>
    Strata Copilot
    Archive and Restore a Data Profile
    Focus
    Download PDF
    Focus
    1. Home
    2. Enterprise DLP
    3. Administration
    4. Configure Enterprise DLP
    5. Data Profiles
    6. Archive and Restore a Data Profile
    Download PDF
    Enterprise DLP

    Archive and Restore a Data Profile

    Table of Contents

    Archive and Restore a Data Profile

    Archive and restore your custom Enterprise Data Loss Prevention (E-DLP) data profiles to reduce configuration sprawl.
    On May 7, 2025, Palo Alto Networks is introducing new Evidence Storage and Syslog Forwarding service IP addresses to improve performance and expand availability for these services globally.
    You must allow these new service IP addresses on your network to avoid disruptions for these services. Review the Enterprise DLP Release Notes for more information.
    Where Can I Use This?What Do I Need?
    • NGFW (Managed by Panorama or Strata Cloud Manager)
    • Prisma Access (Managed by Panorama or Strata Cloud Manager)
    • Prisma Browser
    • Enterprise Data Loss Prevention (E-DLP) license
      Review the Supported Platforms for details on the required license for each enforcement point.
    Or any of the following licenses that include the Enterprise DLP license
    • Prisma Access CASB license
    • Next-Generation CASB for Prisma Access and NGFW (CASB-X) license
    • Data Security license
    Effective data loss prevention requires continuous adaptation to evolving data security needs. You can archive and restore your custom Enterprise Data Loss Prevention (E-DLP) data profiles to eliminate configuration sprawl, reduce administrative overhead, and maintain an optimized data protection strategy.
    Before you can archive a data profile, you must remove the data profile from all active Security policy rules across all Enterprise DLP including Email DLP, Endpoint DLP, Data Security (SaaS API), SaaS Security Inline, and Prisma Browser. If the data profile is currently in use, Enterprise DLP identifies the active policy rules using the data profile and provides direct links so you can update them before archiving. Once archived, the data profile can't be referenced in any new Security policy rule across any product unless you restore it. You can't archive predefined data profiles. Archiving a data profile doesn't affect historical data logs or past enforcement actions.
    You can restore an archived data profile to return it to active status and make it available for policy configuration again. During restoration, you must provide a unique name if the original data profile name is already in use.
    Enterprise DLP generates an audit log when you archive or restore a data profile. The audit log captures the user who performed the action, the affected data profile, and the timestamp.
    Enterprise DLP doesn't support data profile archive, restore, or rename if your Customer Support Portal (CSP) tenant has a Panorama® management server associated with it even if you manage your Enterprise DLP explicitly from Strata Cloud Manager.

    Archive a Data Profile

    Archive a custom Enterprise Data Loss Prevention (E-DLP) data profile that is no longer required.
    1. Log in to Strata Cloud Manager.
    2. Create a data profile if you don't already have a custom data profile to archive.
      Enterprise DLP doesn't support archiving a predefined data profile.
    3. Select ConfigurationData Loss PreventionData Profiles.
    4. (Optional) In the Active data profiles, apply any filters or search for the data profile you want to archive.
    5. Expand the Action menu and Archive a data profile.
      You can archive one data profile at a time.
    6. Resolve any data profile in-use errors preventing archival.
      Skip this step and confirm the archival if the data profile you selected isn't in use and there are no errors to resolve.
      Enterprise DLP prompts you if the data profile you want to archive is currently referenced in one or more active Security policy rules. Enterprise DLP provides hyperlinks to the Security policy rules so you can quickly update them as needed.
      After removing the data profile from all active Security policy rules, select ConfigurationData Loss PreventionData Profiles and expand the Action menu to Archive the data profile.
    7. You're prompted to confirm archiving the data profile. Click Archive to confirm.
      Archiving the data profile doesn't impact existing DLP incidents or audit logs.
      It can take up to 10 minutes for the archived status to take effect in profile group menus (ConfigurationNGFW and Prisma AccessSecurity ServicesProfile Groups). During this time, the archived data profile might still appear as an available selection in the Data Loss Prevention Profile dropdown when you configure a profile group.
    8. Enterprise DLP displays when it successfully archived the data pattern in the upper right-hand corner.
    9. Click Archived to view the list of archived data profiles.

    Restore a Data Profile

    Restore an archived Enterprise Data Loss Prevention (E-DLP) data profile to return it to active status.
    1. Log in to Strata Cloud Manager.
    2. Archive a custom data profile.
    3. Select ConfigurationData Loss PreventionData Profiles and select Archived.
    4. (Optional) Apply any filters or search for the data profile you want to restore.
    5. Locate the data profile you want to restore and expand the Actions settings to Restore the data profile.
      Enterprise DLP supports restoring one data profile at a time. You can't restore multiple data profiles at once.
    6. You're prompted to confirm restoring the data profile. Click Restore to confirm.
    7. Enterprise DLP displays when it successfully archived the data pattern in the upper right-hand corner.
    8. View your Active data profiles and verify that Enterprise DLP successfully restored the data profile.
      Remove any search terms if you filtered your Archived data profiles using a search filter.

    © 2026 Palo Alto Networks, Inc. All rights reserved.