VM-Series and Panorama Plugins Release Notes
    : Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.6
    Focus
    Download PDF
    Focus
    1. Home
    2. VM-Series and Panorama Plugins Release Notes
    3. Panorama Plugin for Enterprise Data Loss Prevention
    4. Panorama Plugin for Enterprise Data Loss Prevention (DLP) 1.0
    5. Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.6
    Download PDF

    VM-Series and Panorama Plugins Release Notes

    Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.6

    Table of Contents

    Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.6

    WIF-582

    This issue is now addressed.
    On the Panorama management server, you can edit data filtering profiles (
    Objects
    DLP
    Data Filtering Profiles
    ) that include an Exact Data Matching (EDM) dataset after upgrading the Enterprise DLP plugin from 1.0.4 or 1.0.5 to 1.0.6.
    This can result in synchronization issues if you edit the data profile on the DLP app or clone a data filtering profile that includes an EDM dataset from Panorama.
    Workaround:
     Reset the DLP plugin after successful upgrade to Enterprise DLP 1.0.6 to make data filtering profiles that include an EDM dataset read-only from Panorama.
    2. Reset the Enterprise DLP plugin.
      admin>
       
      request plugins dlp reset

    WIF-523

    This issue is addressed in PAN-OS 10.2.2.
    Managed firewalls leveraging Enterprise DLP erroneously display as
    not licensed
    , even though the firewall is successfully licensed, when you enter the following command in the firewall CLI.
    admin>
     
    show ctd-agent status security-client
    This issue is observed only when you initially activate the DLP license on the managed firewall and before you push the Enterprise DLP configuration from the Panorama management server for the first time.
    Workaround:
     Finish setting up and configuring Enterprise DLP.
    This requires you to commit and push the Enterprise DLP configuration to your managed firewall leveraging Enterprise DLP which restores the correct license state on the managed firewall.

    PLUG-10530

    This issue is addressed in Enterprise DLP version 1.0.8.
    On the Panorama management server, the Enterprise DLP data patterns (
    Objects
    DLP
    Data Filtering Patterns
    ) and data filtering profiles (
    Objects
    DLP
    Data Filtering Profiles
    ) may not display after reboot of Panorama.
    Workaround:
     Reset the Enterprise DLP plugin to display the Enterprise DLP data filtering patterns and data filtering profiles.
    2. Reset the Enterprise DLP plugin.
      admin>
       
      request plugins dlp reset
    3. Commit and push to your managed firewalls leveraging Enterprise DLP.
      2. Select
        Commit
        Commit to Panorama
         and
        Commit
        .
      3. (
        Best Practices
        ) Push to your managed firewalls leveraging Enterprise DLP.
        1. Select
          Commit
          Push to Devices
           and
          Edit Selections
          .
        2. Select
          Device Groups
           and
          Include Device and Network Templates
          .
        3. Click
          OK
        4. Push
           to your managed firewalls that are leveraging Enterprise DLP.

    PLUG-10282

    When a data profile that includes an EDM dataset is synchronized to the Panorama management server, the data filtering profile (
    Objects
    DLP
    Data Filtering Profiles
    ) on Panorama does not accurately synchronize and display the match conditions for the EDM dataset.
    This does not impact enforcement to prevent exfiltration of sensitive data.
    Workaround:
     Log in to the DLP app on the hub to view the match criteria for a data profile that include an EDM dataset.

    PLUG-10252

    This issue is addressed in PAN-OS 10.2.3 and 11.0.0.
    Renaming an existing data profile on the DLP app on the hub creates an entirely new data filtering profile (
    Objects
    DLP
    Data Filtering Profiles
    ) on the Panorama management server.

    PLUG-6254

    Firewalls leveraging Enterprise Data Loss Prevention (DLP) do not display the Enterprise DLP data filtering profiles (
    Objects
    DLP
    Data Filtering Profiles
    ) or Enterprise DLP Settings (
    Device
    Setup
    DLP
    ), and cannot be overridden locally on the firewall.

    PLUG-6145

    On the Panorama management server, you cannot create an admin role (
    Panorama
    Admin Roles
    ) to control access to Enterprise Data Loss Prevention (DLP) filtering settings and snippet configuration (
    Device
    Setup
    DLP
    ).

    PAN-157371

    This is addressed in Enterprise DLP version 3.0.1
    Firewalls leveraging Enterprise Data Loss Prevention (DLP) do not display the on-device Help for the DLP Settings (
    Device
    Setup
    DLP
    ).

    PAN-144897

    Enterprise Data Loss Prevention (DLP) data profile
    Thread ID/Name
     filter is not available when you configure a custom report (
    Manage
    Manage Custom Reports
    ) on the Panorama management server or locally on a firewall leveraging Enterprise DLP.

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.