Create an EDM Filtering Profile
Create an Exact Data Matching (EDM) filtering profile in the DLP app on the hub.
Create an Exact Data Matching (EDM) filtering profile in the DLP app on the hub. EDM filtering profiles created in the DLP app are automatically synchronized with your Panorama™ management server so you can leverage the EDM filtering profile in your Security policy rules. In order for the DLP cloud service to render a match verdict using an EDM filtering profile, scanned files containing primary and secondary field values must be within 100 character of each other. Otherwise, the DLP cloud service is unable to render a match verdict.
- ClickandDetection MethodsData ProfilesAdd Data Profile.
- Create the EDM filtering profile.
- Enter a descriptiveData Profile Name.
- Select anEDM Dataset.The list of available data sets are the EDM data sets uploaded using the EDM CLI application.
- Specify theOccurrencesrequired to trigger a Security policy rule action.The occurrences value you configure determine how many times values in the Primary Field and Secondary Fields are encountered before triggering an action.
- Select thePrimary Fieldvalues.The list of available values is populated from the selected EDM data set. You must select at least one primary field value.You are required to add at least one column where the column values occurs up to 12 times in the selected EDM data set for thePrimary Field. For example, if the EDM data set contains columns for first name, last name, social security number, and credit card number, add social security number and credit card in the primary field.
- (Optional) Select theSecondary Fieldvalues.The list of available fields is populated from the selected EDM data set.For the best results for exact data matching, include any columns that could be repeated in the secondary field. For example, if the EDM data set contains columns for first name, last name, social security number, and credit card number, add first name and last name in the secondary field.
- Configure the match criteria for a Security policy rule action based on the values in the primary and secondary fields.When you selectAny, the maximumCountsetting is one less than the total number of fields included in thePrimary FieldorSecondary Field.Configure whether an action ifAnyorAllprimary fields are matched and ifAnyorAllsecondary fields are matched.For example, you configure an EDM filtering profile to scan for at least 20 occurrences that match for All primary fields and Any secondary fields with a match count of 3. When applied to a Security policy rule, an action is taken when a scanned file contains at least 20 matches to all primary field values and any 3 of the secondary field values.
- Savethe EDM filtering profile.Saved profiles are automatically synchronized to your Panorama so you can apply the profile to a Security policy rule.
- Add the EDM filtering profile to a Security policy rule.
- Selectand select thePoliciesSecurityDevice Groupassociated with the managed firewalls leveraging Enterprise DLP.
- Click the Security policy ruleName.
- Selectand select theActionsProfile TypeProfilesData Filteringprofile.
- SelectCommitandCommit and Push.
Recommended For You
Recommended videos not found.