Create and configure an Enterprise Data Loss Prevention (E-DLP) profile.
Where Can I Use This?
What Do I Need?
NGFW (Managed by Panorama or Strata Cloud Manager)
Prisma Access (Managed by Panorama or Strata Cloud Manager)
Enterprise Data Loss Prevention (E-DLP) license
Review the Supported
Platforms for details on the required license for
each enforcement point.
Or any of the following licenses that include the Enterprise DLP
license
Prisma Access CASB license
Next-Generation
CASB for Prisma Access and NGFW (CASB-X) license
Data Security license
To get started, you’ll first create a data pattern that specifies the information
types and fields that you want the firewall to filter. Then, you attach that pattern to
a data filtering profile, which specifies how you want to enforce the content that the
firewall filters. Add the data filtering profile to a Security policy rule to start
filtering traffic matching the rule.
Enterprise Data Loss Prevention (E-DLP) profiles specify how you want to enforce the sensitive content that you’re
filtering. Predefined data profiles have data
patterns that include industry-standard data identifiers, keywords, and built-in logic
in the form of machine learning, regular expressions, and checksums for legal and
financial data patterns.
Enterprise DLP profiles are active only when they’re attached to a Security policy rule;
they scan traffic that matches the rule. If a user uploads a file that matches a data
pattern, an alert is triggered or the file is blocked (depending on the action you
define in the DLP profile).