DLP on Prisma Access

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Community Team Member

Data Loss Prevention (DLP) on Prisma Access

 
DLP on Prisma Access is a cloud-based service that uses supervised machine learning algorithms to sort sensitive documents into Financial, Legal, Healthcare, and other categories for document classification to guard against exposures, data loss and data exfiltration. These patterns can identify the sensitive information in your cloud apps and protect them from exposure.
 
While the Prisma Access DLP enhancements resemble the Data Filtering implementation that you use with next-generation firewalls or with Panorama appliances, be sure to follow the steps in "DLP on Prisma Access" to implement DLP with Prisma Access; the configuration tasks are different.
 

DLP on Prisma Access allows you to protect sensitive file data in the following ways:

  • Prevent file uploads from leaking to unsanctioned web applications. Discover and conditionally stop sensitive data from being leaked to untrusted web applications.
  • Monitor uploads to sanctioned web applications. Discover and monitor sensitive data when it is uploaded to sanctioned corporate apps.
     

To help you inspect content and analyze the data in the correct context so you can accurately identify what is sensitive data and secure it to prevent incidents, enhanced DLP on Prisma Access is enabled through a cloud service. Enhanced DLP offers over 250 data patterns and many predefined data filtering profiles, and it is designed to automatically make new patterns and profiles available to you to use in Data Filtering policies, as soon as they are added to the cloud service.
 
Create Data Patterns – Help you detect sensitive content and how that content is being shared or accessed on your network.
Create Data Filtering Profiles – Power the data classification and monitoring capabilities available on Prisma Access to prevent data loss and mitigate business risk.
 
The data patterns and data filtering profiles are designed to work across Prisma SaaS and Prisma Access to provide consistent data security at all locations—either in the cloud or across various enforcement points in the SaaS applications, remote networks, and mobile users. When you create a new data pattern or data filtering profile on Prisma Access, it becomes available for enforcement on Prisma SaaS so that you can identify and protect data uniformly across connected applications.

 

To improve detection accuracy and reduce false positives, you can also specify:
  • Proximity keywords
  • Confidence levels
  • Basic and weighted regular expressions 

 

Check out all the details of Enhanced DLP

 

The following matrix displays what’s supported with DLP on Prisma Access :

 
WEB APPLICATION
PDF
DOC/DOCX
PPT/PPTX
XLS/XLSX
RTF
CSV
MULTI-FILE UPLOADS
FILE SIZE
Web browsing
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
Onedrive Web App
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
Sharepoint Web App
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
Gmail Web App
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
Box Web App
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
Slack Web App
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB

 

Additional Information

Register and Activate DLP on Prisma Access

Enable DLP on Prisma Access

View DLP Logs and File Snippets

Introducing Prisma Access Release 1.6

 

 

 

Thanks for taking time to read the blog.

If you enjoyed this, please hit the Like (thumbs up) button, don't forget to subscribe to the LIVEcommunity Blog.

 

Stay Secure,
Kiwi out!

2 Comments
L0 Member

Which are the dependencies or prerequisites with this subscription? If one would like to run Enterprise DLP on the firewall, what is needed?

Community Team Member

Hi @KlausGroeger ,

 

 

Here you will find the minimum content version required and pre-checks to make sure that your environment is ready to request Enterprise DLP on Prisma Access:

https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/data-loss-preven...

 

Alternatively you might want to look into Data Filtering Profiles to prevent sensitive, confidential, and proprietary information from leaving your network. 

 
  • 7093 Views
  • 2 comments
  • 2 Likes
Register or Sign-in
Labels
Top Liked Authors