What’s Supported with DLP on Prisma Access?

Lists the supported applications and operational parameters that you can use with DLP on Prisma Access.
Here are the supported applications and operational parameters that you can use with DLP on Prisma Access.
Web Application
pdf
doc/docx
ppt/pptx
xls/xlsx
rtf
csv
Multi-File uploads
File size
Web browsing
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
Onedrive Web App
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
Sharepoint Web App
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
Gmail Web App
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
Box Web App
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
Slack Web App
Yes
Yes
Yes
Yes
Yes
Yes
Yes
20 MB
  • Applications
    —You can enforce DLP for web-based (HTTP- or HTTPS-based) uploads for the following applications:
  • File operations
    —You can upload files using HTTP and HTTPS (no FTP or SMTP) using HTTP/1.1.
    Some applications, such as SharePoint and OneDrive, use HTTP/2 by default. To use HTTP/2 files with HTTP/1.1, you need to create a decryption profile and a security policy to strip out the ALPN headers. See Enable DLP on Prisma Access for instructions.
  • Data flow
    —File uploads are supported (downloads are not supported).
  • Concurrent file uploads
    —You can upload up to 25 files at a time.
  • File size
    —Files of up to 20 MB are supported.
    Enterprise DLP does not support machine learning pattern detection for files whose extracted file sizes are larger than 1 MB.
  • File types
    —Microsoft Office (.doc, .docx, .ppt, .pptx, .xls, .xlsx) .csv, .pdf, and .rtf.
  • Response
    —Block and Alert actions are supported for HTTP and HTTPS files. The Block page does not display the name of the file that Prisma Access blocked.
  • Data Patterns and Data Filtering Profiles
    —Use predefined data patterns and data filtering profiles, or create your own data patterns and data filtering profiles. You cannot clone data patterns; however, you can clone predefined data filtering profiles if you want to add, remove, or modify data identifiers in the existing profile.
    For each data filtering profile, DLP on Prisma Access allows a maximum of 10 data patterns for a Block rule and 50 data patterns for an Alert rule.
  • Multi-tenancy
    —DLP on Prisma Access is not supported in a mulit-tenant deployment.

Recommended For You