Edit the Enterprise DLP Non-File Data Filtering Settings
Edit the non-file data filtering settings to specify the actions the managed firewall takes on non-file based data scanned to the DLP cloud service.
Configure the network settings for non-file based traffic scanned to the
Enterprise data loss prevention (DLP)cloud service and specify the actions the firewall using
Enterprise DLPtakes. Editing the
Enterprise DLPnon-file data filtering settings is supported on the Panorama™ management server running PAN-OS 10.2.1 or later release with Panorama plugin for
Enterprise DLP3.0.1 or later release.
- Selectand select theDeviceSetupDLPTemplateassociated with the managed firewalls usingEnterprise DLP.
- Edit the Non-File Data Filtering Settings.
- Verify thatEnable Non File DLPis checked (enabled).Non-File DLP is enabled by default when you install Panorama plugin forEnterprise DLP3.0.1.
- Specify theMax Latency (sec)to configure the allowable time for non-file data uploads to determine the allowable time before an action is taken by the firewall.
- Specify theAction on Max Latency(AlloworBlock) the firewall takes if no verdict was received for a non-file traffic data upload due to the upload time exceeding the configuredMax Latency.SelectingBlockapplies only to Enterprise DLP data filtering profiles configured to block non-file data. This setting doesn’t impactEnterprise DLPfiltering profiles configured to alert when traffic containing sensitive data is scanned.
- Specify theMin Data Size (B)to enforce a minimum size for non-file data to be scanned by the DLP cloud service.
- Specify theMax Data Size (KB)to enforce a maximum size for non-file data to be scanned by the DLP cloud service.
- Specify theAction on Data File Size(AlloworBlock) the firewall takes if no verdict was received for a non-file traffic data upload due to the traffic data size being larger than the configuredMax Data Size.SelectingBlockapplies only to Enterprise DLP data filtering profiles configured to block non-file data. This setting doesn’t impactEnterprise DLPdata filtering profiles configured to alert when traffic containing sensitive data is scanned.
- Check (enable)Log Data Not Scannedto generate an alert in the data filtering log when non-file data can’t be scanned by the DLP cloud service.
- ClickOKto save your configuration changes.
- Edit the Enterprise DLP Action on Error Setting to configure the action the firewall takes if any error is encountered during non-file traffic data upload.
- Commit and push your configuration changes to your managed firewalls usingEnterprise DLP.While a performing aCommit and Pushis supported, it isn’t recommended forEnterprise DLPconfiguration changes and requires you to manually select the impacted templates and managed firewalls in the Push Scope Selection.
- SelectandCommitCommit to PanoramaCommityour configuration changes.
- SelectandCommitPush to DevicesEdit Selections.
- SelectDevice GroupsandInclude Device and Network Templates.
- Pushyour configuration changes to your managed firewalls.
Recommended For You
Recommended videos not found.