On
May 7, 2025,
Palo Alto Networks is introducing new
Evidence Storage and
Syslog Forwarding service IP
addresses to improve performance and expand availability for these services
globally.
| Where Can I Use This? | What Do I Need? |
- NGFW (Managed by Strata Cloud Manager)
- Prisma Access (Managed by Strata Cloud Manager)
Prisma Browser
|
Or any of the following licenses that include the Enterprise DLP license
- Prisma Access CASB license
- Next-Generation
CASB for Prisma Access and NGFW (CASB-X) license
- Data Security license
|
Effective data loss prevention requires continuous adaptation to evolving data
security needs. You can archive and restore your custom Enterprise Data Loss Prevention (E-DLP)
data profiles to eliminate configuration sprawl, reduce administrative overhead,
and maintain an optimized data protection strategy.
Before you can archive a data profile, you must remove the data profile from
all active Security policy rules across inline Enterprise DLP, Email DLP,
Endpoint DLP, Data Security (SaaS API), SaaS Security Inline, Prisma Browser, and Prisma AIRS. If the data profile is
currently in use, Enterprise DLP identifies the active policy rules using the
data profile and provides direct links so you can update them before archiving. Once
archived, the data profile can't be referenced in any new Security policy rule
across any product unless you restore it. You can't archive predefined data
profiles. Archiving a data profile doesn't affect historical data logs or past
enforcement actions.
You can restore an archived data profile to return it to active status and
make it available for policy configuration again. During restoration, you must
provide a unique name if the original data profile name is already in use.
Enterprise DLP generates an
audit log when you archive or
restore a data profile. The audit log captures the user who performed the action,
the affected data profile, and the timestamp.
Enterprise DLP doesn't support data profile archive and restore, and won't
display the Archive and Restore
buttons, if your tenant has a Panorama® management server associated with it even if
you manage your Enterprise DLP explicitly from Strata Cloud Manager.
Archive a Data Profile
Archive a custom Enterprise Data Loss Prevention (E-DLP) data profile that is no longer
required.
Log in to
Strata Cloud Manager.
Create a data profile if you don't
already have a custom data profile to archive.
Enterprise DLP doesn't support archiving a predefined data profile.
Select .
(
Optional) In the
Active data profiles, apply
any filters or search for the data profile you want to archive.
Expand the
Action menu and
Archive the data profile.
You can archive one data profile at a time.
Resolve any data profile in-use errors preventing archival.
Skip this step and confirm the archival if the data profile you selected
isn't in use and there are no errors to resolve.
Enterprise DLP prompts you if the data profile you want to archive is
currently referenced in one or more active Security policy rules or by other
custom data profiles (nested or granular). Enterprise DLP provides
hyperlinks to the Security policy rules so you can quickly update them as
needed.
After removing the data profile from all active Security policy rules and
resolving any nested data profile dependencies, select and expand the Action menu to
Archive the data profile.
You're prompted to confirm archiving the data profile. Click
Archive to confirm.
It can take up to 10 minutes for the archived status to take effect in
profile group menus (). During this time, the archived data profile might still
appear as an available selection in the Data Loss Prevention
Profile dropdown when you configure a profile group.
Enterprise DLP confirms that it successfully archived the data profile.
Click Archived to view the list of archived data
profiles.
Restore a Data Profile
Restore an archived Enterprise Data Loss Prevention (E-DLP) data profile to return it to active
status.
Log in to
Strata Cloud Manager.
Archive a custom data profile.
Select and select
Archived.
(
Optional) Apply any filters or search for the data profile you want
to restore.
Locate the data profile you want to restore and expand the
Action menu to
Restore the
data profile.
You can restore one data profile at a time.
You're prompted to confirm restoring the data profile. Click
Restore to confirm.
Enterprise DLP confirms that it successfully restored the data profile.
View your
Active data profiles and verify that
Enterprise DLP successfully restored the data profile.
Remove any search terms if you filtered your
Archived data profiles using a search
filter.