprise DLP
    3. Configure Enterprise DLP
    4. Modify a DLP Rule on Strata Cloud Manager
    Download PDF
    Enterprise DLP

    Modify a DLP Rule for Prisma Access on Strata Cloud Manager

    Table of Contents

    Modify a DLP Rule on
    Strata Cloud Manager

    Modify an
    Enterprise Data Loss Prevention (E-DLP)
     rule to enforce data security standards for
    Prisma Access (Managed by Strata Cloud Manager)
     on
    Strata Cloud Manager
    .
    Where Can I Use This?
    What Do I Need?
    • NGFW (Managed by Strata Cloud Manager)
    • Prisma Access (Managed by Strata Cloud Manager)
    • Enterprise Data Loss Prevention (E-DLP)
       license
      Review the Supported Platforms for details on the required license for each enforcement point.
    Or any of the following licenses that include the
    Enterprise DLP
     license
    • Prisma Access
       CASB license
    • Next-Generation CASB for Prisma Access and NGFW (CASB-X)
       license
    • Data Security
       license
    Configure a DLP Rule to define the type of traffic to inspect, the impacted file types, action, and log severity for the data profile match criteria. A DLP Rule is automatically created when you create a new data profile. After you configure the data filtering profile, you must create a Profile Group containing the data filtering profile and attached it to a Security policy so
    Prisma Access
     can enforce your data security standards. A DLP Rule is automatically created when you create a new data profile.
    1. Log in to
      Strata Cloud Manager
      .
    3. Select
      Manage
      Configuration
      Data Loss Prevention
      DLP Rules
       and in the Actions column,
      Edit
       the DLP rule.
      The DLP rule has an identical name as the data profile from which it was automatically created.
    4. (
      Optional
      ) Enter a Description for the DLP rule.
    5. Modify the DLP rule Match Criteria.
      1. Specify the type of traffic the DLP rule applies to.
        You can enable either or both match criteria traffic types for a DLP rule.
        • File Based Match Criteria
          —DLP rule match criteria is applied to file-based based traffic.
        • Non-File Based Match Criteria
          —DLP rule match criteria is applied to non-file formats that use collaboration and cloud applications, web forms, and social media.
      2. (
        Prisma Access
         5.1 and later
        ) Select the
        File Mode
         to explicitly include or exclude specific file types.
        A DLP Rule supports only one type of file mode. A DLP Rule can't be configured to both include and exclude specific file types.
        • Include
          Enterprise DLP
           only inspects the selected
          File Type
          . All other file types are ignored and not sent to
          Enterprise DLP
           for inspection and verdict rendering.
        • Exclude
          —Selected
          File Type
           are ignored and are not sent to
          Enterprise DLP
           for inspection and verdict rendering. All other file types are forwarded to
          Enterprise DLP
          .
      3. Specify a
        File Type
        .
        The default file type is
        Any
         and matches any of the supported file types.
        • Include File Mode
          —Select
          Any
           to match all file types supported by
          Enterprise DLP
           or
          Select
           one or more file types.
        • Exclude File Mode
          Select
           specific file types to exclude from
          Enterprise DLP
           inspection and verdict rendering.
          Any
           isn't supported.
      4. Specify the
        File Direction
         (
        Upload
        ,
        Download
        , or
        Both
        ).
        The default file direction is
        Upload
         and allows inspection of uploads and downloads for supported applications.
      5. Select the
        Action
         (
        Alert
        , or
        Block
        )
        Enterprise DLP
         takes when sensitive data is detected.
        The default action is
        Alert
        .
      6. (
        Optional
        ) Set the
        Log Severity
         recorded for files that match this rule.
        The default severity is
        Low
        .
      7. Save
         the data filtering profile.
    6. Create a Shared Profile Group for the
      Enterprise DLP
       data filtering profile.
      1. Select
        Manage
        Configuration
        Security Services
        Profile Groups
         and
        Add Profile Group
        .
      2. Enter a descriptive
        Name
         for the Profile Group.
      3. For the Data Loss Prevention Profile, select the
        Enterprise DLP
         data profile.
      4. Add any other additional profiles as needed.
      5. Save
         the profile group.
    7. Create a Security policy and attached the Profile Group.
      1. Select
        Manage
        Configuration
        Security Policy
         and
        Add Rule
        .
        You can also update an existing Security policy to attach a Profile Group for
        Enterprise DLP
         filtering.
      2. Configure the Security policy as needed.
      3. Navigate to the Action and Advanced Inspection section, and select the
        Profile Group
         you created in the previous step.
      4. Save
         the Security policy.
    8. Push Config
       and push your configuration changes.

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.