- Objects > Custom Objects > Data Patterns
- Objects > Custom Objects > Data Patterns
- Table of Contents
- Syslog Filters
- URL Filtering Overrides
Objects > Custom Objects > Data PatternsThis may include a slight change in your sign in process. Please contact community paloaltonetworks. The second part of the document contains examples on how to migrate from Symantec Web Filter categories to PAN-DB categories and how to use them in the security policies of the next-generation firewall. There is no one-to-one mapping for this category. If you find that users need access to sites in the blocked categories, consider creating an allow list for just the specific sites if you feel the risk is justified. Allowing traffic to a recommended block category poses the following risks:. May also exhibit Exploit Kits. Also, dynamic DNS domains do not go through the same vetting process as domains that are registered by a reputable domain registration company and are, therefore, less trustworthy. This category was introduced to enable adherence to child protection laws required in the education industry as well as laws in countries that require internet providers to prevent users from sharing copyrighted material through their service. This category was introduced to enable adherence to child protection laws required in the education industry. These domains may be similar to legitimate domains. For example, pal0alto0netw0rks. Or, they may be domains that an individual purchases rights in hopes that it may be valuable someday, such as panw. Understand local laws and regulations about the traffic you can legally decrypt and user notification requirements. Please see documentation for SSL Decryption deployment and pre-requisites. The below steps describe Decryption policy definitions only. All other traffic will be decrypted. This dynamic list of URLs has to be continuously updated in policy and blocked by Palo Alto Networks next generation firewall without any manual intervention. Unlike the allow list, block list, or a custom URL category on the firewall, an external dynamic list gives you the ability to update the list without a configuration change or commit on the firewall. With this Security Policy in place, any user attempting to connect to websites part of the URL feed will be blocked. This URL list is dynamically updated by the firewall without any commit required by the administrator. Turn on suggestions. Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type. Showing results for. Search instead for. Did you mean:. Get Started Welcome to Live. Community Feedback. Events Ignite Conference. Technology Events. Articles General Articles. Discussions General Topics. Custom Signatures. Endpoint Traps Discussions. VM-Series in the Public Cloud. Prisma Access Discussions. Prisma Cloud Discussions. Prisma SaaS Discussions. GlobalProtect Discussions.
Objects > Custom Objects > Data Patterns
EN Location. Download PDF. Last Updated:. Current Version:. Set Up Data Filtering. Use the following workflow to configure a Data Filtering profile. This example shows a Data Filtering profile for detecting Social Security Numbers and a custom pattern in. Create a Data Filtering security profile. Select Objects. Enter a Name. Optional If you want to collect data that is blocked by the filter, select the Data Capture. You must set a password as described in the following step if you are using the data capture feature. Optional Secure access to the data filtering logs to prevent other administrators from viewing sensitive data. When you enable this option, you will be prompted for the password when you view logs in Monitor. Select Device. Click Manage Data Protection. Set the password that will be required to view the data filtering logs. Define the data pattern that will be used in the Data Filtering Profile. In this example, we will use the keyword confidential. It is helpful to set the appropriate thresholds and define keywords within documents to reduce false positives. From the Data Filtering Profile page click Add. In the Weight. Optional You can also set Custom Patterns. Specify which applications to filter and set the file types. Set Applications. Set File Types. Specify the direction of traffic to filter and the threshold values. Set the Direction. Set the Alert Threshold. Set the Block Threshold. Attach the Data Filtering profile to the security rule. Select Policies. Click the security policy rule to modify it and then click the Actions. Test the data filtering configuration. If you have problems getting Data Filtering to work, you can check the Data Filtering log or the Traffic log to verify the application that you are testing with and make sure your test document has the appropriate number of unique Social Security Number instances. For example, an application such as Microsoft Outlook Web App may seem to be identified as web-browsing, but if you look at the logs, the application is outlook-web. When testing, you must use real Social Security Numbers and each number must be unique. Also, when defining Custom Patterns as we did in this example with the word confidential.
Table of Contents
EN Location. Download PDF. Last Updated:. Current Version:. Syntax for Regular Expression Data Patterns. When you create a regular expression data pattern, the following general requirements apply:. The pattern must have a string of at least 7 bytes with fixed values. The 7 bytes cannot contain a period. When you require that values be case-sensitive, define patterns for all possible strings to match all variations of a term. Pattern Rules Syntax. Match any single character. Match the preceding character or expression 0 or 1 time. You must include the general expression inside parentheses. Match the preceding character or expression 0 or more times. Match the preceding character or regular expression one or more times. You must include alternative substrings in parentheses. Example: [c-z] matches any character between c and z inclusive. Match any specified character. Example: [abz] matches any of the characters a, b, or z. Match any character except those specified. Match a string that contains minimum and maximum. You must specify this directly in front of a fixed string and you can use only hyphens. Perform a literal match on any character above. Recommended videos not found. All rights reserved. Example: abc? Specify a range.