Modify a DLP Rule on Prisma Access (Cloud Managed)
Modify an Enterprise data loss prevention (DLP) rule
to enforce data security standards on Prisma Access (Cloud Managed).
A DLP rule, otherwise referred to as a data
filtering profile, is a data profile for which you have specified
the file type, action, and log severity for an existing data profile. Data
filtering profiles are automatically created when you create a new
data profile. To create an entirely new data filtering profile,
you must create an entirely new data profile which automatically
creates the new data filtering profile.
Modify an Enterprise
data loss prevention (DLP) data filtering profile on Prisma Access
(Cloud Managed) to enforce your organization’s data security standards
and prevent exfiltration of sensitive information. After you configure
the data filtering profile, you must create a Profile Group containing
the data filtering profile and attached it to a Security Policy
so Prisma Access (Cloud Managed) can enforce your data security
standards.
- (Optional) Modify the data filtering profile.Modifying the data filtering profile automatically created for the data profile is not required.Continue to the next step to if you want to apply the data filtering profile to a Security Policy using the default values described below.The default data filtering profileDirectionisUpload. Downloads are not supported. This field cannot be edited.
- Selectand select a data filtering profile.ManageConfigurationSecurity ServicesData Loss PreventionDLP RulesThe data filtering profile has an identical name as the data profile for which it was automatically created.
- Specify aFile Type.The default file type isAnyand matches any of the supported file types. Otherwise, you canSelectone or more file types to filter.
- Select anAction(Alert and Block,AlertorBlock) to perform on the file.The Action is set toAlert and Blockby default if the data profile has both Primary and Secondary Patterns. Changing the data filtering profile Action is not supported if both Primary and Secondary patterns are defined.
- (Optional) Set theLog Severityrecorded for files that match this rule.The default severity isLow.
- Savethe data filtering profile.
- Create a Shared Profile Group for the Enterprise DLP data filtering profile.
- SelectandManageConfigurationProfile GroupsAdd Profile Group.
- Enter a descriptiveNamefor the Profile Group.
- For the Data Loss Prevention Profile, select the Enterprise DLP data profile.
- Add any other additional profiles as needed.
- Savethe profile group.
- Create a Security Policy and attached the Profile Group.
- SelectandManageConfigurationSecurity PolicyAdd Rule.You can also update an existing Security Policy to attach a Profile Group for Enterprise DLP filtering.
- Configure the Security Policy as needed.
- Navigate to the Action and Advanced Inspection section, and select theProfile Groupyou created in the previous step.
- Savethe Security Policy.
- Push your data filtering profile
- Push ConfigandPush.
- Select (enable)Remote NetworksandMobile Users.
- Push.
Recommended For You
Recommended Videos
Recommended videos not found.