Update a Data Filtering Profile on Panorama
Modify an existing Enterprise data loss prevention (DLP) hybrid data filtering profile on the Panorama™ management server.
From the Panorama management server, you can edit and modify an existing data filtering profile you created on Panorama, SaaS Security, or the DLP app on the hub. Any changes you make to an existing data filtering profile from the DLP app on the hub is automatically synchronized to Panorama, Prisma Access (Panorama Managed), and Prisma SaaS where the data filtering profile is supported.
You cannot update or modify the data pattern match criteria for an EDM dataset or a data profile with data patterns and EDM datasets from Panorama. You can only update or modify the data filtering profile action from Panorama. Any changes you make to an EDM filtering profile or a hybrid data filtering profile commit successfully on Panorama are not reflected in the DLP app on the hub. See Update a Data Profile on the DLP App to update the match criteria for an EDM data filtering profile or a data profile with data patterns and EDM datasets.
If you update a data filtering profile to include a predefined data patterns, be sure to consider the detection type used by the predefined data patterns because the detection type determines how Enterprise data loss prevention (DLP) arrives at a verdict for scanned files. For example, when you create a data filtering profile that includes three machine learning (ML)-based data patterns and seven regex-based data patterns, Enterprise DLP will return verdicts based on the seven regex-based patterns whenever the scanned file exceeds 1MB.
- Selectand specify theObjectsDLPData Filtering ProfilesDevice Group.
- Select a data filtering profile to edit.
- Edit the data filtering profile as needed.
- Modify the data filtering profile scan forFile Basedtraffic,Non-File Basedtraffic, or both.
- Modify thePrimary PatternandSecondary Patternmatch criteria.Modifying the data filtering profile match criteria on Panorama is supported only for Enterprise DLP data filtering profiles created on Panorama. See Create a Data Filtering Profile on Panorama for details on configuring data pattern criteria using predefined or custom data patterns.
- (Data Filtering Profile for Non-File Traffic Inspection Only) Modify theURL Category Excluded List from Non-FileandApplication List Excluded from Non-Fileto configure which URL and application traffic is excluded from Enterprise DLP inspection.See Create a Data Filtering Profile on Panorama for Non-File Detection for more information.
- Edit the data filtering profile settings.
- Select the data filtering profileAction(AlertorBlock)If the data profile has both Primary and Secondary Patterns, changing the data filtering profile Action on Panorama deletes all Secondary Pattern match criteria.
- Specify aFile Type.Leave the file type asanyto match any of the supported file types.
- Set theLog Severityrecorded for files that match this data filtering profile.
- Commit and push your configuration changes to your managed firewalls that are leveraging Enterprise DLP.TheCommit and Pushcommand is not recommended for Enterprise DLP configuration changes. Using theCommit and Pushcommand requires the additional and unnecessary overheard of manually selecting the impacted templates and managed firewalls in the Push Scope Selection.
- SelectandCommitCommit to PanoramaCommit.
- SelectandCommitPush to DevicesEdit Selections.
- SelectDevice GroupsandInclude Device and Network Templates.
- Pushyour configuration changes to your managed firewalls that are leveraging Enterprise DLP.
Recommended For You
Recommended videos not found.