>
    Known Issues in Enterprise DLP Plugin 1.0.4
    Focus
    Download PDF
    Focus
    1. Home
    2. Enterprise DLP
    3. Known Issues in Enterprise DLP Plugin 1.0
    4. Known Issues in Enterprise DLP Plugin 1.0.4
    Download PDF
    Enterprise DLP

    Known Issues in Enterprise DLP Plugin 1.0.4

    Table of Contents

    Known Issues in Enterprise DLP Plugin 1.0.4

    Known Issues for Enterprise Data Loss Prevention (E-DLP) plugin 1.0.4.

    WIF-523

    This issue is addressed in PAN-OS 10.2.2.
    Managed firewalls leveraging Enterprise DLP erroneously display as not licensed, even though the firewall is successfully licensed, when you enter the following command in the firewall CLI.
    admin> show ctd-agent status security-client
    This issue is observed only when you initially activate the DLP license on the managed firewall and before you push the Enterprise DLP configuration from the Panorama management server for the first time.
    Workaround: Finish setting up and configuring Enterprise DLP.
    This requires you to commit and push the Enterprise DLP configuration to your managed firewall leveraging Enterprise DLP which restores the correct license state on the managed firewall.

    PLUG-9461

    This issue is addressed in Enterprise DLP version 1.0.5.
    On the Panorama management server, a Panorama administrator (PanoramaAdministrators) with a custom admin role (PanoramaAdmin Roles) allowing read and write access to Enterprise DLP data patterns (ObjectsDLPData Filtering Patterns) and profiles (ObjectsDLPData Filtering Profiles) are able to only read Enterprise DLP data patterns and profiles.
    Additionally, a Panorama administrator with full read and write access to the Panorama web interface can only read Enterprise DLP data patterns and profiles.

    PLUG-9360

    This issue is addressed in Enterprise DLP version 1.0.5
    On the Panorama management server, data profiles (ObjectsDLPData Filtering Profiles) created on the DLP app on the hub cannot be used in a Security policy rule (PoliciesSecurity).
    Workaround: Commit the synchronized data profile created on the DLP app on Panorama.
    1. Log in to the Panorama web interface.
    2. Select ObjectsDLPData Filtering Profiles.
    3. Open the data profile created on the DLP app and click OK.
    4. Commit and Commit to Panorama.

    PLUG-9323

    This issue is addressed in Enterprise DLP version 1.0.6 and 3.0.2.
    On the Panorama management server, the Secondary Pattern for a data filtering profile (ObjectsDLPData Filtering Profiles) is not displayed for the data filtering profile is successfully created and pushed to managed firewalls.

    PLUG-8313

    This issue is resolved in Enterprise DLP version 1.0.5.
    On the Panorama management server, predefined data filtering profiles (ObjectsDLPData Filtering Profiles) are not displayed because the Panorama admin administrator (PanoramaAdministrators) does not exist.
    Workaround: Create the admin user.
    1. Log in to the Panorama web interface.
    2. Select PanoramaAdministrators and Add a new administrator.
      • Name—Enter admin.
      • Password—Set the administrator password and Confirm Password.
      • Administrator Type—Select Dynamic.
      • Admin Role—Select Superuser.
    3. Click OK.
    4. Commit and Commit to Panorama.

    PLUG-6254

    Firewalls leveraging Enterprise Data Loss Prevention (DLP) do not display the Enterprise DLP data filtering profiles (ObjectsDLPData Filtering Profiles) or Enterprise DLP Settings (DeviceSetupDLP), and cannot be overridden locally on the firewall.

    PLUG-6145

    On the Panorama management server, you cannot create an admin role (PanoramaAdmin Roles) to control access to Enterprise Data Loss Prevention (DLP) filtering settings and snippet configuration (DeviceSetupDLP).

    PAN-157371

    This is addressed in Enterprise DLP version 3.0.1
    Firewalls leveraging Enterprise Data Loss Prevention (DLP) do not display the on-device Help for the DLP Settings (DeviceSetupDLP).

    PAN-144897

    Enterprise Data Loss Prevention (DLP) data profile Thread ID/Name filter is not available when you configure a custom report (ManageManage Custom Reports) on the Panorama management server or locally on a firewall leveraging Enterprise DLP.

    DSS-17763

    On the Panorama management server, custom data profiles (ObjectsDLPData Filtering Profiles) are not synchronized to the DLP cloud service if you have an active CASB-X license. This prevents you being able to associate the data profile with a Security policy rule and displays the error Data Profile does not exist.
    Workaround: Contact Palo Alto Networks Support to restore synchronization functionality between the DLP cloud service and Panorama.

    © 2024 Palo Alto Networks, Inc. All rights reserved.