: Register and Activate Enterprise DLP on Prisma Access (Panorama Managed)
Focus
Focus

Register and Activate Enterprise DLP on Prisma Access (Panorama Managed)

Table of Contents

Register and Activate
Enterprise DLP
on
Prisma Access (Panorama Managed)

Complete the task to register and activate
Enterprise Data Loss Prevention (E-DLP)
on
Prisma Access (Panorama Managed)
.
Where Can I Use This?
What Do I Need?
  • Panorama
  • Enterprise Data Loss Prevention (E-DLP)
    license
  • (
    Panorama
    ) Device management license
  • (
    Panorama
    ) Support license
Enterprise Data Loss Prevention (E-DLP)
on
Prisma Access
enables you to secure remote networks and users, and requires an add-on license.
To register and activate the
Enterprise DLP
plugin to use with
Prisma Access
, complete one of the following procedures:

Preinstallation Requirements

Before you install the
Enterprise DLP
plugin, make sure that your
Prisma Access
deployment has the following requirements:

Install the
Enterprise DLP
Plugin—New
Enterprise DLP
Deployments

After you have completed the Preinstallation Steps, complete the following steps to install the
Enterprise DLP
plugin on Panorama.
  1. From the Panorama that manages
    Prisma Access
    , select
    Panorama
    Plugins
    and search for the latest version of the
    Enterprise DLP
    plugin.
    Prisma Access
    requires a minimum
    Enterprise DLP
    plugin version of 1.0.3.
  2. Download
    and
    Install
    the
    Enterprise DLP
    plugin on Panorama.
  3. Commit your changes to Panorama by selecting
    Commit
    Commit to Panorama
    and
    Commit
    your configuration changes.
  4. (
    Optional
    ) if your Panorama manages on-premise firewalls as well as
    Prisma Access
    , commit and push the changes to your managed firewalls.
    This step is required for
    Enterprise DLP
    data filtering profile names to appear in Data Filtering logs.
    1. Select
      Commit
      Commit to Panorama
      and Commit your configuration changes.
    2. Select
      Commit
      Push to Devices
      and
      Edit Selections
      .
    3. Select
      Device Groups
      and
      Include Device and Network Templates
      and click
      OK
      .
    4. Push
      your configuration changes to your managed firewalls.

Upgrade to the
Enterprise DLP
Plugin—Existing
Enterprise DLP
on
Prisma Access
Deployments

If you have an existing
Enterprise DLP
plugin on
Prisma Access
deployment, complete the following steps.
  1. Make sure that you have completed the following actions before installing the
    Enterprise DLP
    plugin:
    • You have had your
      Prisma Access
      to a minimum version of 10.0.
      To find your dataplane version, select
      Panorama
      Cloud Services
      Configuration
      Service Setup
      and view the
      Current Dataplane version
      in the
      DataPlane PAN-OS version
      area. If the
      DataPlane PAN-OS version
      is 10.0 or later, your dataplane is compatible with the
      Enterprise DLP
      plugin.
      If your deployment is a dataplane version that is earlier than 10.0, use this document to register and activate
      Enterprise DLP
      on
      Prisma Access
      .
    • You have upgraded and installed the Cloud Services plugin for your
      Prisma Access
      release, and your plugin version is 2.0 Innovation, 2.1. Innovation, 2.2 Preferred, or a later Preferred or Innovation version.
      2.0 Preferred and 2.1 Preferred
      Prisma Access
      releases don’t support using the
      Enterprise DLP
      plugin with
      Prisma Access
      .
  2. Install and activate the . Make a note of the following caveats during installation:
    • You don’t have to verify that the Panorama and
      Prisma Access
      belong to the same CSP account; you have already associated the Panorama serial number with the CSP account when you installed .
    • You don’t have to activate the
      Enterprise DLP
      plugin on
      Prisma Access
      . However, if you have managed firewalls, you should complete the steps to enter the auth code for the target managed firewalls.
  3. (
    Optional
    ) If you have existing data patterns and data filtering profiles that you use for
    Enterprise DLP
    on
    Prisma Access
    , verify that the installation process completed successfully by checking that the data patterns and data filtering profiles moved to the following locations in Panorama:
    • Data patterns move from
      Objects
      Custom Objects
      Data Patterns
      to
      Objects
      DLP
      Data Filtering Patterns
      .
    • Data filtering profiles move from
      Objects
      Security Profiles
      Data Filtering
      to
      Objects
      DLP
      Data Filtering Profiles
      .

Recommended For You