Edit the Enterprise DLP Non-File Data Filtering Settings

Edit the Enterprise Data Loss Prevention (DLP) non-file data filtering settings to specify the actions the managed firewall takes on non-file based data scanned to the DLP cloud service.
Configure the network settings for non-file based traffic scanned to the Enterprise data loss prevention (DLP) cloud service and specify the actions the firewall leveraging Enterprise DLP takes. Editing the Enterprise DLP non-file data filtering settings is supported on the Panorama™ management server running PAN-OS 10.2.1 or later release with Panorama plugin for Enterprise DLP 3.0.1 or later release.
  1. Select
    Device
    Setup
    DLP
    and select the
    Template
    associated with the managed firewalls leveraging Enterprise DLP.
  2. Edit the Non-File Data Filtering Settings
    1. Verify that
      Enable Non File DLP
      is checked (enabled).
      Non-File DLP is enabled by default when you install Panorama plugin for Enterprise DLP 3.0.1.
    2. Specify the
      Max Latency (sec)
      to configure the allowable time for non-file data upload to determine the allowable time before an action is taken by the firewall.
    3. Specify the
      Action on Max Latency
      (
      Allow
      or
      Block
      ) the firewall takes if no verdict was received for a non-file traffic data upload due to the upload time exceeding the configured
      Max Latency
      .
      Selecting
      Block
      applies only to Enterprise DLP data filtering profiles configured to block non-file data. This setting does not impact Enterprise DLP filtering profiles configured to alert when traffic containing sensitive data is scanned.
    4. Specify the
      Min Data Size (B)
      to enforce a minimum size for non-file data to be scanned by the DLP cloud service .
    5. Specify the
      Max Data Size (KB)
      to enforce a maximum size for non-file data to be scanned by the DLP cloud service.
    6. Specify the
      Action on Data File Size
      (
      Allow
      or
      Block
      ) the firewall takes if no verdict was received for a non-file traffic data upload due to the traffic data size being larger than the configured
      Max Data Size
      .
      Selecting
      Block
      applies only to Enterprise DLP data filtering profiles configured to block non-file data. This setting does not impact Enterprise DLP filtering profiles configured to alert when traffic containing sensitive data is scanned.
    7. Check (enable)
      Log Data Not Scanned
      to generate an alert in the data filtering log when non-file data cannot be scanned by the DLP cloud service.
    8. Click
      OK
      to save your configuration changes.
  3. Edit the Enterprise DLP Action on Error Setting to configure the action the firewall takes if any error is encountered during non-file traffic data upload.
  4. Commit and push your configuration changes to your managed firewalls leveraging Enterprise DLP.
    While a performing a
    Commit and Push
    is supported, it is not recommended for Enterprise DLP configuration changes and requires you to manually select the impacted templates and managed firewalls in the Push Scope Selection.
    1. Select
      Commit
      Commit to Panorama
      and
      Commit
      your configuration changes.
    2. Select
      Commit
      Push to Devices
      and
      Edit Selections
      .
    3. Select
      Device Groups
      and
      Include Device and Network Templates
      .
    4. Click
      OK
      .
    5. Push
      your configuration changes to your managed firewalls.

Recommended For You