Edit the Enterprise DLP Data Filtering Settings
Table of Contents
Expand all | Collapse all
-
- Register and Activate Enterprise DLP on Prisma Access (Panorama Managed)
- Edit the Enterprise DLP Snippet Settings on the DLP App
- Enable Role Based Access to Enterprise DLP on Cloud Management
- Enable Optical Character Recognition on Cloud Management
- Enable Optical Character Recognition for Enterprise DLP
-
-
- Create a Data Profile on the DLP App
- Create a Data Profile with EDM Data Sets on the DLP App
- Create a Data Profile with Data Patterns and EDM Data Sets on the DLP App
- Create a Data Profile with Nested Data Profiles on the DLP App
- Create a Data Profile on Cloud Management
- Create a Data Profile with EDM Data Sets on Cloud Management
- Create a Data Profile with Data Patterns and EDM Data Sets on Cloud Management
- Create a Data Profile with Nested Data Profiles on Cloud Management
- Create a Data Filtering Profile on Panorama
- Create a Data Filtering Profile on Panorama for Non-File Detection
- Update a Data Profile on the DLP App
- Update a Data Profile on Cloud Management
- Update a Data Filtering Profile on Panorama
- Enable Existing Data Patterns and Filtering Profiles
-
- How Does Email DLP Work?
- Activate Email DLP
- Add an Enterprise DLP Email Policy
- Review Email DLP Incidents
-
- Monitor DLP Status with the DLP Health and Telemetry App
- View Enterprise DLP Log Details on the DLP App
- Manage Enterprise DLP Incidents on the DLP App
- View Enterprise DLP Audit Logs on the DLP App
- View Enterprise DLP Log Details on Cloud Management
- Manage Enterprise DLP Incidents on Cloud Management
- View Enterprise DLP Audit Logs on Cloud Management
- View Enterprise DLP Log Details on Panorama
Edit the Enterprise DLP Data Filtering Settings
Edit the data filtering settings to specify the actions the managed firewall takes on
traffic scanned to the DLP cloud service.
Configure the network settings for files scanned to the
Enterprise Data Loss Prevention (E-DLP)
cloud service
and specify the actions the firewall using Enterprise DLP
takes if the data
filtering settings are exceeded.- Selectand select theDeviceSetupDLPTemplateassociated with the managed firewalls usingEnterprise DLP.
- Edit the Data Filtering Settings.
- Specify theMax Latency (sec)for a file upload before an action is taken by the firewall.For inspection of files greater than 20 MB, Palo Alto Networks recommends setting the max latency to greater than60seconds.
- Specify theAction on Max Latency(BlockorAllow) the firewall takes if no verdict was received for a file upload due to the upload time exceeding theMax Latency.SelectingBlockapplies only to Enterprise DLP data filtering profiles configured to block files. This setting doesn’t impactEnterprise DLPdata filtering profiles configured to alert when traffic containing sensitive data is scanned.
- Specify theMax File Size (MB)to enforce a maximum file size for files uploaded to the DLP cloud service for inspection.
- Specify theAction on Max File Size(BlockorAllow) the firewall takes if no verdict was received for a file upload due to the file size being larger than the configuredMax File Size.SelectingBlockapplies only to Enterprise DLP data filtering profiles configured to block files. This setting doesn’t impactEnterprise DLPdata filtering profiles configured to alert when traffic containing sensitive data is scanned.(DLP 3.0.3 only) Increasing the max file size for the Enterprise DLP data filtering settings to 21 MB or greater when Panorama has the Enterprise DLP 3.0.3 plugin installed is supported only from the Panorama CLI.admin>configureadmin#set template <template_name> config shared dlp-settings max-file-size <1 - 100>Check (enable)Log Files Not Scannedto generate an alert in the data filtering log when a file can’t be scanned to the DLP cloud service.ClickOKto save your configuration changes.
- Edit the Enterprise DLP Action on Error Setting to configure the action the firewall takes if any error is encountered during non-file traffic data upload.
- Commit and push your configuration changes to your managed firewalls usingEnterprise DLP.While a performing aCommit and Pushis supported, it isn’t recommended forEnterprise DLPconfiguration changes and requires you to manually select the impacted templates and managed firewalls in the Push Scope Selection.
- SelectandCommitCommit to PanoramaCommityour configuration changes.
- SelectandCommitPush to DevicesEdit Selections.
- SelectDevice GroupsandInclude Device and Network Templates.
- ClickOK.
- Pushyour configuration changes to your managed firewalls.