Edit the Enterprise DLP Data Filtering Settings
Table of Contents
Expand all | Collapse all
-
- Register and Activate Enterprise DLP on Prisma Access (Panorama Managed)
- Edit the Enterprise DLP Snippet Settings on the DLP App
- Enable Role Based Access to Enterprise DLP on Strata Cloud Manager
- Enable Optical Character Recognition on Strata Cloud Manager
- Enable Optical Character Recognition for Enterprise DLP
-
-
- Create a Data Profile on the DLP App
- Create a Data Profile with EDM Data Sets on the DLP App
- Create a Data Profile with Data Patterns and EDM Data Sets on the DLP App
- Create a Data Profile with Nested Data Profiles on the DLP App
- Create a Data Profile on Strata Cloud Manager
- Create a Data Profile with EDM Data Sets on Strata Cloud Manager
- Create a Data Profile with Data Patterns and EDM Data Sets on Strata Cloud Manager
- Create a Data Profile with Nested Data Profiles on Strata Cloud Manager
- Create a Data Filtering Profile on Panorama
- Create a Data Filtering Profile on Panorama for Non-File Detection
- Update a Data Profile on the DLP App
- Update a Data Profile on Strata Cloud Manager
- Update a Data Filtering Profile on Panorama
- Enable Existing Data Patterns and Filtering Profiles
-
- How Does Email DLP Work?
- Activate Email DLP
- Add an Enterprise DLP Email Policy
- Review Email DLP Incidents
-
- Monitor DLP Status with the DLP Health and Telemetry App
- View Enterprise DLP Log Details on the DLP App
- Manage Enterprise DLP Incidents on the DLP App
- View Enterprise DLP Audit Logs on the DLP App
- View Enterprise DLP Log Details on Strata Cloud Manager
- Manage Enterprise DLP Incidents on Strata Cloud Manager
- View Enterprise DLP Audit Logs on Strata Cloud Manager
- View Enterprise DLP Log Details on Panorama
Edit the Enterprise DLP Data Filtering Settings
Enterprise DLP
Data Filtering SettingsEdit the data filtering settings to specify the actions the managed firewall takes on
traffic scanned to the DLP cloud service.
Configure the network settings for files scanned to the
Enterprise Data Loss Prevention (E-DLP)
cloud service
and specify the actions the firewall using Enterprise DLP
takes if the data
filtering settings are exceeded.- Selectand select theDeviceSetupDLPTemplateassociated with the managed firewalls usingEnterprise DLP.
- Edit the Data Filtering Settings.
- Specify theMax Latency (sec)for a file upload before an action is taken by the firewall.For inspection of files greater than 20 MB, Palo Alto Networks recommends setting the max latency to greater than60seconds.
- Specify theAction on Max Latency(BlockorAllow) the firewall takes if no verdict was received for a file upload due to the upload time exceeding theMax Latency.SelectingBlockapplies only toEnterprise DLPconfigured to block files. This setting doesn’t impactEnterprise DLPdata filtering profiles configured to alert when traffic containing sensitive data is scanned.
- Specify theMax File Size (MB)to enforce a maximum file size for files uploaded to the DLP cloud service for inspection.
- Specify theAction on Max File Size(BlockorAllow) the firewall takes if no verdict was received for a file upload due to the file size being larger than the configuredMax File Size.SelectingBlockapplies only toEnterprise DLPconfigured to block files. This setting doesn’t impactEnterprise DLPdata filtering profiles configured to alert when traffic containing sensitive data is scanned.(DLP 3.0.3 only) Increasing the max file size for theEnterprise DLPdata filtering settings to 21 MB or greater whenPanoramahas theEnterprise DLP3.0.3 plugin installed is supported only from thePanorama.admin>configureadmin#set template <template_name> config shared dlp-settings max-file-size <1 - 100>Check (enable)Log Files Not Scannedto generate an alert in the data filtering log when a file can’t be scanned to the DLP cloud service.ClickOKto save your configuration changes.
- Edit the Enterprise DLP Action on Error Setting to configure the action the firewall takes if any error is encountered during non-file traffic data upload.
- Commit and push your configuration changes to your managed firewalls usingEnterprise DLP.While a performing aCommit and Pushis supported, it isn’t recommended forEnterprise DLPconfiguration changes and requires you to manually select the impacted templates and managed firewalls in the Push Scope Selection.
- SelectandCommitCommit toPanoramaCommityour configuration changes.
- SelectandCommitPush to DevicesEdit Selections.
- SelectDevice GroupsandInclude Device and Network Templates.
- ClickOK.
- Pushyour configuration changes to your managed firewalls.