Administration
  • Administration
  • Enterprise DLP Documentation
  • All Documentation
>
Data Dictionaries
Focus
Download PDF
Focus
  1. Home
  2. Enterprise DLP
  3. Configure Enterprise DLP
  4. Data Dictionaries
Download PDF
Enterprise DLP

Data Dictionaries

Table of Contents

Data Dictionaries

Data dictionaries allow you to add proximity keywords to advanced Enterprise Data Loss Prevention (E-DLP) data profiles to more accurately identify and prevent sensitive data exfiltration.
Where Can I Use This?What Do I Need?
  • NGFW (Managed by Panorama or Strata Cloud Manager)
  • Prisma Access (Managed by Panorama or Strata Cloud Manager)
  • Enterprise Data Loss Prevention (E-DLP) license
    Review the Supported Platforms for details on the required license for each enforcement point.
Or any of the following licenses that include the Enterprise DLP license
  • Prisma Access CASB license
  • Next-Generation CASB for Prisma Access and NGFW (CASB-X) license
  • Data Security license
Data dictionaries are a collection of one or more keywords or phrases that you want to detect and prevent exfilitration. A data dictionary is added as a match criteria alongside the other supported match criteria in advanced and nested data profiles to increase the Enterprise Data Loss Prevention (E-DLP) detection accuracy.
You can add multiple data dictionaries to a single data profile. For example, you create an advanced data profile with the OR condition and multiple match criteria Groups. You can add a unique data dictionary for each match criteria group to ensure high detection accuracy for each OR match criteria conditions.
Review the requirements to upload a data dictionary to Enterprise DLP:
  • Up to 100 custom dictionaries are supported per tenant
  • Only .csv and .txt file types are supported.
  • Files up to 1 MB are supported.
  • Maximum of 200 words per custom dictionary
  • Maximum of 128 characters and minimum of 3 characters per word
  • Files containing double byte characters, for example Chinese Japanese, and Korean, are supported
  1. Log in to Strata Cloud Manager.
  2. Select ManageConfigurationData Loss PreventionDetection MethodsData Dictionary and Add Custom Dictionary.
  3. Upload the data dictionary to Enterprise DLP.
    1. Enter a descriptive Name for the data dictionary.
      The data dictionary must have a unique name. The upload fails if a data dictionary with an identical name already exits.
      Special characters are not supported.
    2. (Optional) Enter a Description for the data dictionary.
      Special characters are not supported.
    3. Select the data dictionary Category.
      The data dictionary category is used to group together similar types of data dictionaries for administrative purposes.
      You can specify one of the following predefined categories—Academia, Confidential, Employment, Financial, Government, Healthcare, Legal, Marketing, or Source Code.
    4. Specify whether proximity keywords are Case Sensitive.
      This settings instructs Enterprise DLP to treat uppercase and lowercase letters for all proximity keywords in the data dictionary as distinct (case sensitive) if enabled or as equivalent (case insensitive) if disabled.
    5. In the Keywords section, drag and drop the data dictionary file or Browse Files to navigate to and select the data dictionary file.
      Only one data dictionary file can be uploaded at a time. Upload will fail if you attempt to upload multiple data dictionaries at one time.
    6. Create.
  4. Verify that the data dictionary was successfully uploaded.
  5. Create or modify an advanced or nested to add your data dictionary.
    Data dictionaries compliment the match criteria in your advanced and nested data profiles and increase the likelihood of positive detections.

Technical Documentation

Company

Legal Notices

© 2025 Palo Alto Networks, Inc. All rights reserved.