- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
05-13-2022 04:24 AM
I am a bit confuse the "Data Filtering" and Enterprise Data Loss Prevention
Is it "Data Filtering" is one of the function under "Threat Prevention Subscriptions"?
Then what is the Enterprise Data Loss Prevention ?
Can I still use the "Data Filtering" without " Enterprise Data Loss Prevention Subscriptions"?
If I purchase " Enterprise Data Loss Prevention Subscriptions", can I used it in PA firewall directly without Panorama?
The main different between "Data Filtering" and Enterprise Data Loss Prevention , is it local based filtering vs cloud analysis based filtering?
When I using Enterprise Data Loss Prevention , will it upload my traffic file to PA-Cloud for analysis?
05-13-2022 03:31 PM
Thank you for the post @JoeKwok
Enterprise DLP is a separate product that goes much beyond traditional Data Filtering profile in Firewall. Enterprise DLP is a cloud based service that can integrate with Firewalls, Prisma Access, Prisma Cloud. What Enterprise DLP is aiming to do is to provide a single DLP platform a across all products/platforms/workloads.
You can configure and run Data Filtering profile on the Firewall without Enterprise DLP. With Enterprise DLP you would gain a benefit of Advanced Data Filtering profile that has pre-defined a huge list of data patterns + all the cloud based analytics, however if you have only Firewall and no other product, then it might be overkill.
Regarding your question whether Data Filtering is a part of Threat Prevention Subscription. All of my production Firewalls are running Threat Prevention, so personally I would not know, however I just looked into one of my lab Firewall that has no Threat Prevention license (only support is activated) and I can configure a Data Filtering profile and pull up all pre-defined Data Patterns, so I do not think that Threat Prevention license is a must to get Data Filtering up and running.
Regarding your question whether Enterprise DLP requires Panorama, the answer is yes, one of the pre-requisite with Enterprise DLP is to have Firewall running at least 10.0.2 and be managed by Panorama.
If you are seriously considering what option to choose, I would recommend to request demo of Enterprise DLP and ideally get a trial to get more hands on test scenarios of data leak to see it is worth to invest.
Kind Regards
Pavel
05-13-2022 03:31 PM
Thank you for the post @JoeKwok
Enterprise DLP is a separate product that goes much beyond traditional Data Filtering profile in Firewall. Enterprise DLP is a cloud based service that can integrate with Firewalls, Prisma Access, Prisma Cloud. What Enterprise DLP is aiming to do is to provide a single DLP platform a across all products/platforms/workloads.
You can configure and run Data Filtering profile on the Firewall without Enterprise DLP. With Enterprise DLP you would gain a benefit of Advanced Data Filtering profile that has pre-defined a huge list of data patterns + all the cloud based analytics, however if you have only Firewall and no other product, then it might be overkill.
Regarding your question whether Data Filtering is a part of Threat Prevention Subscription. All of my production Firewalls are running Threat Prevention, so personally I would not know, however I just looked into one of my lab Firewall that has no Threat Prevention license (only support is activated) and I can configure a Data Filtering profile and pull up all pre-defined Data Patterns, so I do not think that Threat Prevention license is a must to get Data Filtering up and running.
Regarding your question whether Enterprise DLP requires Panorama, the answer is yes, one of the pre-requisite with Enterprise DLP is to have Firewall running at least 10.0.2 and be managed by Panorama.
If you are seriously considering what option to choose, I would recommend to request demo of Enterprise DLP and ideally get a trial to get more hands on test scenarios of data leak to see it is worth to invest.
Kind Regards
Pavel
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!