Enterprise DLP
Data Dictionaries
Table of Contents
Data Dictionaries
Data dictionaries allow you to add proximity keywords to advanced Enterprise Data Loss Prevention (E-DLP) data profiles to more accurately identify and prevent sensitive
data exfiltration.
On May 7, 2025, Palo Alto Networks is introducing new Evidence Storage and Syslog Forwarding service IP
addresses to improve performance and expand availability for these services
globally.
You must allow these new service IP addresses on your network
to avoid disruptions for these services. Review the Enterprise DLP
Release Notes for more
information.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
Or any of the following licenses that include the Enterprise DLP license
|
Data dictionaries are a collection of one or more keywords or phrases that you want
to detect and prevent exfilitration. A data dictionary is added as a match criteria
alongside the other supported match criteria in advanced and nested data profiles to increase
the Enterprise Data Loss Prevention (E-DLP) detection accuracy.
You can add multiple data dictionaries to a single data profile. For example, you
create an advanced data profile with the OR condition and
multiple match criteria Groups. You can add a unique data
dictionary for each match criteria group to ensure high detection accuracy for each
OR match criteria conditions.
Review the requirements to upload a data dictionary to Enterprise DLP:
- Up to 100 custom dictionaries are supported per tenant
- Only .csv and .txt file types are supported.
- Files up to 1 MB are supported.
- Maximum of 200 words per custom dictionary
- Maximum of 128 characters and minimum of 3 characters per word
- Files containing double byte characters, for example Chinese Japanese, and Korean, are supported
Add a Data Dictionary
Add a new data dictionary to Enterprise Data Loss Prevention (E-DLP)
- Log in to Strata Cloud Manager.Select and Add Custom Dictionary.Enter a descriptive Name for the data dictionary.The data dictionary must have a unique name. The upload fails if a data dictionary with an identical name already exits.Special characters are not supported.(Optional) Enter a Description for the data dictionary.Enterprise DLP doesn't support special characters in the data dictionary description.Select the data dictionary Category.Enterprise DLP uses the data dictionary category to group together similar types of data dictionaries for administrative purposes.You can specify one of the following predefined categories—Academia, Confidential, Employment, Financial, Government, Healthcare, Legal, Marketing, or Source Code.Specify whether proximity keywords are Case Sensitive.This settings instructs Enterprise DLP to treat uppercase and lowercase letters for all proximity keywords in the data dictionary as distinct (case sensitive) if enabled or as equivalent (case insensitive) if disabled.In the Keywords section, drag and drop the data dictionary file or Browse Files to navigate to and select the data dictionary file.Only one data dictionary file can be uploaded at a time. Upload will fail if you attempt to upload multiple data dictionaries at one time.Create the new data dictionary.
Update a Data Dictionary
Update the settings and proximity keywords in an existing data dictionary.- Log in to Strata Cloud Manager.Select .Locate the data dictionary you want to update and expand the Actions menu to Edit the data dictionary. You can apply filters as needed or search for the data dictionary name.
![]()
Edit the General Information as needed.Enterprise DLP doesn't support editing the data dictionary name.Update the proximity keywords.You can update the proximity keywords associated with the data dictionary in one of two ways.- Upload a New List of Proximity KeywordsDrag and drop or click Browse Files to upload a data dictionary with new proximity keywords. The file you upload doesn't have to have the same name as the original one you uploaded.
Update the data dictionary with your changes.Delete a Data Dictionary
Delete a data dictionary from Enterprise Data Loss Prevention (E-DLP).- Log in to Strata Cloud Manager.Select .Locate the data dictionary you want to update and expand the Actions menu to Edit the data dictionary. You can apply filters as needed or search for the data dictionary name.
![]()
You are prompted to confirm you want to delete the data dictionary. Click Delete Dictionary to confirm permanently deleting the data dictionary from Enterprise DLP.You can't delete a data dictionary if it's currently included in a data profile. Enterprise DLP displays the data profiles currently referencing the data dictionary you want to delete.![]()
Select to update the listed data profiles. Try deleting the data dictionary again after you've removed the data dictionary from the listed data profiles.Enterprise DLP displays a success message in the upper-right corner when the data dictionary was deleted.![]()
