Enterprise Data Loss Prevention (E-DLP) Integration with Cloud NGFW for AWS
Table of Contents
Expand all | Collapse all
-
- About Cloud NGFW for AWS
- Getting Started from the AWS Marketplace
- Register Your Cloud NGFW Tenant with a Palo Alto Networks Support Account
- Cloud NGFW for AWS Pricing
- Cloud NGFW Credit Distribution and Management
- Link Your PAYG Account with Cloud NGFW Credits
- Cloud NGFW for AWS Free Trial
- Cloud NGFW for AWS Limits and Quotas
- Subscribe to Cloud NGFW for AWS
- Locate Your Cloud NGFW for AWS Serial Number
- Cross-Account Role CFT Permissions for Cloud NGFW
- Invite Users to Cloud NGFW for AWS
- Manage Cloud NGFW for AWS Users
- Deploy Cloud NGFW for AWS with the AWS Firewall Manager
- Enable Programmatic Access
- Terraform Support for Cloud NGFW AWS
- Provision Cloud NGFW Resources to your AWS CFT
- Configure Automated Account Onboarding
- Usage Explorer
- Create a Support Case
-
-
- Prepare for Panorama Integration
- Link the Cloud NGFW to Palo Alto Networks Management
- Unlink the Cloud NGFW from Palo Alto Networks Management
- Associate a Linked Panorama to the Cloud NGFW Resource
- Use Panorama for Cloud NGFW Policy Management
- View Cloud NGFW Logs and Activity in Panorama
- View Cloud NGFW Logs in Strata Logging Service
- Tag Based Policies
- Enterprise Data Loss Prevention (E-DLP) Integration with Cloud NGFW for AWS
-
- Strata Cloud Manager Policy Management
Enterprise Data Loss Prevention (E-DLP) Integration with Cloud NGFW for AWS
Enterprise Data Loss Prevention (E-DLP) is a set of tools and processes that
allow you to protect sensitive information against unauthorized access, misuse,
extraction, or sharing. For more information, see About Enterprise DLP.
You can integrate E-DLP with Cloud NGFW for AWS and use the Panorama console
to add data filtering profiles to your Security
Policy rules.
Minimum Requirements for E-DLP Integration
The following are the combination of Panorama and Panorama plugin version
requirements to integrate E-DLP with your Cloud NGFW service:
Panorama Version (PAN-OS) | DLP Plugin | AWS Plugin |
---|---|---|
10.0.2 and above | 1.0.9 | 5.2.0 |
10.2.4 and above | 3.0.7 | 5.2.0 |
11.0.2 and above | 4.0.3 | 5.2.0 |
11.1.0 and above | 5.0.1 | 5.2.0 |
Provisioning New E-DLP Tenant on Cloud NGFW for AWS
If you have an existing DLP tenant on your Customer Support Portal (CSP)
account that is provisioned in Panorama, the Cloud NGFW service will use that DLP
tenant to integrate DLP with Cloud NGFW.
If you do not have a DLP tenant on your customer support portal account,
then the Cloud NGFW service will create a new DLP tenant.
The following are the steps to enable a new DLP tenant on Cloud NGFW
console:
- Log in to the Cloud NGFW console.
- SelectIntegrations.TheIntegrationspage displays information about the currently linked Panorama.
- In the Security Service column, clickCheck Details.You can also clickLink IDof a linked Panorama, and then clickCheck Details.
- On theSecurity Servicespanel, clickData Loss Prevention (DLP)toggle.
- Select the check box to accept theEnd User License Agreement, and then clickEnable.Review theAction Requiredon the linked Panorama.
- Ensure that the linked Panorama meets minimum system requirements to integrate DLP with your Cloud NGFW service.After you install the required AWS and DLP plugin on your Panorama, the DLP tenant on a Cloud NGFW console gets enabled.On the Cloud NGFW console, go to theIntegrationspage, select linked Panorama, and then clickCheck Detailsunder theSecurity Servicescolumn.You can now see the enabledData Loss Prevention (DLP).After you enable the DLP tenant on the Cloud NGFW console successfully, firewalls associated with the linked Panorama can start using the DLP services.You can add a DLP filtering profile to yourSecurity Policy Rulefor your firewall in Panorama.In theSecurity Policy Rulescreen, go to theActionstab, and then select the action to take (for example, allow or deny).Determine theProfile Setting.Select aDLP data filtering profile.Configure theLog Settingand other settings.For more information, see Use Panorama for Cloud NGFW Policy Management.After pushing the Security policy rule to your firewall, you can view existing Data Filtering Profiles and Data Filtering Patterns that you can use for your DLP tenant.
Monitoring DLP Log Details
To view your DLP logs in Panorama, click the
Monitor
tab, and then go to
Logs
> Data Filtering
. For more information, see View Enterprise DLP Log Details on
Panorama.To view your CDL logs for DLP, go to the
Explore
tab, and select the
Firewall or File
option. For more information, see View Log Details on CDL.To view your DLP tenant incidents logs on SCM, see View Enterprise DLP Log Details on Strata Cloud
Manager.
For more information on AWS destinations on DLP logs, see Amazon CloudWatch Logs.