>
    November 2024
    Focus
    Download PDF
    Focus
    1. Home
    2. Enterprise DLP
    3. New Features in Enterprise DLP
    4. New Features in the Enterprise DLP Cloud Service
    5. November 2024
    Download PDF
    Enterprise DLP

    November 2024

    Table of Contents

    November 2024

    Review the new features introduces to Enterprise Data Loss Prevention (E-DLP) in November 2024.

    Exclude URLs and Apps From Enterprise DLP for Non-File Based traffic

    In some cases, you might have use cases where you need to exclude certain URLs and apps from forwarding non-file based traffic to Enterprise Data Loss Prevention (E-DLP). For example, you might not require Enterprise DLP inspection in the following scenarios:
    • You expect traffic containing sensitive data to specific URLs and apps and want to exclude them from Enterprise DLP incidents.
    • You only want to inspect file based traffic for specific URLs and apps but don't require inspection of non-file based traffic.
    • You identified specific URLs that receive non-file data that isn't user generated and want to exclude these URLs from Enterprise DLP inspection to avoid false positive detections.
    You can use an existing Security policy rules to easily exclude these URLs and apps from Enterprise DLP rather than create a new Security policy rule each time you want to exclude specific URLs and apps. This allows you to continue to enforce your data loss prevention requirements for URLs and apps that require it while excluding the URLs and apps that don't. This eases the operational overheard of managing your policy rulebase by reducing the total number of policy rules you need to manage

    EDM CLI App Version 3.5

    Enterprise Data Loss Prevention (E-DLP) introduced the Exact Data Matching (EDM) CLI app version 3.5 to allow creation of encrypted EDM data sets in an air-gapped environment. EDM is an advanced detection tool to monitor and protect sensitive data from exfiltration of personally identifiable information (PII) such as social security numbers, Medical Record Numbers, bank account numbers, and credit card numbers, in a structured data source such as databases, directory servers, or structured data files (CSV and TSV), with high accuracy. In some cases, the EDM CLI app might be installed on a device that you intentionally prevent access to the internet; otherwise referred to as air-gapped. Using the EDM CLI app version 3.5, an air-gapped device that has the EDM CLI app installed can successfully create encrypted EDM data sets. You can then manually transfer the output.zip that you need to upload to Enterprise DLP to a device with an outbound internet connection, which can upload the EDM data set to Enterprise DLP.

    © 2024 Palo Alto Networks, Inc. All rights reserved.