On the Panorama management server, edits made to an existing data filtering profile (ObjectsDLPData Filtering Profiles can result in matching traffic not being detected by Enterprise DLP.

On the firewall CLI, the ctd_wif_forward_abort counter may increase when the firewall is under load and uploading files to the DLP cloud service. There is no impact to Enterprise DLP functionality.

On the Panorama management server, the web interface becomes unresponsive when editing large data profiles (ObjectsDLPData Filtering Profiles).

On the Panorama management server, the Enterprise DLP plugin fails to complete post commit tasks and causes all commits (CommitCommit to Panorama) to get stuck at 99%.

The Panorama management server is unable to a generate report if a data filtering log (MonitorLogsData Filtering) with Report ID of 0 for a DLP incident. A DLP Incident has a Report ID of 0 if the DLP cloud service was unable to scan the file.

The Panorama management server is unable to synchronize new data profiles (ObjectsDLPData Filtering Profiles) from the DLP cloud service.

On the Panorama management server, the list of predefined URL categories are not displayed for a data profile configured for non-file inspection (ObjectsDLPData Filtering Profiles<select a data profile>URL Category List Excluded From).

On the Panorama management server, Enterprise Data Loss Prevention (E-DLP) allows you to create multiple data filtering profiles (ObjectsDLPData Filtering Profiles) with the same Name.

On the Panorama management server, an outdated default DLP block response page is displayed when traffic matches a data filtering profile with the Action set to Block when leveraging Enterprise DLP.

The DLP plugin install or uninstall fails if the local administrator account does not exist.

Renaming an existing data profile on the DLP app on the hub creates an entirely new data filtering profile (ObjectsDLPData Filtering Profiles) on the Panorama management server.

Creating a new data profile from the Panorama management server CLI fails.

Workaround: Create a new data profile from the Panorama web interface.

On the Panorama management server, the Secondary Pattern for a data filtering profile (ObjectsDLPData Filtering Profiles) is not displayed for the data filtering profile is successfully created and pushed to managed firewalls.

Firewalls leveraging Enterprise Data Loss Prevention (DLP) do not display the Enterprise DLP data filtering profiles (ObjectsDLPData Filtering Profiles) or Enterprise DLP Settings (DeviceSetupDLP), and cannot be overridden locally on the firewall.

On the Panorama management server, you cannot create an admin role (PanoramaAdmin Roles) to control access to Enterprise Data Loss Prevention (DLP) filtering settings and snippet configuration (DeviceSetupDLP).

On the Panorama management server, the on device help for data filtering profiles (ObjectsDLPData Filtering ProfilesAdd) and data filtering patterns ObjectsDLPData Filtering PatternsAdd) do not display correctly.

Firewalls leveraging Enterprise Data Loss Prevention (DLP) do not display the on-device Help for the DLP Settings (DeviceSetupDLP).

Enterprise Data Loss Prevention (DLP) data profile Thread ID/Name filter is not available when you configure a custom report (ManageManage Custom Reports) on the Panorama management server or locally on a firewall leveraging Enterprise DLP.

On the Panorama management server, custom data profiles (ObjectsDLPData Filtering Profiles) are not synchronized to the DLP cloud service if you have an active CASB-X license. This prevents you being able to associate the data profile with a Security policy rule and displays the error Data Profile does not exist.

Workaround: Contact Palo Alto Networks Support to restore synchronization functionality between the DLP cloud service and Panorama.