Focus

Enterprise DLP Administrator’s Guide

Create a Data Profile to Detect Custom Documents

Table of Contents

Create a Data Profile to Detect Custom Documents

Create an

Enterprise Data Loss Prevention (E-DLP)

data profile to detect custom documents using a custom document type.

Where Can I Use This?	What Do I Need?
Strata Cloud Manager	Enterprise Data Loss Prevention (E-DLP) license (`SaaS Security only`) SaaS Security license Prisma Access license AIOps for NGFW Premium license AIOps for NGFW Free license

Create a data profile using one or more custom document types you uploaded to

Enterprise Data Loss Prevention (E-DLP)

Enterprise DLP

Log into

Strata Cloud Manager

DLP app on the hub

If you don’t already have access to the DLP app on the hub, see the hub Getting Started Guide. Only Superusers can access the hub.

Upload a Custom Document Type.

The custom document type is used as the match criteria in the data profile.

Test a Custom Document Type.

It is recommended you run a test for your custom document types to verify that

Enterprise DLP

can successfully detect a custom document before they leave your network.

The custom document type test generates an

overlapping score

used in the data profile to define the match criteria required to trigger a Security policy rule action.

Add a new data profile.

Strata Cloud Manager
—Select

Manage

Configuration

Security Services

Data Loss Prevention

Data Profiles

and select

Add Data Profile

Advanced Data Profile

DLP app
—Select

Data Profiles

Advanced Data Profile

Configure the Primary Rule data profile.

A custom document type cannot be deleted after it's added to a data profile. You must remove the custom document type from the data profile to delete it from

Enterprise DLP

Enter a descriptive

Data Profile Name

Select the match criteria operator (

AND

) to specify how

Enterprise DLP

evaluates inspected traffic if you add multiple custom document types.

Select

Add

Document Types

Define the match criteria.

Document Type
—Select a custom document type you uploaded to

Enterprise DLP

Overlapping Score Condition
—Specify the custom document overlapping score required to trigger a Security policy rule action.

Greater Than or Equal To
—Security policy rule triggered if

Enterprise DLP

detects an instance of matched traffic with the specified minimum overlapping score.

Between (Inclusive)
—Security policy rule action triggered if

Enterprise DLP

detects an instance of matched traffic with an overlapping score between the specified

min

and

max

overlapping scores.

Repeat these steps to add additional custom document types as needed.

Save

(Optional) Configure the Secondary Rule for the data profile.

Data pattern match criteria added to the Secondary Rule block all traffic that meets the match criteria for the data pattern conditions. If you want to allow traffic that matches a data pattern match criteria, add it to the Primary Rule.

Create a Security policy rule and associate the data profile.

Prisma Access (Cloud Management)
—Modify a DLP Rule for Prisma Access on Strata Cloud Manager

SaaS Security
—Create a SaaS Security Policy Recommendation to Leverage Enterprise DLP

Test a Custom Document Type

Email DLP

Enterprise DLP Administrator’s Guide

Create a Data Profile to Detect Custom Documents

Create a Data Profile to Detect Custom Documents

Recommended For You