1. Home
    2. Enterprise DLP
    3. Enterprise DLP Administrator’s Guide
    4. Set Up Enterprise DLP
    5. Set Up the Enterprise DLP Plugin on Panorama
    6. Edit the Enterprise DLP Settings
    7. Edit the Enterprise DLP Data Filtering Settings

    Edit the Enterprise DLP Data Filtering Settings

    Edit the Enterprise Data Loss Prevention (DLP) data filtering settings to specify the actions the managed firewall takes on file scanned to the DLP cloud service.
    Configure the network settings for files scanned to the Enterprise Data Loss Prevention (DLP) cloud service and specify the actions the firewall leveraging Enterprise DLP takes.
    2. Select
      Device
      Setup
      DLP
       and select the
      Template
       associated with the managed firewalls leveraging Enterprise DLP.
    3. Edit the Data Filtering Settings
      1. Specify the
        Max Latency (sec)
         for a file upload for an action is taken by the firewall.
        For inspection of files greater than 20MB, Palo Alto Networks recommends setting the max latency to greater than
        60
         seconds.
      2. Specify the
        Action on Max Latency
         (
        Block
         or
        Allow
        ) the firewall takes if no verdict was received for a file upload due to the upload time exceeding the configured
        Max Latency
        .
        Selecting
        Block
         applies only to Enterprise DLP data filtering profiles configured to block files. This setting does not impact Enterprise DLP filtering profiles configured to alert when traffic containing sensitive data is scanned.
      3. Specify the
        Max File Size (MB)
         to enforce a maximum file size for files stored in the DLP cloud service.
      4. Specify the
        Action on Max File Size
         (
        Block
         or
        Allow
        ) the firewall takes if no verdict was received for a file upload due to the file size being larger than the configured
        Max File Size
        .
        Selecting
        Block
         applies only to Enterprise DLP data filtering profiles configured to block files. This setting does not impact Enterprise DLP filtering profiles configured to alert when traffic containing sensitive data is scanned.
      5. Check (enable)
        Log Files Not Scanned
         to generate an alert in the data filtering log when a file cannot be scanned to the DLP cloud service.
      6. Click
        OK
         to save your configuration changes.
    4. Edit the Enterprise DLP Action on Error Setting to configure the action the firewall takes if any error is encountered during non-file traffic data upload.
    5. Commit and push your configuration changes to your managed firewalls leveraging Enterprise DLP.
      While a performing a
      Commit and Push
       is supported, it is not recommended for Enterprise DLP configuration changes and requires you to manually select the impacted templates and managed firewalls in the Push Scope Selection.
      1. Select
        Commit
        Commit to Panorama
         and
        Commit
         your configuration changes.
      2. Select
        Commit
        Push to Devices
         and
        Edit Selections
        .
      3. Select
        Device Groups
         and
        Include Device and Network Templates
        .
      4. Click
        OK
        .
      5. Push
         your configuration changes to your managed firewalls.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo