Modify a DLP Rule for Prisma Access on Cloud Management
Modify an Enterprise data loss prevention (DLP) rule to enforce data security standards for Prisma Access on Cloud Management
A DLP rule, otherwise referred to as a data filtering profile, is a data profile for which you have specified the file type, action, and log severity for an existing data profile. Data filtering profiles are automatically created when you create a new data profile. To create an entirely new data filtering profile, you must create an entirely new data profile which automatically creates the new data filtering profile.
Modify an Enterprise data loss prevention (DLP) data filtering profile on Prisma Access on Cloud Management to enforce your organization’s data security standards and prevent exfiltration of sensitive information. After you configure the data filtering profile, you must create a Profile Group containing the data filtering profile and attached it to a Security Policy so Prisma Access can enforce your data security standards.
- Selectand in the Actions column,ManageConfigurationSecurity ServicesData Loss PreventionDLP RulesEditthe DLP rule.The DLP rule has an identical name as the data profile from which it was automatically created.
- (Optional) Enter a Description for the DLP rule.
- Modify the DLP rule Match Criteria.Modifying the DLP rule automatically created for the data profile is not required.Skip to the next step to if you want to only apply the DLP rule to a Security Policy using the default values.The default DLP ruleDirectionisUpload. Downloads are not supported. This field cannot be edited.
- Specify the type of traffic the DLP rule applies to.You can enable either or both match criteria traffic types for a DLP rule.
- Non-File Based Match Criteria—DLP rule match criteria is applied to non-file formats that leverage collaboration and cloud applications, web forms, and social media.
- Specify aFile Type.The default file type isAnyand matches any of the supported file types. Otherwise, you canSelectone or more file types to filter.
- Specify theFile Direction.The default file direction isBothand allows inspection of uploads and downloads for supported applications.
- Select anAction(Alert and Block,AlertorBlock) to perform on the file.The Action is set toAlert and Blockby default if the data profile has both Primary and Secondary Patterns. Changing the data filtering profile Action is not supported if both Primary and Secondary patterns are defined.
- (Optional) Set theLog Severityrecorded for files that match this rule.The default severity isLow.
- Savethe data filtering profile.
- Create a Shared Profile Group for the Enterprise DLP data filtering profile.
- SelectandManageConfigurationProfile GroupsAdd Profile Group.
- Enter a descriptiveNamefor the Profile Group.
- For the Data Loss Prevention Profile, select the Enterprise DLP data profile.
- Add any other additional profiles as needed.
- Savethe profile group.
- Create a Security Policy and attached the Profile Group.
- SelectandManageConfigurationSecurity PolicyAdd Rule.You can also update an existing Security Policy to attach a Profile Group for Enterprise DLP filtering.
- Configure the Security Policy as needed.
- Navigate to the Action and Advanced Inspection section, and select theProfile Groupyou created in the previous step.
- Savethe Security Policy.
- Push your data filtering profile
- Push ConfigandPush.
- Select (enable)Remote NetworksandMobile Users.
Recommended For You
Recommended videos not found.