1. Home
    2. Enterprise DLP
    3. Enterprise DLP Administrator’s Guide
    4. Set Up Enterprise DLP
    5. Set Up the Enterprise DLP Plugin on Panorama
    6. Install the Enterprise DLP Plugin on Panorama

    Install the Enterprise DLP Plugin on Panorama

    Install the
    Enterprise data loss prevention (DLP)
     plugin on your Panorama™ management server and managed firewalls.
    To install the
    Enterprise data loss prevention (DLP)
     plugin on your Panorama™ management server and managed firewalls, first download the plugin from the Palo Alto Networks Customer Support Portal, upload the plugin to Panorama, and then install it. You must install the plugin on Panorama and your managed firewalls before you can use
    Enterprise DLP
    .
    Your existing data patterns (
    Objects
    Custom Objects
    Data Patterns
    ) and data filtering profiles (
    Objects
    Security Profiles
    Data Filtering
    ) are automatically hidden after you successfully install the
    Enterprise DLP
     plugin on your Panorama management server. To display your existing data patterns and filtering profiles when you need to reference them, you can temporarily Enable Existing Data Patterns and Filtering Profiles.
    1. (
      Best Practices
      ) Before you install the plugin and activate your
      Enterprise DLP
       license, select
      Assets
      Devices
       to locate your Panorama management server and your managed firewalls to verify that they all belong to the same CSP account.
      Panorama and any managed firewalls on which you want to use
      Enterprise DLP
       must belong to the same CSP account, which enables you to share data profiles and maintain consistent Security policy rule enforcement.
    3. The device certificate is required for all managed firewalls using
      Enterprise DLP
      .
    4. Install the plugin on Panorama.
      2. Select
        Panorama
        Plugins
         and search for the latest version of the
        Enterprise DLP
         plugin.
      3. Download
         and
        Install
         the
        Enterprise DLP
         plugin on Panorama.
    5. Commit and push the new configuration to your managed firewalls to complete the
      Enterprise DLP
       plugin installation.
      This step is required for
      Enterprise DLP
       data filtering profile names to appear in Data Filtering logs.
      The
      Commit and Push
       command isn’t recommended for
      Enterprise DLP
       configuration changes. Using the
      Commit and Push
       command requires the additional and unnecessary overheard of manually selecting the impacted templates and managed firewalls in the Push Scope Selection.
      1. Select
        Commit
        Commit to Panorama
         and
        Commit
        .
      2. Select
        Commit
        Push to Devices
         and
        Edit Selections
        .
      3. Select
        Device Groups
         and
        Include Device and Network Templates
        .
      4. Click
        OK
        .
      5. Push
         your configuration changes to your managed firewalls that are using
        Enterprise DLP
        .
    6. Activate your
      Enterprise DLP
       license on the Palo Alto Networks Customer Support Portal (CSP).
      Repeat this step for all managed firewalls using
      Enterprise DLP
      .
      1. Log in to the Palo Alto Networks Customer Support Portal.
      2. Select
        Assets
        Devices
         and edit ( in the Actions column) the appropriate asset.
      3. In the Device Licenses window,
        Activate Auth-Code
         and then enter the
        Authorization Code
         (auth code).
        The auth code is automatically provided to you by Palo Alto Networks in an email after you complete your purchase of the
        Enterprise DLP
         plugin license.
      4. Agree and Submit
         your auth code .
    7. (
      Optional
      ) Create a Palo Alto Networks Support ticket to enable your
      Enterprise DLP
       license to transfer between firewalls.
      Requesting that the
      Enterprise DLP
       license is transferable enables you to transfer your DLP license to other managed firewalls.
      In the support ticket, include the following information:
      • The request for a firewall transfer for the
        Enterprise DLP
         license.
      • Your CSP account ID and the email associated with your CSP account.
      • The managed firewall serial number. If you activated the
        Enterprise DLP
         license on multiple managed firewalls, include the serial numbers for all the managed firewalls in a single support ticket.
      • The auth codes used to activate the
        Enterprise DLP
         license on your managed firewalls.
      • Also provide the CSP account ID with which additional managed firewalls are associated if you have managed firewalls that belong to a different CSP account.
    8. Activate the
      Enterprise DLP
       plugin on your managed firewalls.
      1. Select
        Panorama
        Device Deployment
        License
         and
        Activate
         the
        Enterprise DLP
         plugin.
      2. Enter the
        Auth Code
         for the target managed firewalls.
        The auth code is automatically provided to you by Palo Alto Networks in an email after you complete your purchase of the
        Enterprise DLP
         plugin license.
      3. Activate
         the
        Enterprise DLP
         plugin license on your managed firewalls.
    9. Select
      Objects
      DLP
      Data Filtering Profiles
       and verify that the predefined data filtering profiles are displayed.
      Panorama is automatically populated with predefined data filtering profiles when the Panorama management server successfully connects to the DLP cloud service.
    10. Verify that the
      Enterprise DLP
       license is successfully activated on your managed firewalls.
      2. Select
        Device
        Licenses
         and verify that the license is successfully activated.
    11. After you successfully install the
      Enterprise DLP
       plugin on the Panorama management server, you must create Security policy rules to enable your managed firewalls to leverage .

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo