Upload an Encrypted EDM Data Set to Enterprise DLP Using a Configuration File
Use the Exact Data Matching (EDM) CLI application to upload an encrypted hash EDM data
set in CSV or TSV format using a configuration file.
On May 7, 2025, Palo Alto Networks is introducing new Evidence Storage and Syslog Forwarding service IP
addresses to improve performance and expand availability for these services
globally.
You must allow these new service IP addresses on your network
to avoid disruptions for these services. Review the Enterprise DLPRelease Notes for more
information.
Where Can I Use This?
What Do I Need?
NGFW (Managed by Panorama or Strata Cloud Manager)
Prisma Access (Managed by Panorama or Strata Cloud Manager)
Enterprise Data Loss Prevention (E-DLP) license
Review the Supported
Platforms for details on the required license
for each enforcement point.
Or any of the following licenses that include the Enterprise DLP license
Prisma Access CASB license
Next-Generation
CASB for Prisma Access and NGFW (CASB-X) license
Data Security license
You can use the Exact Data Matching (EDM) CLI app using a configuration file to
create and upload an encrypted EDM data set as two individual jobs or create and upload
an encrypted EDM data set in a single job.
To ensure General Data Protection Regulation (GDPR) compliance, the EDM CLI app hashes
and encrypts EDM data sets before upload to the Enterprise DLPEDM data set storage bucket. The EDM CLI app
first hashes the data set using the SHA256 hash function when you initiate an EDM data
set upload. The EDM CLI app then encrypts the EDM data set using AES Symmetric
encryption before beginning the EDM data set upload to the Enterprise DLP EDM data
set storage bucket. The raw data in your EDM data sets never leave your organization's
network, and Enterprise DLP does not store or have access to the raw EDM data set
data. Enterprise DLP stores only hashed and encrypted EDM data set data in the EDM
data set storage bucket. Review the Enterprise DLPPrivacy Datasheet for more information about
how Enterprise DLP captures, processes, and stores personal information.