Create a data pattern to identify sensitive information
on your network.
Data patterns enable you to specify the match
criteria and identify patterns using regular expressions, file properties,
or keywords that represent sensitive information on your network.
All data patterns created are shared across all device groups.
—Create regular expressions to use in the
You can choose
patterns. Use the
data pattern to
create a basic or weighted regular expression.
With weighted regular expressions, each text entry is assigned a
score, and when the score threshold is exceeded, such as enough
expressions from a pattern match an asset, the asset will be indicated
as a match for the pattern.
You then use the query builder
area to add expressions,
either regular (
) or weighted (
can enter one or more
use with the Data Filtering pattern. Use proximity keywords in a
data filtering profile with a High Confidence. When you upload a
file, the managed firewall looks for the proximity keywords you specify
within 200 characters of the regular expressions before it considers
the specified data pattern to be a match in the file.
—Add a file property
pattern to match.
For data governance and protection of information,
if you use classification labels or embed tags in MS Office and
PDF documents to include more information for audit and tracking
purposes, you can create a file property data pattern to match on
the metadata or attributes that are a part of the custom or extended
properties in the file. Regardless of whether you use an automated
classification mechanism such as Titus or require users to add a
tag, you can specify a name-value pair to match on a custom or extended
property embedded in the file.
Enterprise DLP supports file
property data patterns in MS Office and PDF documents. Both the
OLE (.doc/.ppt) or XML (.docx/.pptx) formats of MS Office are supported.
then add a
are an associated
pair that specifies the property that you want to look for (for
example, you can specify a
). You can
add as many file properties as you’d like. When you later reference
the file property data pattern in a data filtering profile, a boolean
OR match is used in the match criteria.
to save the data pattern.
Commit and push your configuration changes to your managed
firewalls leveraging Enterprise DLP.
While a performing a
Commit and Push
supported, it is not recommended for Enterprise DLP configuration
changes and requires you to manually select the impacted templates
and managed firewalls in the Push Scope Selection.
Commit to Panorama
Push to Devices
Device and Network Templates
your configuration changes
to your managed firewalls.