1. Home
    2. PAN-OS
    3. PAN-OS® Web Interface Reference
    4. Objects
    5. Objects > Security Profiles > Data Filtering
    End-of-Life (EoL)

    Objects > Security Profiles > Data Filtering

    Data filtering enables the firewall to detect sensitive information—such as credit card or social security numbers or internal corporate documents—and prevent this data from leaving a secure network. Before you enable data filtering, select Objects > Custom Objects > Data Patterns to define the type of data you want to filter (such as social security numbers or document titles that contain the word “confidential”). You can add several data pattern objects to a single Data Filtering profile and, when attached to a Security policy rule, the firewall scans allowed traffic for each data pattern and blocks matching traffic based on the data filtering profile settings.
    Data Filtering Profile Settings
    Description
    Name
    Enter a profile name (up to 31 characters). This name appears in the list of log forwarding profiles when defining security policies. The name is case-sensitive and must be unique. Use only letters, numbers, spaces, hyphens, and underscores.
    Description
    Enter a description for the profile (up to 255 characters).
    Shared
    Select this option if you want the profile to be available to:
    • Every virtual system (vsys) on a multi-vsys firewall. If you clear this selection, the profile will be available only to the
      Virtual System
       selected in the
      Objects
       tab.
    • Every device group on Panorama. If you clear this selection, the profile will be available only to the
      Device Group
       selected in the
      Objects
       tab.
    Disable override (
    Panorama only
    )
    Select this option to prevent administrators from overriding the settings of this Data Filtering profile in device groups that inherit the profile. This selection is cleared by default, which means administrators can override the settings for any device group that inherits the profile.
    Data Capture
    Select this option to automatically collect the data that is blocked by the filter.
    Specify a password for Manage Data Protection on the Settings page to view your captured data. Refer to Device > Setup > Management.
    Data Pattern
    Add an existing data pattern to use for filtering or select
    New
     to configure a new data pattern object (Objects > Custom Objects > Data Patterns).
    Applications
    Specify the applications to include in the filtering rule:
    • Choose
      any
       to apply the filter to all of the listed applications. This selection does not block all possible applications, just the listed ones.
    • Click
      Add
       to specify individual applications.
    File Types
    Specify the file types to include in the filtering rule:
    • Choose
      any
       to apply the filter to all of the listed file types. This selection does not block all possible file types, just the listed ones.
    • Click
      Add
       to specify individual file types.
    Direction
    Specify whether to apply the filter in the upload direction, download direction, or both.
    Alert Threshold
    Specify the number of times the data pattern must be detected in a file to trigger an alert.
    Block Threshold
    Block files that contain at least this many instances of the data pattern.
    Log Severity
    Define the log severity recorded for events that match this data filtering profile rule.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo