Data Filtering Support for Data Loss Prevention (DLP) Solutions
Data filtering is enhanced to work with third-party,
endpoint DLP solutions that populate file properties to indicate
sensitive content, enabling the firewall to enforce your DLP policy.
To better secure this confidential data, you can now enable data filtering to
identify the file properties and values set by a DLP solution and
then log or block the files the data filtering profile identifies.
While this feature is supported in previous release versions,
it required you to use regular expressions to define the data patterns
on which you want the firewall to filter. This data filtering enhancement
introduces a more simplified and intuitive workflow to prevent confidential
information from leaving your network, including:
Built-in settings allow you
to easily enable the firewall to scan for file properties and specific,
associated values. If you’re using a DLP solution, you can populate
these settings based on your DLP policy.
New predefined data patterns enable you to quickly set up
social security and credit card number detection.
Data pattern objects previously defined to filter for credit
card numbers, social security numbers, and regular expression patterns
will look a little different after the upgrade to PAN-OS 8.0.