1. Home
    2. Enterprise DLP
    3. Enterprise DLP Administrator’s Guide
    4. Configure Enterprise DLP
    5. Enterprise DLP Profiles
    6. Update a Data Filtering Profile on Panorama

    Update a Data Filtering Profile on Panorama

    Modify an existing
    Enterprise data loss prevention (DLP)
     data filtering profile on the Panorama™ management server.
    From the Panorama management server, you can edit and modify an existing data filtering profile you created on Panorama, SaaS Security, or the DLP app on the hub. Any changes you make to an existing data filtering profile from the DLP app on the hub is automatically synchronized to Panorama, Prisma Access (Panorama Managed), and Prisma SaaS where the data filtering profile is supported.
    You can’t update or modify the data pattern match criteria for an EDM dataset or a data profile with data patterns and EDM datasets from Panorama. You can only update or modify the data filtering profile action from Panorama. Any changes you make to an EDM filtering profile or a hybrid data filtering profile commit successfully on Panorama aren’t reflected in the DLP app on the hub. See Update a Data Profile on the DLP App to update the match criteria for an EDM data filtering profile or a data profile with data patterns and EDM data sets.
    If you update a data filtering profile to include a predefined data patterns, be sure to consider the detection type used by the predefined data patterns because the detection type determines how
    Enterprise data loss prevention (DLP)
     arrives at a verdict for scanned files. For example, when you create a data filtering profile that includes three machine learning (ML)-based data patterns and seven regex-based data patterns,
    Enterprise DLP
     will return verdicts based on the seven regex-based patterns whenever the scanned file exceeds 1 MB.
    2. Select
      Objects
      DLP
      Data Filtering Profiles
       and specify the
      Device Group
      .
    3. Select a data filtering profile to edit.
    4. Edit the data filtering profile as needed.
      1. Modify the data filtering profile scan for
        File Based
         traffic,
        Non-File Based
         traffic, or both.
      2. Modify the
        Primary Pattern
         and
        Secondary Pattern
         match criteria.
        Modifying the data filtering profile match criteria on Panorama is supported only for
        Enterprise DLP
         data filtering profiles created on Panorama. See Create a Data Filtering Profile on Panorama for details on configuring data pattern criteria using predefined or custom data patterns.
      3. (
        Data Filtering Profile for Non-File Traffic Inspection Only
        ) Modify the
        URL Category Excluded List from Non-File
         and
        Application List Excluded from Non-File
         to configure which URL and application traffic is excluded from
        Enterprise DLP
         inspection.
      4. Edit the data filtering profile settings.
        Enterprise DLP
         supports editing the following data profile settings for a data profile with EDM datasets and a data profile with data patterns and EDM datasets from Panorama.
        • Select the data filtering profile
          Action
           (
          Alert
           or
          Block
          )
          If the data profile has both Primary and Secondary Patterns, changing the data filtering profile Action on Panorama deletes all Secondary Pattern match criteria.
        • Specify a
          File Type
          .
          Leave the file type as
          any
           to match any of the supported file types.
        • Set the
          Log Severity
           recorded for files that match this data filtering profile.
    5. Click
      OK
      .
    6. Commit and push your configuration changes to your managed firewalls that are using
      Enterprise DLP
      .
      The
      Commit and Push
       command isn’t recommended for
      Enterprise DLP
       configuration changes. Using the
      Commit and Push
       command requires the additional and unnecessary overheard of manually selecting the impacted templates and managed firewalls in the Push Scope Selection.
      1. Select
        Commit
        Commit to Panorama
         and
        Commit
        .
      2. Select
        Commit
        Push to Devices
         and
        Edit Selections
        .
      3. Select
        Device Groups
         and
        Include Device and Network Templates
        .
      4. Click
        OK
        .
      5. Push
         your configuration changes to your managed firewalls that are using
        Enterprise DLP
        .
    7. Verify the changes you made to the data filtering profile.
      1. Log in to the DLP app on the hub.
        If you don’t already have access to the DLP app on the hub, see the hub Getting Started Guide. Only Superusers can access the hub.
      2. Select
        Data Profiles
         and search for the data filtering profile you updated.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo