Enterprise DLP
Edit the Enterprise DLP Snippet Settings
Table of Contents
Expand All
|
Collapse All
Enterprise DLP Docs
Edit the Enterprise DLP Snippet Settings
The Enterprise Data Loss Prevention (E-DLP) snippet settings allow you to configure if and how
snippets of matched traffic are stored in the DLP cloud service.
Where Can I Use This? | What Do I Need? |
---|---|
|
Or any of the following licenses that include the Enterprise DLP license
|
A snippet is evidence or identifiable information associated with a data pattern
match. You can configure if and how Enterprise Data Loss Prevention (E-DLP) stores and masks
snippets of sensitive data that match your data pattern match criteria in an Enterprise DLP
data profiles in the DLP cloud service.
Your snippet setting configuration determines how snippets of matched traffic are
displayed when you review your DLP Incidents.
Edit the Enterprise DLP Snippet Settings on Strata Cloud Manager
Configure the Enterprise Data Loss Prevention (E-DLP) snippet settings on Strata Cloud Manager to
specify if and how snippets are stored.
- Log in to Strata Cloud Manager.Select ManageConfigurationData Loss PreventionSettingsSensitive Data.Enable Snippets Viewing and Masking for Prisma Access and NGFW to store the snippets of sensitive data that match your data patterns in the DLP cloud service.Configure how to Snippets Masking for storage in the DLP cloud service.
- Do not mask—Enterprise DLP displays the entire matched sensitive data snippet in cleartext.
- Partial mask—Enterprise DLP partially masks the matched sensitive data snippet and displays only the last two characters in cleartext.
- Full mask—Enterprise DLP fully masks the entire matched sensitive data snippet.
Push the snippet settings.- Push Config and Push.Select (enable) Remote Networks and Mobile Users.Push.
Edit the Enterprise DLP Snippet Settings on Panorama
Configure the Enterprise Data Loss Prevention (E-DLP) snippet settings on your Panorama™ management server to specify if and how snippets are stored.- Log in to the Panorama web interface.Select PanoramaDLPConfiguration and edit the Snippet Settings.Check (enable) Store Snippets of Sensitive Data to store the snippets of sensitive data that match your data patterns in the DLP cloud service.Configure how to Mask Sensitive Field for storage in the DLP cloud service.
- Do not mask—Enterprise DLP displays the entire matched sensitive data snippet in cleartext.
- Partial mask—Enterprise DLP partially masks the matched sensitive data snippet and displays only the last two characters in cleartext.
- Full mask—Enterprise DLP fully masks the entire matched sensitive data snippet.
Click OK to save your configuration changes.Commit and push the new configuration to your managed firewalls.The Commit and Push command isn’t recommended for Enterprise DLP configuration changes. Using the Commit and Push command requires the additional and unnecessary overheard of manually selecting the impacted templates and managed firewalls in the Push Scope Selection.- Full configuration push from Panorama
- Select CommitCommit to Panorama and Commit.
- Select CommitPush to Devices and Edit Selections.
- Select Device Groups and Include Device and Network Templates.
- Click OK.
- Push your configuration changes to your managed firewalls that are using Enterprise DLP.
- Partial configuration push from PanoramaYou must always include the temporary __dlp administrator when performing a partial configuration push. This is required to keep Panorama and the DLP cloud service in sync.For example, you have an admin Panorama admin user who is allowed to commit and push configuration changes. The admin user made changes to the Enterprise DLP configuration and only wants to commit and push these changes to managed firewalls. In this case, the admin user is required to also select the __dlp user in the partial commit and push operations.
- Select CommitCommit to Panorama.
- Select Commit Changes Made By and then click the current Panorama admin user to select additional admins to include in the partial commit.In this example, the admin user is currently logged in and performing the commit operation. The admin user must click admin and then select the __dlp user. If there are additional configuration changes made by other Panorama admins they can be selected here as well.Click OK to continue.
- Commit.
- Select CommitPush to Devices.
- Select Push Changes Made By and then click the current Panorama admin user to select additional admins to include in the partial push.In this example, the admin user is currently logged in and performing the push operation. The admin user must click admin and then select the __dlp user. If there are additional configuration changes made by other Panorama admins they can be selected here as well.Click OK to continue.
- Select Device Groups and Include Device and Network Templates.
- Click OK.
- Push your configuration changes to your managed firewalls that are using Enterprise DLP.
Edit the Enterprise DLP Snippet Settings for Email DLP
Configure the Email DLP snippet settings on Strata Cloud Manager to specify if and how snippets are stored.- Log in to Strata Cloud Manager.Select ManageConfigurationSaaS SecuritySettingsEmail DLP Settings.Configure the Snippet Viewing and Masking settings for Email DLP.
- Do not mask—Enterprise DLP displays the entire matched sensitive data snippet in cleartext.
- Partial mask—Enterprise DLP partially masks the matched sensitive data snippet and displays only the last two characters in cleartext.
- Full mask—Enterprise DLP fully masks the entire matched sensitive data snippet.
Edit the Enterprise DLP Snippet Settings for Endpoint DLP
Configure the Endpoint DLP snippet settings on Strata Cloud Manager to specify if and how snippets are stored.- Log in to Strata Cloud Manager.Select ManageConfigurationData Loss PreventionSettingsSensitive Data.Enable Store Snippets of Sensitive Data for Endpoint DLP to store the snippets of sensitive data that match the data profile associated with your Endpoint DLP policy rule.Configure how to Snippets Masking for storage in the DLP cloud service.
- Do not mask—Enterprise DLP displays the entire matched sensitive data snippet in cleartext.
- Partial mask—Enterprise DLP partially masks the matched sensitive data snippet and displays only the last two characters in cleartext.
- Full mask—Enterprise DLP fully masks the entire matched sensitive data snippet.
Push your new Endpoint DLP snippet settings to the Prisma Access Agent.- Select Endpoint DLP PolicyPush Policies and Push Policies.(Optional) Enter a Description for the Endpoint DLP policy push.Review the Push Policies scope to understand the changes included the Endpoint DLP configuration push.Push.