Edit the Enterprise DLP Data Filtering Settings on Cloud Management

Launch the Cloud Management Console.
Select
Manage
Configuration
Security Services
Data Loss Prevention
Settings
Data Transfer
and edit the Data Transfer settings.
Edit the File Based Settings.
Specify the
Max Latency (sec)
for a file upload before an action is taken by
Cloud Management
.
For inspection of files greater than 20 MB, Palo Alto Networks recommends setting the max latency to greater than
60
seconds.
Specify the
Action on Max Latency
(
Allow
or
Block
)
Cloud Management
takes if no verdict was received for a file upload due to the upload time exceeding the configured
Max Latency
.
Selecting
Block
applies only to Enterprise DLP data profiles configured to block files. This setting doesn’t impact
Enterprise DLP
data profiles configured to alert when traffic containing sensitive data is scanned.
Specify the
Max File Size (MB)
to enforce the maximum file size for files uploaded to the DLP cloud service for inspection.
Specify the
Action on Max File Size
(
Block
or
Allow
)
Cloud Management
takes if no verdict was received for a file upload due to the file size being larger than the configured
Max File Size
.
Selecting
Block
applies only to Enterprise DLP data profiles configured to block files. This setting doesn’t impact
Enterprise DLP
data filtering profiles configured to alert when traffic containing sensitive data is scanned.
Check (enable)
Log Files Not Scanned
to generate an alert in the DLP incident when a file can’t be scanned to the DLP cloud service.
Save
.
Edit the Non-File Based Settings.
Enable non-file based DLP
.
Enable this setting to prevent exfiltration of sensitive data in non-file format traffic for collaboration applications, web forms, cloud and SaaS applications, and social media on your network
Specify the
Max Latency (sec)
to configure the allowable time for a non-file data uploads to determine the allowable time before an action is taken by
Cloud Management
.
Specify the
Action on Max Latency
(
Allow
or
Block
)
Cloud Management
takes if no verdict was received for a non-file traffic data upload due to the upload time exceeding the configured
Max Latency
.
Selecting
Block
applies only to Enterprise DLP data profiles configured to block non-file data. This setting doesn’t impact
Enterprise DLP
data profiles configured to alert when traffic containing sensitive data is scanned.
Specify the
Min Data Size (B)
to enforce a minimum size for non-file data to be scanned by the DLP cloud service.
Specify the
Max Data Size (KB)
to enforce a maximum size for non-file data to be scanned by the DLP cloud service.
Specify the
Action on Data File Size
(
Allow
or
Block
)
Cloud Management
takes if no verdict was received for a non-file traffic data upload due to the traffic data size being larger than the configured
Max Data Size
.
Selecting
Block
applies only to Enterprise DLP data profiles configured to block non-file data. This setting doesn’t impact
Enterprise DLP
data profiles configured to alert when traffic containing sensitive data is scanned.
Check (enable)
Log Data Not Scanned
to generate an alert in the DLP incident when non-file data can’t be scanned by the DLP cloud service.
Save
.
In the DLP Settings, specify the action
Cloud Management
takes when an error is encountered while being scanned by the DLP cloud service.
Select
Allow
to allow the file upload to continue when an error is encountered or
Block
to block the upload.
Save
to apply the setting.
Push your data filtering profile.
Push Config
and
Push
.
Select (enable)
Remote Networks
and
Mobile Users
.
Push
.