Support for New Predefined Data Filtering Patterns
To enable compliance for standards such as
HIPAA, GDPR, Gramm-Leach-Bliley Act, the firewall now supports 19
new predefined data filtering patterns that
help prevent the loss of sensitive information and records. These
new patterns also support checksum validation algorithms to ensure
that data patterns are matched correctly and help significantly
reduce the possibility of false positives. The new data filtering
patterns included in PAN-OS 9.0.0 are:
Number—The American Banking Association Routing Number.
CUSIP Identification Number—Committee on Uniform Security
Identification Procedures Identification Number
DEA Registration Number—U.S. Drug Enforcement Administration
INSEE Identification Number—French National Institute of
Statistics and Economic Studies identification number
Codice Fiscale Identification Number—Italian Fiscal Tax Code
Card Identification Number
DNI Identification Number—Spanish Documento nacional de identidad
Identification Number number
NIF Identification Number—Spanish Tax Identification Number
AHV Identification Number—Swiss Alters und Hinterlassenenversicherungsnummer
NHI Identification Number—New Zealand National Health Index
IRD Identification Number—New Zealand Internal Revenue Department
MyNumber Identification Number—Japanese Social Security and
Tax Number System Identification Number
CorporateNumber Identification Number—Japanese National Tax
Agency Corporate Number
PRC Identification Number—People's Republic of China Resident
HK Identification Number—Hong Kong Residents Identification
Permanent Account Identification Number—India Permanent Account
Number of Indian nationals.
PRN Identification Number—Republic of South Korea Resident Registration
NRIC Identification Number—Singapore National Registration
Identity Card Identification Number
MyKad Identification Number—Malaysia MyKad Identity Card
RRN Identification Number—Republic of South Korea Resident
NIN Identification Number—Taiwan Identification Card Number
Define a new data pattern object
to detect the information you want to filter.
Provide a descriptive
the new object.
a new rule to
the data pattern object.
Select the data patterns that you want to monitor
on your network, specify the file types in which to look for these
to save the data pattern.
By default, the firewall matches the patterns against all
the supported file types.
See Set up data filtering to
add the data pattern object to a data filtering profile, and use
the settings to inspect traffic on your network.