Register and Activate Enterprise DLP on Prisma Access (Panorama
Complete the task to register and activate Enterprise DLP on Prisma Access (Panorama Managed).
Data Loss Prevention (DLP) on Prisma Access enables you to secure remote networks and users, and requires an add-on license.
To register and the Enterprise DLP plugin to use with Prisma Access, complete one of the following procedures:
- To upgrade to the Enterprise DLP plugin for a Prisma Access deployment that uses DLP on Prisma Access, follow the procedure in Upgrade to the Enterprise DLP Plugin—Existing Enterprise DLP on Prisma Access Deployments.
Before you install the Enterprise DLP plugin, make sure that your Prisma Access deployment has the following requirements:
- Make sure that you have purchased the Enterprise DLP add-on license for Prisma Access.
- On the Panorama appliance that manages Prisma Access, make sure that you have the minimum Panorama, content versions, DLP plugin, and Prisma Access versions.If you need to upgrade the Panorama or content version, install the content and software updates on Panorama.
Install the Enterprise DLP Plugin—New DLP Deployments
- From the Panorama that manages Prisma Access, selectand search for the latest version of the DLP plugin.PanoramaPluginsPrisma Access requires a minimum DLP plugin version of 1.0.3.
- DownloadandInstallthe Enterprise DLP plugin on Panorama.
- Commit your changes to Panorama by selectingandCommitCommit to PanoramaCommityour configuration changes.
- (Optional) if your Panorama manages on-premise firewalls as well as Prisma Access, commit and push the changes to your managed firewalls.This step is required in order for Enterprise DLP data filtering profile names to appear in Data Filtering logs.
- Selectand Commit your configuration changes.CommitCommit to Panorama
- SelectandCommitPush to DevicesEdit Selections.
- SelectDevice GroupsandInclude Device and Network Templatesand clickOK.
- Pushyour configuration changes to your managed firewalls.
Upgrade to the Enterprise DLP Plugin—Existing Enterprise
DLP on Prisma Access Deployments
If you have an existing DLP on Prisma Access deployment, complete the following steps.
- Make sure that you have completed the following actions before installing the Enterprise DLP plugin:
- You have had your Prisma Access dataplane upgraded to a minimum version of 10.0.To find your dataplane version, selectand view thePanoramaCloud ServicesConfigurationService SetupCurrent Dataplane versionin theDataPlane PAN-OS versionarea. If theDataPlane PAN-OS versionis 10.0 or later, your dataplane is compatible with the DLP plugin.If your deployment is a dataplane version that is earlier than 10.0, use this document to register and activate Enterprise DLP on Prisma Access.
- You have upgraded and installed the Cloud Services plugin for your Prisma Access release, and your plugin version is 2.0 Innovation, 2.1. Innovation, 2.2 Preferred, or a later Preferred or Innovation version.2.0 Preferred and 2.1 Preferred Prisma Access releases do not support using the DLP plugin with Prisma Access.
- Install and activate the DLP plugin. Make a note of the following caveats during installation:
- You do not have to verify that the Panorama and Prisma Access belong to the same CSP account; you have already associated the Panorama serial number with the CSP account when you installed Prisma Access.
- You do not have to activate the Enterprise DLP plugin on Prisma Access. However, if you have managed firewalls, you should complete the steps to enter the auth code for the target managed firewalls.
- Data patterns move fromtoObjectsCustom ObjectsData Patterns.ObjectsDLPData Filtering Patterns
- Data filtering profiles move fromtoObjectsSecurity ProfilesData Filtering.ObjectsDLPData Filtering Profiles
Recommended For You
Recommended videos not found.