Enterprise DLP
Edit the Enterprise DLP Snippet Settings
Table of Contents
Edit the Enterprise DLP Snippet Settings
Enterprise DLP
Snippet SettingsThe
Enterprise Data Loss Prevention (E-DLP)
snippet settings allow you to configure if and how
snippets of matched traffic are stored in the DLP cloud service.Where Can I Use This? | What Do I Need? |
---|---|
|
Or any of the following licenses that include the Enterprise DLP license
|
A snippet is evidence or identifiable information associated with a data pattern
match. You can configure if and how
Enterprise Data Loss Prevention (E-DLP)
stores and masks
snippets of sensitive data that match your data pattern match criteria in an Enterprise DLP
data profiles in the DLP cloud service. Your snippet
setting configuration determines how snippets of matched traffic are displayed when
you review your DLP Incidents.Strata Cloud Manager
Strata Cloud Manager
Configure the
Enterprise Data Loss Prevention (E-DLP)
snippet settings on Strata Cloud Manager
to
specify if and how snippets are stored.- Log in toStrata Cloud Manager.
- Select.ManageConfigurationData Loss PreventionSettings
- EnableSnippets Viewingto store the snippets of sensitive data that match your data patterns in the DLP cloud service.
- Configure how toSnippets Maskingfor storage in the DLP cloud service.
- Do not mask—Matched sensitive data snippet isn’t masked and entirely visible in cleartext.
- Partial mask—Matched sensitive data snippet is partially masked, displaying the last two characters in cleartext.
- Full mask—Matched sensitive data snippet is fully masked.
- Push the snippet settings.
- Push ConfigandPush.
- Select (enable)Remote NetworksandMobile Users.
- Push.
DLP App
Configure the
Enterprise Data Loss Prevention (E-DLP)
snippet settings on the DLP app on the Hub to
specify if and how snippets are stored.- Log in to the DLP app on the hub.If you don’t already have access to the DLP app on the hub, see the hub Getting Started Guide. Only Superusers can access the hub.
- Select.SettingsSensitive Data
- Check (enable)Store Snippets of Sensitive Data for Cloud Management or NGFWto store the snippets of sensitive data that match your data patterns in the DLP cloud service.
- Configure how toMask sensitive fields in snippets for Cloud Management or NGFWfor storage in the DLP cloud service.
- no-mask—Matched sensitive data snippet isn’t masked and entirely visible when stored in the DLP cloud service.
- partial-mask—Matched sensitive data snippet is partially masked displaying four characters when stored in the DLP cloud service.
- full-mask—Matched sensitive data snippet is fully masked when stored in the DLP cloud service.
Panorama
Panorama
Configure the
Enterprise Data Loss Prevention (E-DLP)
snippet settings on your Panorama™ management server
to specify if and how snippets are stored.- Log in to thePanoramaweb interface.
- Selectand edit the Snippet Settings.PanoramaDLPConfiguration
- Check (enable)Store Snippets of Sensitive Datato store the snippets of sensitive data that match your data patterns in the DLP cloud service.
- Configure how toMask Sensitive Fieldfor storage in the DLP cloud service.
- no-mask—Matched sensitive data snippet isn’t masked and entirely visible when stored in the DLP cloud service.
- partial-mask—Matched sensitive data snippet is partially masked displaying four characters when stored in the DLP cloud service.
- full-mask—Matched sensitive data snippet is fully masked when stored in the DLP cloud service.
- ClickOKto save your configuration changes.
- Commit and push the new configuration to your managed firewalls to complete theEnterprise DLPplugin installation.This step is required forEnterprise DLPdata filtering profile names to appear in Data Filtering logs.TheCommit and Pushcommand isn’t recommended forEnterprise DLPconfiguration changes. Using theCommit and Pushcommand requires the additional and unnecessary overheard of manually selecting the impacted templates and managed firewalls in the Push Scope Selection.
- Full configuration push from Panorama
- SelectandCommitCommit toPanoramaCommit.
- SelectandCommitPush to DevicesEdit Selections.
- SelectDevice GroupsandInclude Device and Network Templates.
- ClickOK.
- Pushyour configuration changes to your managed firewalls that are usingEnterprise DLP.
- Partial configuration push from PanoramaYou must always include the temporary__dlpadministrator when performing a partial configuration push. This is required to keepPanoramaand the DLP cloud service in sync.For example, you have anadminPanoramaadmin user who is allowed to commit and push configuration changes. Theadminuser made changes to theEnterprise DLPconfiguration and only wants to commit and push these changes to managed firewalls. In this case, theadminuser is required to also select the__dlpuser in the partial commit and push operations.
- Select.CommitCommit toPanorama
- SelectCommit Changes Made Byand then click the current Panorama admin user to select additional admins to include in the partial commit.In this example, theadminuser is currently logged in and performing the commit operation. Theadminuser must clickadminand then select the__dlpuser. If there are additional configuration changes made by other Panorama admins they can be selected here as well.ClickOKto continue.
- Commit.
- Select.CommitPush to Devices
- SelectPush Changes Made Byand then click the current Panorama admin user to select additional admins to include in the partial push.In this example, theadminuser is currently logged in and performing the push operation. Theadminuser must clickadminand then select the__dlpuser. If there are additional configuration changes made by other Panorama admins they can be selected here as well.ClickOKto continue.
- SelectDevice GroupsandInclude Device and Network Templates.
- ClickOK.
- Pushyour configuration changes to your managed firewalls that are usingEnterprise DLP.
SaaS Security (Email DLP Only)
SaaS Security
(Email DLP Only)Configure the Email DLP snippet settings on
SaaS Security
to specify if and
how snippets are stored.- Log in toStrata Cloud Manager.
- Select.ManageConfigurationSaaS SecuritySettingsEmail DLP Settings
- Configure theSnippet Viewing and Maskingsettings for Email DLP.
- Do not mask—Matched sensitive data snippet isn’t masked and entirely visible when stored in the DLP cloud service.
- Partial mask—Matched sensitive data snippet is partially masked displaying four characters when stored in the DLP cloud service.
- Full mask—Matched sensitive data snippet is fully masked when stored in the DLP cloud service.