Creating DLP Content Profiles

This article explains how to create a Content Profile for Cato's DLP service. This profile includes one or more of the DLP Data Types which you can use in an Application Control policy or SaaS Security API Data Protection policy.

Overview

Cato's DLP service uses hundreds of different pre-defined out-of-the-box Data Types to identify sensitive data and content within a traffic flow. There are different categories of pre-defined Data Types and the majority of the categories are for specific countries. This lets you create a granular policy that only applies to the relevant sensitive data.

The DLP service also supports custom data types including User Defined Data Types and Sensitivity Labels. For more about custom data types, see the following articles:

The DLP Content Profile is a global object for the Cato Management Application which includes one or more Data Types.

Summary of Data Categories

This section summarizes the different categories of pre-defined Data Types that you can add to a profile in the Cato Management Application.

  • Document classification

  • Financial data

  • HIPAA - only relevant to the USA

  • Health care

  • Item identifiers - such as postal codes and license keys -

  • Payment Card Industry Data Security Standard (PCI DSS) - credit card data

  • Personally Identifiable Information - PII

  • UK National Health Service

Understanding Machine Learning Classifiers

The pre-defined data types in the DLP service include machine learning (ML) based data classifiers trained to identify different types of sensitive documents. Using an advanced data science similarity model, the ML Classifiers offer better adaptability and accuracy in detecting sensitive data, as they can dynamically learn and evolve with changing data patterns. For example, instead of needing to update a custom data type whenever a medical form is updated, you can use the Records ML Classifier to detect all medical records. The ML Classifiers provide comprehensive detection for categories such as medical records, tax forms, patent documents, resumes, immigration forms, and more. For more about ML Classifiers, see below.

  • ML Classifier data types support English language documents

  • OCR image scanning is not supported for ML Classifier data types

Note

Note: Please contact SaaSecAPI@catonetworks.com or your official Cato reseller for more information about using ML Classifiers for DLP.

OCR Image Scanning for Content Profiles

You can configure a Content Profile so the DLP engine includes image files in content matching for the profile. The engine uses OCR to extract text that appears in image files, and sends the extracted text for content matching. The OCR scanning option appears when configuring a Content Profile.

File Requirements for OCR Scanning

  • Supported image file size for OCR scanning is between 10KB and 20 MB

  • Supported file types include: PNG, JPEG, TIFF, BMP, PNM, WEBP, JPEG2000

  • Supported actions include Upload and Download

    • For PNG and JPEG files, scanning is only supported for the Upload action

  • The OCR engine supports extraction only for English language texts

Creating a Content Profile

Use the DLP Configuration page to create and edit Content Profiles. When you are adding Data Types to a profile, you can filter the types according to a specific country or Universal (for all countries). In addition, you can sort the Data Types in ascending or descending alphabetical order according the the category or name, or according to the country.

When you add multiple Data Types to a profile, select the relationship between them:

  • Any (OR) - Match only one of the Data Types in the profile

  • All (AND) - Match all the Data Types in the profile (otherwise, the rule with this profile is ignored)

A profile can contain up to 20 Data Types.

When you configure a Content Profile, optionally enable OCR scanning for the profile.

DLP_Configuration.png

To create a DLP Content Profile:

  1. From the navigation menu, select Security > DLP Configuration, and select or expand Content Profiles.

  2. Click New.

    The Add Content Profile panel opens.

  3. Create the profile and add the Data Types.

  4. Optionally, select OCR Scan Enabled for the profile.

  5. Click Apply and then click Save.

Showing the Data Types Catalog

The Data Types Catalog page shows all the Data Types that you can add to a profile, and lets you sort the types according to the columns in the page. This let's you research and understand more about specific Data Types that you are using in your organization. The catalog also shows the Threshold for each data type, indicating the minimum number of occurrences to activate the data type. For more about data type thresholds, see Working with Custom Data Types for DLP.

To show the Data Types Catalog:

  • From the navigation menu, select Security > DLP Configuration, and select or expand Data Types Catalog.

Showing the ML Classifiers

The ML Classifiers page shows all the ML Classifiers to you can add to a profile. The page shows the classifiers according to categories, and provides a description for each classifier.

To show the ML Classifiers:

  • From the navigation menu, select Security > DLP Configuration, and select or expand ML Classifiers.

Was this article helpful?

0 comments

Add your comment