1. Home
    2. Enterprise DLP
    3. Enterprise DLP Administrator’s Guide
    4. Configure Enterprise DLP
    5. Enterprise DLP Profiles
    6. Update a Data Filtering Profile on Panorama

    Update a Data Filtering Profile on Panorama

    Modify an existing Enterprise data loss prevention (DLP) hybrid data filtering profile on the Panorama™ management server.
    From the Panorama management server, you can edit and modify an existing data filtering profile you created on Panorama, SaaS Security, or the DLP app on the hub. Any changes you make to an existing data filtering profile from the DLP app on the hub is automatically synchronized to Panorama, Prisma Access (Panorama Managed), and Prisma SaaS where the data filtering profile is supported.
    You cannot update or modify the data pattern match criteria for an EDM dataset or a data profile with data patterns and EDM datasets from Panorama. You can only update or modify the data filtering profile action from Panorama. Any changes you make to an EDM filtering profile or a hybrid data filtering profile commit successfully on Panorama are not reflected in the DLP app on the hub. See Update a Data Profile on the DLP App to update the match criteria for an EDM data filtering profile or a data profile with data patterns and EDM datasets.
    If you update a data filtering profile to include a predefined data patterns, be sure to consider the detection type used by the predefined data patterns because the detection type determines how Enterprise data loss prevention (DLP) arrives at a verdict for scanned files. For example, when you create a data filtering profile that includes three machine learning (ML)-based data patterns and seven regex-based data patterns, Enterprise DLP will return verdicts based on the seven regex-based patterns whenever the scanned file exceeds 1MB.
    2. Select
      Objects
      DLP
      Data Filtering Profiles
       and specify the
      Device Group
      .
    3. Select a data filtering profile to edit.
    4. Edit the data filtering profile as needed.
      1. Modify the data filtering profile scan for
        File Based
         traffic,
        Non-File Based
         traffic, or both.
      2. Modify the
        Primary Pattern
         and
        Secondary Pattern
         match criteria.
        Modifying the data filtering profile match criteria on Panorama is supported only for Enterprise DLP data filtering profiles created on Panorama. See Create a Data Filtering Profile on Panorama for details on configuring data pattern criteria using predefined or custom data patterns.
      3. (
        Data Filtering Profile for Non-File Traffic Inspection Only
        ) Modify the
        URL Category Excluded List from Non-File
         and
        Application List Excluded from Non-File
         to configure which URL and application traffic is excluded from Enterprise DLP inspection.
      4. Edit the data filtering profile settings.
        Enterprise DLP supports editing the following data profile settings for a data profile with EDM datasets and a data profile with data patterns and EDM datasets from Panorama.
        • Select the data filtering profile
          Action
           (
          Alert
           or
          Block
          )
          If the data profile has both Primary and Secondary Patterns, changing the data filtering profile Action on Panorama deletes all Secondary Pattern match criteria.
        • Specify a
          File Type
          .
          Leave the file type as
          any
           to match any of the supported file types.
        • Set the
          Log Severity
           recorded for files that match this data filtering profile.
    5. Click
      OK
      .
    6. Commit and push your configuration changes to your managed firewalls that are leveraging Enterprise DLP.
      The
      Commit and Push
       command is not recommended for Enterprise DLP configuration changes. Using the
      Commit and Push
       command requires the additional and unnecessary overheard of manually selecting the impacted templates and managed firewalls in the Push Scope Selection.
      1. Select
        Commit
        Commit to Panorama
         and
        Commit
        .
      2. Select
        Commit
        Push to Devices
         and
        Edit Selections
        .
      3. Select
        Device Groups
         and
        Include Device and Network Templates
        .
      4. Click
        OK
        .
      5. Push
         your configuration changes to your managed firewalls that are leveraging Enterprise DLP.
    7. Verify the changes you made to the data filtering profile.
      1. Log in to the DLP app on the hub.
        If you do not already have access to the DLP app on the hub, see the hub Getting Started Guide. Only Superusers can access the hub.
      2. Select
        Data Profiles
         and search for the data filtering profile you updated.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo