Enable Existing Data Patterns and Filtering Profiles
Focus
Focus
Enterprise DLP

Enable Existing Data Patterns and Filtering Profiles

Table of Contents

Enable Existing Data Patterns and Filtering Profiles

Enable existing data patterns and filtering profiles not configured using Enterprise Data Loss Prevention (E-DLP).
Where Can I Use This?What Do I Need?
  • NGFW (Managed by Panorama)
  • Prisma Access (Managed by Panorama)
  • Enterprise Data Loss Prevention (E-DLP) license
    Review the Supported Platforms for details on the required license for each enforcement point.
After you successfully install the Enterprise Data Loss Prevention (E-DLP) plugin on Panorama, existing data patterns and filtering profiles are no longer displayed but you can still reference them in your Security policy rules. If you have existing data filtering patterns and profiles configured that you need to edit after installing the Enterprise DLP plugin, you can display them again in your Panorama web interface.
Existing data patterns and data filtering profiles aren’t hidden if you’re using Enterprise DLP for Prisma Access (Managed by Panorama).
  1. Enable existing data patterns and filtering profiles on Panorama.
    1. Log in to the Panorama CLI.
    2. Enable the existing data patterns and filtering profiles.
      admin> request plugins dlp hide-old-config no
      Panorama returns a pass message to confirm the existing data patterns and filtering profiles are now displayed.
      Enter the following command to disable the displaying of existing data patterns and filtering profiles.
      admin> request plugins dlp hide-old-config yes
  2. (Optional) Enable existing data patterns and filtering profiles on the managed firewall if you have any Security policy rules configured locally on the firewall.
    1. Enable the existing data patterns and filtering profiles.
      admin> request plugins dlp hide-old-config no
      The firewall returns a pass message to confirm the existing data patterns and filtering profiles are now displayed.
      Enter the following command to disable the displaying of existing data patterns and filtering profiles.
      admin> request plugins dlp hide-old-config yes
  3. Log in to the Panorama web interface.
  4. Edit your existing data patterns and filtering profiles.
    1. Select ObjectsCustom ObjectsData Patterns and edit your data patterns.
    2. Select ObjectsSecurity ProfilesData Filtering and edit your data filtering profiles.
  5. Select PoliciesSecurity and select the Device Group to modify your Security policy rules as needed.
  6. Commit and push the new configuration to your managed firewalls.
    The Commit and Push command isn’t recommended for Enterprise DLP configuration changes. Using the Commit and Push command requires the additional and unnecessary overheard of manually selecting the impacted templates and managed firewalls in the Push Scope Selection.
      Expand all
      Collapse all
    • Full configuration push from Panorama
    • Partial configuration push from Panorama