Create a Data Pattern on Panorama
Create a data pattern to identify sensitive information on your network.
After you set up Enterprise DLP on Panorama or Prisma Access (Panorama Managed), create data patterns to specify the match criteria and identify patterns using regular expressions, file properties, or keywords that represent sensitive information on your network. All data patterns created are shared across all device groups.
- Selectand specify theObjectsDLPDLP Data PatternsDevice Group.
- Adda new data pattern.
- Specify aTypeand criteria for the data pattern and give it aName.Use following data pattern type:
- Regular Expression—Create regular expressions to use in the data pattern.You can chooseBasicorAdvanceddata patterns. Use theAdvanceddata pattern to create a basic or weighted regular expression. With weighted regular expressions, each text entry is assigned a score, and when the score threshold is exceeded, such as enough expressions from a pattern match an asset, the asset will be indicated as a match for the pattern.You then use the query builder in theRegular Expressionsarea to add expressions, either regular (Basic) or weighted (Advanced).You can enter one or moreProximity Keywordsto use with the Data Filtering pattern. Use proximity keywords in a data filtering profile with a High Confidence. When you upload a file, the managed firewall looks for the proximity keywords you specify within 200 characters of the regular expressions before it considers the specified data pattern to be a match in the file.
- File Property—Add a file property pattern to match.For data governance and protection of information, if you use classification labels or embed tags in MS Office and PDF documents to include more information for audit and tracking purposes, you can create a file property data pattern to match on the metadata or attributes that are a part of the custom or extended properties in the file. Regardless of whether you use an automated classification mechanism such as Titus or require users to add a tag, you can specify a name-value pair to match on a custom or extended property embedded in the file.Enterprise DLP supports file property data patterns in MS Office and PDF documents. Both the OLE (.doc/.ppt) or XML (.docx/.pptx) formats of MS Office are supported.You then add aTag NameandTag Value.ATag NameandTag Valueare an associated pair that specifies the property that you want to look for (for example, you can specify aTag NameofLabeland aTag ValueofConfidential). You can add as many file properties as you’d like. When you later reference the file property data pattern in a data filtering profile, a boolean OR match is used in the match criteria.
- ClickOKto save the data pattern.
- Commit and push your configuration changes to your managed firewalls leveraging Enterprise DLP.While a performing aCommit and Pushis supported, it is not recommended for Enterprise DLP configuration changes and requires you to manually select the impacted templates and managed firewalls in the Push Scope Selection.
- SelectandCommitCommit to PanoramaCommityour configuration changes.
- SelectandCommitPush to DevicesEdit Selections.
- SelectDevice GroupsandInclude Device and Network Templates.
- Pushyour configuration changes to your managed firewalls.
- Create a Data Filtering Profile on Panorama using one or more data patterns.
Recommended For You
Recommended videos not found.