: Modify a DLP Rule for Prisma Access on Strata Cloud Manager
Focus
Focus

Modify a DLP Rule for Prisma Access on Strata Cloud Manager

Table of Contents

Modify a DLP Rule for
Prisma Access
on
Strata Cloud Manager

Modify an
Enterprise Data Loss Prevention (E-DLP)
rule to enforce data security standards for
Prisma Access (Cloud Management)
on
Strata Cloud Manager
.
Where Can I Use This?
What Do I Need?
  • Strata Cloud Manager
  • Enterprise Data Loss Prevention (E-DLP)
    license
  • Prisma Access
    license
  • AIOps for NGFW Premium
    license
  • AIOps for NGFW Free
    license
A DLP rule, otherwise referred to as a data filtering profile, is a data profile for which you have specified the file type, action, and log severity for an existing data profile. Data filtering profiles are automatically created when you create a new data profile. To create an entirely new data filtering profile, you must create an entirely new data profile that automatically creates the new data filtering profile.
Modify an
Enterprise Data Loss Prevention (E-DLP)
data filtering profile on
Prisma Access (Cloud Management)
on
Strata Cloud Manager
to enforce your organization’s data security standards and prevent exfiltration of sensitive information. After you configure the data filtering profile, you must create a Profile Group containing the data filtering profile and attached it to a Security policy so
Prisma Access
can enforce your data security standards.
  1. Log into
    Strata Cloud Manager
    .
  2. Select
    Manage
    Configuration
    Security Services
    Data Loss Prevention
    DLP Rules
    and in the Actions column,
    Edit
    the DLP rule.
    The DLP rule has an identical name as the data profile from which it was automatically created.
  3. (
    Optional
    ) Enter a Description for the DLP rule.
  4. Modify the DLP rule Match Criteria.
    Modifying the DLP rule automatically created for the data profile isn’t required.
    Skip to the next step to if you want to apply the DLP rule to a Security policy without modifying the DLP rule match criteria and use the default values.
    The default DLP rule
    Direction
    is
    Upload
    . Downloads aren’t supported. This field can’t be edited.
    1. Specify the type of traffic the DLP rule applies to.
      You can enable either or both match criteria traffic types for a DLP rule.
      • File Based Match Criteria
        —DLP rule match criteria is applied to file-based based traffic.
      • Non-File Based Match Criteria
        —DLP rule match criteria is applied to non-file formats that use collaboration and cloud applications, web forms, and social media.
    2. Specify a
      File Type
      .
      The default file type is
      Any
      and matches any of the supported file types. Otherwise, you can
      Select
      one or more file types to filter.
    3. Specify the
      File Direction
      .
      The default file direction is
      Both
      and allows inspection of uploads and downloads for supported applications.
    4. Select an
      Action
      (
      Alert and Block
      ,
      Alert
      , or
      Block
      ) to perform on the file.
      The Action is set to
      Alert and Block
      by default if the data profile has both Primary and Secondary Patterns. Changing the data filtering profile Action isn’t supported if both Primary and Secondary patterns are defined.
    5. (
      Optional
      ) Set the
      Log Severity
      recorded for files that match this rule.
      The default severity is
      Low
      .
    6. Save
      the data filtering profile.
  5. Create a Shared Profile Group for the
    Enterprise DLP
    data filtering profile.
    1. Select
      Manage
      Configuration
      Security Services
      Profile Groups
      and
      Add Profile Group
      .
    2. Enter a descriptive
      Name
      for the Profile Group.
    3. For the Data Loss Prevention Profile, select the
      Enterprise DLP
      data profile.
    4. Add any other additional profiles as needed.
    5. Save
      the profile group.
  6. Create a Security policy and attached the Profile Group.
    1. Select
      Manage
      Configuration
      Security Policy
      and
      Add Rule
      .
      You can also update an existing Security policy to attach a Profile Group for
      Enterprise DLP
      filtering.
    2. Configure the Security policy as needed.
    3. Navigate to the Action and Advanced Inspection section, and select the
      Profile Group
      you created in the previous step.
    4. Save
      the Security policy.
  7. Push your data filtering profile.
    1. Push Config
      and
      Push
      .
    2. Select (enable)
      Remote Networks
      and
      Mobile Users
      .
    3. Push
      .

Recommended For You