>
    Strata Copilot
    What's Supported with Enterprise DLP?
    Focus
    Download PDF
    Focus
    1. Home
    2. Enterprise DLP
    3. What's Supported with Enterprise DLP?
    Download PDF
    Enterprise DLP

    What's Supported with Enterprise DLP?

    Table of Contents

    What's Supported with Enterprise DLP?

    Learn about the supported applications, file types, detection methods, and platform requirements for Enterprise Data Loss Prevention (E-DLP).
    On May 7, 2025, Palo Alto Networks is introducing new Evidence Storage and Syslog Forwarding service IP addresses to improve performance and expand availability for these services globally.
    You must allow these new service IP addresses on your network to avoid disruptions for these services. Review the Enterprise DLP Release Notes for more information.
    Where Can I Use This?What Do I Need?
    • NGFW (Managed by Panorama or Strata Cloud Manager)
    • Prisma Access (Managed by Panorama or Strata Cloud Manager)
    • Prisma Browser
    • Enterprise Data Loss Prevention (E-DLP) license
      Review the Supported Platforms for details on the required license for each enforcement point.
    Or any of the following licenses that include the Enterprise DLP license
    • Prisma Access CASB license
    • Next-Generation CASB for Prisma Access and NGFW (CASB-X) license
    • Data Security license
    Review the reference topics below to confirm which products, apps, file formats, and detection methods Enterprise Data Loss Prevention (E-DLP) supports in your deployment.

    Platforms and Apps

    • Platform Support—Products and management interfaces that support Enterprise DLP, including minimum version requirements.
    • Supported Apps—Web apps that Enterprise DLP can inspect for sensitive data, with inspection types, direction, file size limits, and minimum version requirements.
    • Supported GenAI Apps—Generative AI apps (GenAI) that Enterprise DLP can inspect, including supported actions and directions for each app.

    File and Content Support

    • Supported File Types—File formats and extensions that Enterprise DLP can parse and extract content from for deep inspection. When you modify a DLP rule and select specific file types to include or exclude, you are choosing from this list.
    • Supported File Signatures—File formats that Enterprise DLP can identify by binary signature (Magic Bytes), independent of file extension using a file property data pattern. This prevents users from bypassing inspection by renaming file extensions.
    • Supported Encoding Schemas—Character encodings that Enterprise DLP can decode during content inspection, such as Base64, UTF-8, and Shift_JIS.
    • Non-File Based Traffic—How Enterprise DLP inspects non-file content such as clipboard paste, form submissions, and chat messages.

    Detection, Features, and Languages

    • Supported Detection Methods—Match criteria techniques that Enterprise DLP uses to identify sensitive data, including data patterns, document types, Optical Character Recognition (OCR), and exact data matching.
    • Supported Features—Full feature matrix showing which Enterprise DLP capabilities are available on each management platform and FedRAMP environment.
    • Supported Languages—Natural languages that Enterprise DLP data patterns can detect sensitive data in.

    © 2026 Palo Alto Networks, Inc. All rights reserved.