Modify a DLP Rule on Prisma Access (Cloud Managed)

Modify an Enterprise data loss prevention (DLP) rule to enforce data security standards on Prisma Access (Cloud Managed).
A DLP rule, otherwise referred to as a data filtering profile, is a data profile for which you have specified the file type, action, and log severity for an existing data profile. Data filtering profiles are automatically created when you create a new data profile. To create an entirely new data filtering profile, you must create an entirely new data profile which automatically creates the new data filtering profile.
Modify an Enterprise data loss prevention (DLP) data filtering profile on Prisma Access (Cloud Managed) to enforce your organization’s data security standards and prevent exfiltration of sensitive information. After you configure the data filtering profile, you must create a Profile Group containing the data filtering profile and attached it to a Security Policy so Prisma Access (Cloud Managed) can enforce your data security standards.
  1. (
    Optional
    ) Modify the data filtering profile.
    Modifying the data filtering profile automatically created for the data profile is not required.
    Continue to the next step to if you want to apply the data filtering profile to a Security Policy using the default values described below.
    The default data filtering profile
    Direction
    is
    Upload
    . Downloads are not supported. This field cannot be edited.
    1. Select
      Manage
      Configuration
      Security Services
      Data Loss Prevention
      DLP Rules
      and select a data filtering profile.
      The data filtering profile has an identical name as the data profile for which it was automatically created.
    2. Specify a
      File Type
      .
      The default file type is
      Any
      and matches any of the supported file types. Otherwise, you can
      Select
      one or more file types to filter.
    3. Select an
      Action
      (
      Alert and Block
      ,
      Alert
      or
      Block
      ) to perform on the file.
      The Action is set to
      Alert and Block
      by default if the data profile has both Primary and Secondary Patterns. Changing the data filtering profile Action is not supported if both Primary and Secondary patterns are defined.
    4. (
      Optional
      ) Set the
      Log Severity
      recorded for files that match this rule.
      The default severity is
      Low
      .
    5. Save
      the data filtering profile.
  2. Create a Shared Profile Group for the Enterprise DLP data filtering profile.
    1. Select
      Manage
      Configuration
      Profile Groups
      and
      Add Profile Group
      .
    2. Enter a descriptive
      Name
      for the Profile Group.
    3. For the Data Loss Prevention Profile, select the Enterprise DLP data profile.
    4. Add any other additional profiles as needed.
    5. Save
      the profile group.
  3. Create a Security Policy and attached the Profile Group.
    1. Select
      Manage
      Configuration
      Security Policy
      and
      Add Rule
      .
      You can also update an existing Security Policy to attach a Profile Group for Enterprise DLP filtering.
    2. Configure the Security Policy as needed.
    3. Navigate to the Action and Advanced Inspection section, and select the
      Profile Group
      you created in the previous step.
    4. Save
      the Security Policy.
  4. Push your data filtering profile
    1. Push Config
      and
      Push
      .
    2. Select (enable)
      Remote Networks
      and
      Mobile Users
      .
    3. Push
      .

Recommended For You