Enterprise DLP
What’s Supported with Enterprise DLP?
Table of Contents
What’s Supported with Enterprise DLP?
Learn about the supported applications and operational parameters for Enterprise Data Loss Prevention (E-DLP).
On May 7, 2025, Palo Alto Networks is introducing new Evidence Storage and Syslog Forwarding service IP
addresses to improve performance and expand availability for these services
globally.
You must allow these new service IP addresses on your network
to avoid disruptions for these services. Review the Enterprise DLP
Release Notes for more
information.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
Or any of the following licenses that include the Enterprise DLP license
|
Learn about the products that support Enterprise Data Loss Prevention (E-DLP) and its features:
(.csv, .docx, .xls, and .xlsx File Types) Enterprise DLP utilizes structured data processing for the supported file types which support
tabular data formats. This allows Enterprise DLP to perform intelligent column
analysis and implements advanced header detection techniques that treat column headers
as proximity keywords that influence detection confidence. Additionally, structured data
processing allows Enterprise DLP to use machine learning techniques to handle cases
of misspelled or missing headers more effectively.
- Platform Support
- Apps
- GenAI Apps
- File Types
- Encoding Schemas
- Detection Methods
- Features
- Double Byte Characters
- Non-File Based Traffic
Platform Support
Platforms supported by Enterprise Data Loss Prevention (E-DLP).
The following platforms support Enterprise Data Loss Prevention (E-DLP). Enterprise DLP data
patterns and data filtering profiles are designed to work across all supported platforms
to provide consistent data security across all locations. Review the minimum versions
and licenses required for each.
Enterprise DLP supports a multitenant Customer Support Portal account for your Panorama® management server with the following restrictions:
- A Superuser must commit all changes to Panorama whenever they make changes to patterns and profiles.
- All tenants share a single copy of pattern and profile configurations; therefore, Enterprise DLP synchronizes any changes done you make across all your tenants where you activated Enterprise DLP.
- Since Security policy rules can be different across tenants, each tenant can have different data profiles associated with Security policy rules.
- Up to one Panorama is associated per Customer Support Account tenant when not in a high availability (HA) configuration or up to two Panorama when Panorama is in a active/passive HA configuration.
- NGFW and VM-Series (Managed by Panorama)PA-410, PA-415, and PA-415-5G firewalls are not supported.
- NGFW PAN-OS Version—PAN-OS 10.0.2 or a later version.
- To successfully use Enterprise DLP, you must configure your Security policy rule and Security Profile Group on Panorama and push these configurations to your managed firewalls.Enterprise DLP does not support pushing an Enterprise DLP data filtering profile to your NGFW and referencing the data filtering profile in a Security policy rule or Security Profile Group created locally on the NGFW.
- Apps & Threats Content Update Version—Application and Threats content release version 8334 or a later version.Upgrade to PAN-OS 10.0.3 and install Application and Threats content release version 8413 or later version for additional application support.
- Licenses—Support licenses (NGFW and Panorama) and a Panorama device management license.
- Prisma Access (Managed by Panorama)
- Prisma Access Version—Prisma Access 2.0 Innovation or a later version.
- To successfully use Enterprise DLP, you must configure your Security policy rule and Security Profile Group on Panorama and push these configurations to enforcement points.
- Apps & Threats Content Update Version—Application and Threats content release version 8334 or a later version.Install Application and Threats content release version 8413 or later version for additional application support.
- Licenses—Prisma Access license, Strata Logging Service license, and Panorama support license.
- NGFW and VM-Series (Managed by Strata Cloud Manager)PA-410, PA-415, and PA-415-5G firewalls are not supported.
- Review the list of NGFW supported on Strata Cloud Manager.
- NGFW PAN-OS Version—PAN-OS 10.2.3 or a later version.
- Apps & Threats Content Update Version—Application and Threats content release version 8614 or a later version.
- Licenses—NGFW support license and a AIOps for NGFW Premium license.
Enterprise DLP does not support pushing an Enterprise DLP data filtering profile to your NGFW and referencing the data filtering profile in a Security policy rule or Security Profile Group created locally on the NGFW. - Prisma Access (Managed by Strata Cloud Manager)
- Enterprise DLP is an add-on license for Prisma Access when using Strata Cloud Manager from a Single Prisma SASE Platform or Multitenant Prisma SASE Platform.However, the CASB-X and CASB-PA licenses include the Enterprise DLP license by default and does not require a separate license to activate and use Enterprise DLP.
- Important: Install the Panorama plugin for Enterprise DLP 1.0.6 or later release if you’re using Enterprise DLP on both NGFW and Prisma Access (Managed by Strata Cloud Manager) and NGFW and Prisma Access (Managed by Panorama).This is required to ensure Enterprise DLP configurations are successfully synchronized across both Strata Cloud Manager and Panorama.
Apps
Apps supported by Enterprise Data Loss Prevention (E-DLP).
The following table displays the supported web apps and operational
parameters that you can use with Enterprise Data Loss Prevention (E-DLP). See the Supported File Types
for more information on which file types Enterprise DLP can inspect and render a
verdict on across all applications. Refer to the Palo
Alto Networks Applipedia for more information on each App-ID.
Some app support might have a Minimum Version Requirement. The
minimum version requirement to support inspection of an app might require a minimum
PAN-OS version or an Apps & Threats content release version installed.
Some Enterprise DLP functionality is dependent on a PAN-OS release.
- Any app that supports the Non-File Inspection Inspection Type requires PAN-OS 10.2.3 or later PAN-OS release.
- Any app that supports a Max File Size larger than 20 MB requires PAN-OS 10.2.4 or later PAN-OS 10.2 release, or PAN-OS 11.0.2 or later release.
- Any app that supports the Download Direction requires PAN-OS 10.2.4 or later PAN-OS 10.2 release, or PAN-OS 11.0.2 or later release.
- To upgrade Panorama or Strata Cloud Manager.
- For Panorama, upgrade Panorama and managed firewalls to the Minimum Version Requirement or later release.
- For Prisma Access (Managed by Panorama), you must upgrade Panorama to the Minimum Version Requirement and ensure your Prisma Access tenants are running the Minimum Version Requirement or later release.
- For Cloud Management, a PAN-OS software upgrade in the Strata Cloud Manager infrastructure to the Minimum Version Requirement or later release is required. You can view the Software Version in the Strata Cloud Manager Overview.
- Review the Compatibility Matrix for the minimum plugin versions required for your target upgrade version.
To use Gmail, you must disable the Quick UDP Internet Connection (QUIC) protocol.
Palo Alto Networks recommends that you disable QUIC in Chrome. To do so, specify
chrome://flags/ in the Chrome Experimental QUIC
Protocol, and select Disabled.
![]()
|
App
|
App-ID
|
Inspection Type
|
Direction
|
Max File Size
|
Minimum Version Requirement
|
Notes
|
|---|---|---|---|---|---|---|
|
AirTable
|
airtable
|
File
Non-File
|
Download
|
5 MB
|
PAN-OS 10.2.3
(Download) PAN-OS 10.2.4
|
—
|
|
Amazon Cloud Drive Web
|
amazon-cloud-drive
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Amazon S3 REST API
|
web-browsing
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Apple iCloud Web
|
icloud
|
File
|
Upload
|
100 MB
|
—
|
—
|
|
Asana Web
|
asana
|
File
|
Upload
|
100 MB
|
—
|
—
|
|
Basecamp Web
|
basecamp
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Bitrix24 Web
|
bitrix24
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Blackboard Web
|
blackboard
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Blogs (e.g Wordpress, Medium)
|
blog-posting
|
File
Non-File
|
Upload
|
100 MB
|
—
|
—
|
|
Box Desktop
|
boxnet
|
File
|
Upload
Download
|
20 MB (Upload)
100 MB (Download)
|
Version 8413
|
—
|
|
Box Web
|
boxnet
|
File
|
Upload
Download
|
100 MB
|
Version 8413
|
—
|
|
Canvas Web
|
canvas
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Confluence Web
|
confluence-base
web-browsing
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
DocSend Web
|
docsend
|
File
|
Upload
|
100 MB
|
—
| |
|
Dropbox Web
|
dropbox
|
File
|
Upload
Download
|
100 MB
|
PAN-OS 11.1.0
|
—
|
|
Egnyte Web
|
egnyte
|
File
|
Upload
|
100 MB
|
—
|
—
|
|
Evernote Web
|
evernote
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Facebook Messenger Web
|
facebook-chat
|
File
|
Upload
Download
|
25MB
|
—
|
—
|
|
Facebook Web
Images only
|
facebook-uploading
|
File
|
Upload
|
10 MB
|
PAN-OS10.2.3
|
—
|
|
FilesAnywhere Web
|
filesanywhere
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Freshdesk Web
|
freshdesk
|
File
|
Upload
|
20 MB
35 MB (Freshdesk Chatbot only)
|
Freshdesk enforces a 20 MB and 35 file size
limit.
|
—
|
|
GitHub Web
|
github
github-uploading
|
File
|
Upload
|
20 MB
25 MB (github-uploading)
100 MB (github-uploading using GitHub Release
only)
|
Version 8413
GitHub enforces a 25 MB file size limit for all
upload services except for GitHub Release
|
—
|
|
Gitlab - Web-based File Attachment and Standard Traffic
|
gitlab
|
File
Non-File
|
Upload
|
100 MB
|
Version 8413
|
—
|
|
Glassdoor Web
|
web-browsing
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Gmail Web - Mail Attachments
|
gmail
|
File
Non-File
|
Upload
|
100 MB
|
Version 8413
|
—
|
|
Google Chat Web
|
google-chat
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Google Cloud Platform
|
google-cloud-storage-base
|
File
|
Upload
Download
|
100 MB
|
—
|
—
|
|
Google Docs Web
|
google-docs-editing
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Google Drive Web
|
google-base
google-docs
|
File
|
Upload
|
100 MB
|
PAN-OS 10.2.4
|
—
|
|
Google Forms Web
|
google-docs-editing
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Google Meet Web
|
google-meet
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
Version 8726-8134
|
—
|
|
Google Photos Web
|
google-photos
|
File
|
Upload
|
100 MB
|
PAN-OS 10.2.3
Version 8745-8229
|
—
|
|
Google Sheets Web
|
google-docs-editing
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Google Slides Web
|
google-docs-editing
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Grammarly
|
grammarly
|
File
|
Upload
|
4 MB
|
PAN-OS 10.2.3
|
—
|
|
GSuite (Export via link)
|
google-base
|
File
|
Download
|
25 MB
|
PAN-OS 10.2.4
Version 8684-7912
|
—
|
|
Hubspot Web
|
hubspot
|
File
|
Upload
|
100 MB
|
—
|
—
|
|
Jira Web
|
jira
|
File
Non-File
|
Download
|
100 MB
| (Download and Large File) PAN-OS 10.2.4 |
—
|
|
LinkedIn Web
|
linkedin
|
File
Non-File
|
Upload
Download
|
20 MB (Upload)
100 MB (Download)
|
(Non-File) PAN-OS 10.2.3
(Download) PAN-OS 10.2.4
Version 8739-17204
|
—
|
|
MailChimp
|
mailchimp
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Mendeley Web
|
mendeley
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Microsoft Azure Storage
|
windows-azure
|
File
|
Download
|
100 MB
|
PAN-OS 10.2.4 or 11.0.2
Version 8742-8215
|
—
|
|
Microsoft Excel Desktop
|
web-browsing
|
File
Non-File
|
Download
|
26 MB
|
PAN-OS 10.2.4
|
Collaborative Sync not
supported.
|
|
Microsoft Excel Web
|
web-browsing
|
File
Non-File
|
Upload
Download
|
20 MB (Upload)
26 MB (Download)
|
PAN-OS 10.2.4
|
—
|
|
Microsoft OneDrive Desktop - Business
|
office365-enterprise-access
sharepoint-online
|
File
|
Upload
Download
|
100 MB
|
PAN-OS 10.2.4
Version 8684-7912
|
Collaborative Sync not
supported.
|
|
Microsoft OneDrive Desktop - Personal
|
ms-onedrive
|
File
|
Upload
|
100 MB
|
PAN-OS 10.2.4
Version 8684-7912
|
—
|
|
Microsoft OneDrive Web - Business
|
office365-enterprise-access
sharepoint-online
|
File
|
Upload
|
100 MB
|
PAN-OS 10.2.4
(Large file) 11.1.0
|
—
|
|
Microsoft OneDrive Web - Personal
|
ms-onedrive
|
File
|
Upload
|
100 MB
|
PAN-OS 10.2.4
|
—
|
|
Microsoft OneNote Web
|
ms-onenote
|
File
Non-File
|
Upload
Download
|
20 MB
|
Version 8413
|
—
|
|
Microsoft Outlook Web - Mail Attachments from Device and Personal One
Drive
|
ms-office365
|
File
|
Upload
|
100 MB
|
Version 8673-7845
(Large file) PAN-OS 11.1.0
|
—
|
|
Microsoft Power BI Web
|
web-browsing
|
File
Non-File
|
Upload
|
100 MB
|
—
|
—
|
|
Microsoft PowerPoint Desktop
|
ms-powerpoint-online
|
File
Non-File
| Download |
100 MB
|
PAN-OS 10.2.4
|
Collaborative Sync not
supported.
|
|
Microsoft PowerPoint Web
|
ms-powerpoint-online
|
File
Non-File
|
Download
|
100 MB
|
PAN-OS 10.2.4
|
—
|
|
Microsoft SharePoint Desktop
|
office365-enterprise-access
sharepoint-online
|
File
Non-File
|
Upload
Download
|
100 MB
|
—
|
Collaborative Sync not
supported.
|
|
Microsoft SharePoint Web
|
office365-enterprise-access
sharepoint-online
|
File
Non-File
|
Upload
Download
|
100 MB
|
—
|
—
|
|
Microsoft Teams Desktop - Business
Microsoft Whiteboard not supported
|
ms-office365
ms-teams
|
File
Non-File
|
Upload
Download
|
10 MB (Upload)
100 MB (Download)
|
PAN-OS 10.2.3
|
—
|
|
Microsoft Teams Desktop - Personal
Microsoft Whiteboard not supported
|
ms-office365
ms-teams
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Microsoft Teams Web - Business
Microsoft Whiteboard not supported
|
ms-office365
ms-teams
|
File
Non-File
|
Upload
Download
|
10 MB (Upload)
100 MB (Download)
|
Version 8742-8215
Large File—PAN-OS 10.2.4 and later or 11.0.2 or
later
Non-File—PAN-OS 10.2.3 and later or 11.0.0 or
later
|
—
|
|
Microsoft Teams Web - Personal
Microsoft Whiteboard not supported
|
ms-office365
ms-teams
|
File
Non-File
|
Upload
Download
|
100 MB
|
Version 8742-8215
Large File—PAN-OS 10.2.4 and later or 11.0.2 or
later
Non-File—PAN-OS 10.2.3 and later or 11.0.0 or
later
|
—
|
|
Microsoft Word Desktop
|
ms-office365
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
Collaborative Sync not
supported.
|
|
Microsoft Word Web
|
ms-office365
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Miro Web
|
realtimeboard
|
File
|
Upload
|
30 MB
|
PAN-OS 10.2.3
Version 8756-8298
|
—
|
|
Monday.com Web
|
monday
|
File
|
Upload
|
20 MB
|
—
|
—
|
| Naver Mail Web |
naver-mail
|
File
|
Upload
Download
|
100 MB
| — |
—
|
|
Naverworks
|
web-browsing
|
File
|
Upload
|
20 MB
|
Version 8711-8058
|
—
|
|
Pastebin Web
|
pastebin
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3
|
—
|
|
Pinterest
|
pinterest
|
Non-File
|
N/A
|
N/A
|
N/A
|
—
|
|
Prezi Web
|
prezi
|
File
|
Upload
|
100 MB
(DOCX) 50 MB
|
—
|
Prezi enforces a max file size restriction for
DOCX files.
|
|
Quip
|
quip
|
File
|
Upload
Download
|
100 MB
|
Version 8735-8187
|
—
|
|
Quora
|
quora
|
Non-File
|
N/A
|
N/A
|
—
|
—
|
|
Reddit
|
reddit
|
File
Non-File
|
Upload
|
20 MB
|
—
|
—
|
|
Salesforce Web
|
salesforce
|
File
|
Upload
Download
|
100 MB
|
Version 8413
|
—
|
|
ServiceNow Web
|
service-now
|
File
Non-File
|
Upload
Download
|
100 MB
|
Version 8413
|
—
|
|
Slack Desktop
|
slack
|
File
Non-File
|
Upload
Download
|
100 MB
|
Non-File—PAN-OS 10.2.3 and later or 11.0.0 or
later
|
—
|
|
Slack Web
|
slack
|
File
Non-File
|
Upload
Download
|
100 MB
|
Non-File—PAN-OS 10.2.3 and later or 11.0.0 or later
|
—
|
|
Smartsheet Web
|
smartsheet
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3 or 11.0.0
|
—
|
|
Splunk Web
|
web-browsing
splunk
|
File
|
Upload
|
100 MB
|
—
|
—
|
|
Syncplicity Web
|
syncplicity
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Trello Web
|
trello
|
File
|
Upload
|
100 MB
|
—
|
—
|
|
Twitter Web
|
twitter
|
File
Non-File
|
Upload
|
20 MB
|
—
|
—
|
|
Udemy Web
|
udemy-base
udemy-business
|
Non-File
|
N/A
|
N/A
|
PAN-OS 10.2.3 or 11.0.0
|
—
|
|
Web Browsing
|
web-browsing
|
File
Non-File
|
Upload
|
100 MB
|
—
|
—
|
|
Webex Desktop
|
webex
|
Non-File
|
N/A
|
N/A
|
Version 8735-8187
|
—
|
|
Workday Web
|
workday
|
File
|
Upload
Download
|
30 MB
|
Version 8702-8012
|
—
|
|
Workplace by Facebook Web App
|
workplace
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Yahoo Web App Mail Attachments
|
yahoo-mail-uploading
|
File
Non-File
|
Upload
|
25 MB
|
Version 8413
|
—
|
|
Yammer Web
|
yammer
|
File
|
Upload
|
20 MB
|
—
|
—
|
|
Zendesk Web
|
zendesk
|
File
Non-File
|
Upload
Download
|
50 MB
|
PAN-OS 10.2.3 or 11.0.0
(Upload) PAN-OS 10.2.5
Version 8757-8277
|
—
|
GenAI Apps
Generative artificial intelligence (GenAI) apps supported by Enterprise Data Loss Prevention (E-DLP).
The following table displays the supported Generative artificial
intelligence (GenAI) apps supported by Enterprise Data Loss Prevention (E-DLP).
- All GenAI app support require PAN-OS 10.2.3 or later release.
- For App-IDs delivered through dynamic content updates, the App-ID refers to the container App-ID for the GenAI app. Refer to the Palo Alto Networks Applipedia for the full list of child App-IDs.
- Refer to the Inspection Type column for information on whether Enterprise DLP supports only Non-File based inspection, only File based inspection, or both Non-File and File based inspection for a particular GenAI app.
|
Application
|
App-ID
|
PAN-OSor Content Version
|
ACE
| Inspection Type |
Max File Size
|
Notes
|
|---|---|---|---|---|---|---|
|
Adobe Express
|
adobe-express
|
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
Adobe Firefly
|
adobe-firefly
|
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
Adrenaline AI
|
adrenaline-ai
|
—
|
√
|
Non-File
|
—
|
—
|
|
Aflorithmic
|
aflorithmic
|
—
|
√
|
Non-File
|
—
|
—
|
|
AI Chatting
|
ai-chatting
|
—
|
√
|
Non-File
|
—
|
—
|
|
AI Story Generator
|
ai-story-generator
|
—
|
√
|
Non-File
|
—
|
—
|
|
Aithor
|
aithor
|
—
|
√
|
Non-File
|
—
|
—
|
|
AI Tubo
|
ai-tubo
|
—
|
√
|
Non-File
|
—
|
—
|
|
AIVA
|
aiva-ai
|
—
|
√
|
Non-File
|
—
|
The 100 character prompt limit might lack sufficient context to
trigger ML-based detections.
|
|
Artbreeder
|
artbreeder
|
—
|
√
|
Non-File
|
—
|
—
|
|
Artflow
|
artflow
|
—
|
√
|
Non-File
|
—
|
—
|
|
Artiphoria
|
artiphoria
|
—
|
√
|
Non-File
|
—
|
—
|
|
AskCodi
|
askcodi
|
—
|
√
|
Non-File
|
—
|
—
|
|
Bannerbear
|
bannerbear
|
—
|
√
|
Non-File
|
—
|
—
|
|
Beautiful.ai
| beautiful |
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
Bito AI
|
bito
|
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
Bing AI/Microsoft Copilot
|
ms-office365-copilot
ms-office65-copilot-upload
|
—
|
—
|
File
|
|
For file uploads only.
Bing AI/Microsoft Copilot enforces a file type and max file size
restrictions.
Supported for Personal accounts
only.
|
|
Brainly
|
brainly-app
|
—
|
√
|
Non-File
|
—
|
—
|
|
Brandmark
|
brandmark
|
—
|
√
|
Non-File
|
—
|
—
|
|
Caktus
|
caktus
| — |
√
|
Non-File
|
—
|
—
|
|
Candy AI
|
candy-ai
|
—
|
√
|
Non-File
|
—
|
—
|
|
Case de Sante AI Meal Planner
|
casa-de-sante-ai-meal-planner
|
—
|
√
|
Non-File
|
—
|
—
|
|
Charisma.ai
|
charisma.ai
|
—
|
√
|
Non-File
|
—
|
—
|
|
Chatai.com
|
chatai
|
—
|
√
|
Non-File
|
—
|
—
|
|
Chatbase
|
chatbase
|
—
|
√
|
Non-File
|
—
|
—
|
|
Chatbot
| chatbot |
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
ChatFAI
|
chatfai
|
—
|
√
|
Non-File
|
—
|
—
|
|
ChatHub
|
chathub.gg
|
—
|
√
|
Non-File
|
—
|
—
|
|
Chatsonic
|
chatsonic
|
8792-8469
|
—
|
Non-File
|
—
|
—
|
|
Claude AI (Anthropic)
|
claude
|
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
Clipdrop
|
clipdropapp
|
—
|
√
|
Non-File
|
—
|
—
|
|
Clockwise
|
clockwise
|
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
Codium AI
|
codium-ai
|
8872-8848
|
—
|
Non-File
|
—
| — |
|
Cody (Knowledge Management)
|
cody
|
—
|
√
|
Non-File
|
—
|
—
|
|
Cohere Coral Chat
|
cohere.ai
|
8852
|
—
|
Non-File
|
—
|
—
|
|
ContentDetector.AI
|
contentdetector-ai
|
—
|
√
|
Non-File
|
—
|
—
|
|
Copy AI
| copy.ai |
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
CopyMonkey
|
copymonkey
|
—
|
√
|
Non-File
|
—
|
—
|
|
Course Hero
|
course-hero
|
—
|
√
|
Non-File
|
—
|
—
|
|
Decktopus
|
decktopus
|
—
|
√
|
Non-File
|
—
|
—
|
|
Deepgram
|
deepgram
|
—
|
√
|
Non-File
|
—
|
—
|
|
DeepL
|
deepl
| 8732 |
—
|
Non-File
|
—
|
—
|
|
Describely
|
describely
|
—
|
√
|
Non-File
|
—
|
—
|
|
DomoAI
|
domoai
|
—
|
√
|
Non-File
|
—
|
—
|
|
DreamTavern
|
dreamtavern
|
—
|
√
|
Non-File
|
—
|
—
|
|
Dubverse.ai
|
dubverse-ai
|
—
|
√
|
Non-File
|
—
|
—
|
|
Echowin
|
echowin
|
—
|
√
|
Non-File
|
—
|
—
|
|
EduAide
|
eduaide
|
—
|
√
|
Non-File
|
—
|
—
|
|
ElevenLabs
| elevenlabs |
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
Figma Figjam AI
|
figma-figjam-ai
|
8852-8753
| — |
Non-File
|
—
|
—
|
|
Fireflies
|
fireflies.ai
|
8904-9013
|
—
|
Non-File
|
—
|
—
|
|
Fliki
|
flikiapp
| — |
√
|
Non-File
|
—
|
—
|
|
Flyfin
|
flyfin
|
—
|
√
|
Non-File
|
—
|
—
|
|
Frase
|
frase
|
—
|
√
|
Non-File
|
—
|
—
|
|
Gamma
|
gamma
|
—
|
√
|
Non-File
|
—
|
—
|
|
GitHub Copilot
|
github-copilot
|
8745-8229
|
—
|
Non-File
|
—
|
—
|
|
GitHub Copilot Business
|
github-copilot-business
|
8745-8229
|
—
|
Non-File
|
—
|
—
|
|
GitHub Copilot Chat
|
github-copilot-chat
|
8825-8649
|
—
|
Non-File
|
—
|
—
|
|
GitHub Copilot Chat Business
|
github-copilot-chat-business
|
8825-8649
|
—
|
Non-File
|
—
|
—
|
|
Google Gemini
|
google-gemini
|
8872-8848
|
—
|
File
Non-File
|
100 MB
|
—
|
|
Groq Chat
|
groq-chat
|
—
|
√
|
Non-File
|
—
|
—
|
|
HeyFriday
|
heyfriday
|
—
|
√
|
Non-File
|
—
|
—
|
|
Hubspot AI
|
hubspot-ai
|
8852
|
—
|
Non-File
|
—
|
—
|
|
Hugging Face API
|
huggingface
|
8852
|
—
|
Non-File
|
—
|
—
|
|
Humanloop
|
humanloop
|
8872-8848
|
—
|
Non-File
|
—
| — |
|
Hypotenuse AI
| hypotenuse-ai |
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
Ideaogram
| ideogram |
—
|
√
|
Non-File
|
—
|
—
|
|
Kittl
|
kittl
|
—
|
√
|
Non-File
|
—
|
—
|
|
Knowt
|
knowt
|
—
|
√
|
Non-File
|
—
|
—
|
|
Krater
|
krater
|
—
|
√
|
Non-File
|
—
|
—
|
|
Krisp.ai
|
krisp
|
8904-9013
|
—
|
Non-File
|
—
| — |
|
LensGo
|
lensgo
|
—
|
√
|
Non-File
|
—
|
The 200 character prompt limit might lack sufficient context to
trigger ML-based detections.
|
|
Leonardo AI
|
leonardo-ai
| — |
√
|
Non-File
|
—
|
—
|
|
LetsEnhance
|
lets-enhance
|
—
|
√
|
Non-File
|
—
|
—
|
|
Lex.page
|
lex.page
|
—
|
√
|
Non-File
|
—
|
—
|
|
MeetGeek
|
meetgeek
|
8904-9013
|
—
|
Non-File
|
—
| — |
|
Microsoft Power Apps
|
ms-powerapps
|
8852-8753
|
—
|
Non-File
|
—
|
—
|
|
Mistral.AI
|
mistral-ai
|
—
|
√
|
Non-File
|
—
|
—
|
|
Murf
|
murf
|
8872-8848
|
—
|
Non-File
|
—
|
When rendering a new model in your Murf.ai project, must not select
the Don't Split option. This is option is not
supported and prevents Enterprise DLP from inspecting traffic
to Murf.ai.
|
|
Notion
|
notion
| 8529 |
—
|
Non-File
|
—
|
—
|
|
OpenAI ChatGPT
|
openai-chatgpt
openai-chatgpt-uploading
|
(File) PAN-OS 11.2.4 or
later
8756
|
—
|
File
Non-File
|
100 MB
| |
|
Perplexity
|
perplexity-ai
|
—
|
√
|
File
|
50 MB
|
For file uploads only.
Perplexity enforces a 50 MB max file size.
|
|
Phind
|
phind
|
—
|
√
|
Non-File
|
—
|
—
|
|
Pi
|
pi
|
—
|
√
|
Non-File
|
—
|
—
|
|
PlayHT
|
play.ht
|
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
poe
| poe | — |
√
|
Non-File
|
—
| — |
|
Prome AI
|
prome-ai
| — |
√
|
Non-File
|
—
|
—
|
|
Quickchat
|
quickchat
|
—
|
√
|
Non-File
|
—
|
—
|
|
Reclaim.AI
|
reclaim.ai
|
8904-9013
|
—
|
Non-File
|
—
| — |
|
Regie AI
|
regie.ai
|
8872-8848
|
—
|
Non-File
|
—
|
—
|
|
Replicate
| replicate |
8872-8848
| — |
Non-File
|
—
|
—
|
|
Romantic AI
|
romantic-ai
| — |
√
|
Non-File
|
—
|
—
|
|
Runway
| runway-app |
8872-8848
| — |
Non-File
|
—
|
—
|
|
Sana AI (Knowledge Management)
|
sanalabs
|
8904-9013
|
—
|
Non-File
|
—
|
—
|
|
Sapling
|
sapling.ai
|
8872-8848
| — |
Non-File
|
—
|
—
|
|
Sembly AI
|
sembly
|
8872-8848
| — |
Non-File
|
—
|
—
|
|
Simplified
|
web-browsing
|
—
|
—
|
Non-File
|
—
|
—
|
|
SourceGraph Cody
|
sourcegraph-cody
|
8872-8848
| — |
Non-File
|
—
|
Only Cody web chat is supported
|
|
Staccato
|
staccato
|
—
|
√
|
Non-File
|
—
|
—
|
|
Suno AI
|
suno
|
—
|
√
|
Non-File
|
—
|
The 200 character prompt limit might lack sufficient context to
trigger ML-based detections.
|
|
ThoughtSpot
|
thoughtspot
|
8904-9013
|
—
|
Non-File
|
—
|
—
|
|
Typeface
|
typeface
|
—
|
√
|
Non-File
|
—
|
—
|
|
Voiceflow
|
voiceflow
|
8872-8848
| — |
Non-File
|
—
|
—
|
|
Writesonic
|
writesonic
|
8872-8848
| — |
Non-File
|
—
|
—
|
|
Zendesk AI
|
zendesk-ai
|
8862-8796
| — |
Non-File
|
—
|
—
|
File Types
File types supported by Enterprise Data Loss Prevention (E-DLP).
Enterprise Data Loss Prevention (E-DLP) supports the following file operations, upload and download
parameters, and supported file types.
- Enterprise DLP File Operations and ParametersOperation or ParameterSupportNotesFile Name Characters
Up to 64 bytes in length File character name length applies to uploads and downloads.File Operations- Enterprise DLP Plugin 3.0.1 and earlier—HTTP/1.1
- Enterprise DLP Plugin 3.0.2 and later—HTTP/1.1 and HTTP/2
- Strata Cloud Manager—HTTP/1.1 and HTTP/2
Some apps, such as SharePoint and OneDrive, use HTTP/2 by default. To use Enterprise DLP for apps using HTTP/2 File exchange on Enterprise DLP plugin 3.0.1 and earlier, you need to create a decryption profile and a Security policy rule to strip out the application-layer protocol negotiation (ALPN) extension in headers. See enable Enterprise DLP for more information.Enterprise DLP supports Block and Alert actions for HTTP and HTTPS files. However, the Block page does not display the name of the blocked file.File SizeUp to 100 MBThe maximum supported file size is dependent on the app. Review the supported apps for more information.Data DirectionUploadDownloadUpload and download support is dependent on each supported app.Enterprise DLP does not support maintaining a session connection to continue inspection if a file upload or download is paused. Enterprise DLP inspection is terminated for the file if the upload or download operation is paused.Concurrent FilesUploadDownloadEnterprise DLP supports inspection of all concurrent file uploads and downloads.File Encryption Not SupportedEnterprise DLP can't inspect encrypted files. You must create a decryption rule to enable Enterprise DLP inspection.Enterprise DLP can't inspect files encrypted using the encryption option for AIP labels. - Enterprise DLP Supported File TypesThe enforcement point inspects both the file type and the specific file extension for all file types before forwarding to Enterprise DLP. The file type inspection is based on the signature of the file and is commonly referred to as the magic byte. The file extension is indicated in the suffix in the file name. For example, .docx, .csx, and .js.The file types that the enforcement point forwards to Enterprise DLP depends on the File Scan Mode setting configured in your DLP Rule on Strata Cloud Manager or data filtering profile on Panorama:
- Include—The enforcement point only forwards supported file types to Enterprise DLP for inspection and verdict rendering.To begin Enterprise DLP inspection the enforcement point first examines the file type and then examines the file extension to ensure Enterprise DLP can successfully inspect the file. The enforcement point then forwards the file to Enterprise DLP after it verifies that Enterprise DLP supports both the file type and file extension. Despite examining both the file type and file extension, Enterprise DLP always prioritizes the file type over the file extension.
- Exclude—The enforcement point forwards all file types, except for those you decided to exclude, to Enterprise DLP for inspection and verdict rendering. However, Enterprise DLP inspects and renders verdicts only on supported file types.To begin Enterprise DLP inspection the enforcement point first examines the file type and then examines the file extension to verify it's not a file type you excluded from Enterprise DLP inspection. After verifying it's not an excluded file type, the enforcement point forwards the file to Enterprise DLP. Enterprise DLP then continues to inspect and render a verdict on supported file types while ignoring unsupported file types.
When you enable Optical Character Recognition (OCR), Enterprise DLP inspects the first 5 images per inspected file.File TypeFile ExtensionDirection Notes 7z.7zUploadDownloadNo maximum number of file compression levels.The total file size for all extracted files cannot exceed 125 MB for apps that support 100 MB file sizes or 25 MB for apps that support 20 MB file sizes.(Upload only) Enable Optical Character Recognition (OCR) to inspect images in compressed files.asm.sUploadDownload—c_cpp-hdr.hUploadDownload—c_cpp-src.cUploadDownload—cpp-hdr.hpp.h++.hxxUploadDownload—cpp-src.cpp.c++.cxxUploadDownload—csharp.cs.csxUploadDownload—csv.csvUploadDownload—doc.docUploadDownload—docx.docx.docmUploadDownload—gif.gifUploadEnterprise DLP supports Static GIFs only.Requires Optical Character Recognition (OCR).go.goUploadTo forward GO files to Enterprise DLP, you must configure the File Scan Mode as Exclude in your DLP rule on Strata Cloud Manager or data filtering profile on Panorama. Enterprise DLP doesn't support forwarding GO files using Include File Scan Mode.For example, you want to create a DLP rule to forward coding and scripting files, including GO.You create a DLP rule with Exclude File Scan Mode configured and select all the file types you don't want to forward. You don't select js, pl, and vbs . In this case, JS, PL, VBS, and GO files are forwarded to Enterprise DLP.gzip.gz.tgzUploadDownload- Prisma Access and NGFW (Managed by Panorama or Strata Cloud Manager)—Enterprise DLP supports up to four levels of file compression. The total file size for all uncompressed files may not exceed the maximum supported file size for each app.
- Data Security—No maximum number of file compression levels. The total file size for all uncompressed files cannot exceed the maximum supported file size for each app.
- Up to 8 levels of file compression.
- Up to 1024 sub-files across the entire archive file.
- A total archive file size of 125 MB
(Upload only) Enable Optical Character Recognition (OCR) to inspect images in compressed files.html.htmlUploadSupported on PAN-OS 11.1 and later releases.To forward HTML files to Enterprise DLP, you must configure the File Scan Mode as Exclude in your DLP rule on Strata Cloud Manager or data filtering profile on Panorama. Enterprise DLP doesn't support forwarding HTML files using Include File Scan Mode.For example, you want to create a DLP rule to forward coding and scripting files, including HTML.You create a DLP rule with Exclude File Scan Mode configured and select all the file types you don't want to forward. You don't select js, pl, and vbs . In this case, JS, PL, VBS, and HTML files are forwarded to Enterprise DLP.java-src.javaUploadDownload—js.jsUpload—matlab/obj-c.mUploadDownload—pdf.pdfUploadDownload—pl.pl.pmUploadDownload—powershell.ps1.ps2.psc1.psd1.psm1.ps1xml.ps2xml.clixmlUploadDownload—ppt.ppt UploadDownload—pptx.pptx.pptm.ppsx.ppsmUploadDownload—py.pyUploadDownload—r.rUploadDownload—rtf.rtfUploadDownload—ruby.rbUploadDownload—txt-upload.txtUpload—vbs.vbsUploadDownload—verilog.v.vhUploadDownload—vhdl.vhdlUploadDownload—vsd.vsdUploadDownloadRequires Application and Threats content release 8656-7766 or later versions installed on Panorama and managed NGFW, or Strata Cloud Manager.vsdm.vsdmUploadDownloadRequires Application and Threats content release 8656-7766 or later versions installed on Panorama and managed NGFW, or Strata Cloud Manager. vsdx.vsdxUploadDownloadRequires Application and Threats content release 8656-7766 or later versions installed on Panorama and managed NGFW, or Strata Cloud Manager. xls .xls UploadDownloadEnterprise DLP does not support inspection of images or pivot tables.xlsx.xlsx .xlsm.xlsbUploadDownloadEnterprise DLP does not support inspection of images or pivot tables.
Encoding Schemas
Encoding schemas supported by Enterprise Data Loss Prevention (E-DLP).
Enterprise DLP supports the following encoding schemas for supported file types.
Detection of encoding schemas for any DLP service relies on heuristically guessing
the character encoding of a series of bytes that represent text. As a result,
encoding schema detection is recognized as being inherently unreliable. This means
that Enterprise DLP may not be able to always detect encoded files. Palo Alto
Networks is continuously working on and improving Enterprise DLP's ability to
detect encoded file types to prevent exfiltration of sensitive data.
- Base64
- Big5
- EUC-JP
- EUC-KR
- GB18030
- IBM855
- ISO-2022-CN
- UISO-2022-JP
- ISO-2022-KR
- ISO-8599-1
- ISO-8599-2
- ISO-8599-3
- ISO-8599-4
- ISO-8599-5
- ISO-8599-6
- ISO-8599-7
- ISO-8599-8
- ISO-8599-9
- ISO-8599-11
- ISO-8599-12
- ISO-8599-13
- ISO-8599-15
- KOI8-R
- Shift_JIS
- UTF-8
- UTF-16BE
- UTF-16LE
- windows-1251
- windows-1252
- windows-1253
- windows-1255
Detection Methods
Supported Enterprise Data Loss Prevention (E-DLP) detection methods to detect sensitive
data.
Review the list of Enterprise Data Loss Prevention (E-DLP) detection methods. Detection methods are
traffic match criteria techniques used by Enterprise DLP to inspect for and prevent
exfilitration of sensitive data. Detection methods can be added alongside any
combination of predefined, custom regex, or file property data patterns in an advanced data profile.
|
Feature
|
Description
| Panorama | Strata Cloud Manager |
|---|---|---|---|
|
Upload custom documents containing intellectual property for which
you want to prevent exfiltration. Custom document types function as
traffic match criteria in advanced data profiles.
|
√
Configured on Strata Cloud Manager
|
√
| |
|
Advanced data profiles allow you to specify whether you want to Enterprise DLP to detect all instances of traffic match
criteria or only unique instances of the traffic match criteria.
| — | √ | |
|
Data dictionaries are a collection of one or more keywords or phrases that you
want to detect and prevent exfilitration. A data dictionary is added
as a match criteria alongside the other supported match criteria in
advanced and nested data profiles to
increase the Enterprise Data Loss Prevention (E-DLP) detection accuracy.
|
√
Configured on Strata Cloud Manager
|
√
| |
|
Upload data sets to detect sensitive and personally identifiable
information (PII) in structured data sources. EDM data sets function
as traffic match criteria in advanced data profiles.
|
√
Configured on Strata Cloud Manager
|
√
| |
| Allows Enterprise DLP to inspect images containing sensitive data in file-based traffic inspection. |
√
Configured on Strata Cloud Manager
|
√
|
Features
Supported Enterprise Data Loss Prevention (E-DLP) features.
Review the list of supported Enterprise Data Loss Prevention (E-DLP) features.
Some Enterprise DLP features supported on NGFW (Managed by Panorama) and Prisma Access (Managed by Panorama) require access to Strata Cloud Manager to enable and configure.
See the supported data profile actions for Enterprise DLP
for more information on which data profile actions are supported.
|
Feature
|
Description
| Panorama | Strata Cloud Manager |
|---|---|---|---|
|
Custom data profile that can include all functionality of classic data patterns, and advanced detection methods such as
Exact Data Matching (EDM) or custom document types.
|
√
Configured on Strata Cloud Manager
|
√
| |
|
Audit logs for a comprehensive history of the changes that occurred across Enterprise DLP. They maintain a history of when data patterns and data profiles are created, updated, or
deleted.
|
√
Configured on Strata Cloud Manager
|
√
| |
|
Custom data profile that can include any combination of predefined, regular
expression (regex), or file property data patterns.
|
√
|
√
| |
|
Export and import your Enterprise DLP to provides data security administrators
the ability to manage your Enterprise DLP configuration across different
environments and share configurations with security teams, compliance officers, and
other stakeholders who need visibility into Enterprise DLP configuration
without direct access to your production Strata Cloud Manager tenant or your Panorama.
|
√
Configured on Strata Cloud Manager
|
√
| |
|
The Data Asset Explorer provides comprehensive visibility into all sensitive files,
messages, and non-file based traffic, referred to as assets, detected by Enterprise DLP across your data security enforcement channels.
|
√
Viewed on Strata Cloud Manager
|
√
| |
|
Provides quantifiable metrics to measure the overall data risk for your
organization and gives administrators the ability to analyze and take preventative
action to strengthen your data risk security posture using the Data Risk
Dashboard.
| — |
√
| |
|
Enterprise DLP performs inline inspection of outbound emails to prevent
exfiltration of emails containing sensitive information using AI/ML powered data
detections.
|
—
|
√
| |
|
Use Endpoint DLP to prevent exfiltration of sensitive data to peripheral devices
such as USB devices, printers, and network shares, or to control access to them.
| — |
√
| |
|
Integrate Enterprise DLP with Cortex XSOAR to use Enterprise DLP
End User Alerting, granting your team members the ability to self-service temporary
exemptions for file uploads that match your data profiles.
|
√
Configured on Strata Cloud Manager
|
√
| |
|
End User Coaching allows you to display notifications to end users in the Access Experience User Interface (UI) when
they generate an Enterprise DLP or Endpoint DLP incident.
|
—
|
√
| |
| Enterprise DLP Migrator |
Use the Enterprise Data Loss Prevention (E-DLP) Migrator to migrate your Symantec DLP policy rules
and convert them into SaaS Security policy rules. This allows you to
quickly transition to Palo Alto Networks Enterprise DLP without the need to
manually recreate all your Security policy rules designed to prevent exfiltration of
sensitive data.
| — |
√
|
|
Connect an AWS storage bucket, Azure storage bucket, or SFTP server to Enterprise DLP to automatically store files scanned by tEnterprise DLP that
match your data profiles. After Enterprise DLP successfully stores a file, you
can download the file for further investigation.
|
√
Configured on Strata Cloud Manager
|
√
| |
|
Granular data profiles enhance your Enterprise Data Loss Prevention (E-DLP) detection capabilities
by allowing you to apply differentiated inline content inspection requirements and
response actions within the same Security policy rule. For example, you can use a
single granular data profile to block high-risk data patterns while alerting on
lower-risk ones, set varying log severities for different data profiles, and
selecting specific file types for each data profile included the granular data
profile.
|
√
Configured on Strata Cloud Manager
|
√
| |
|
Configure Internet Content Adaptation Protocol (ICAP) forwarding to integrate your
existing on-premises third party DLP solutions with Enterprise Data Loss Prevention (E-DLP).
|
√
Configured on Strata Cloud Manager
|
√
| |
|
Monitor sharing of sensitive passwords over chat-based applications. Enterprise DLP uses contextual messages to understand instances where a password
might have been shared. When Enterprise DLP detects that a password was shared,
a DLP Incident is generated that displays a snippet of the response containing the
password.
| — |
√
| |
|
Custom data profile that contains multiple nested data profiles that allows you to
consolidate the match criteria to prevent exfiltration of sensitive data to a single
data profile that can be used in a single Security policy rule.
|
√
Configured on Strata Cloud Manager
|
√
| |
| Configure Enterprise DLP data profiles to inspect non-file based traffic to prevent exfiltration of sensitive data through collaboration applications, web forms, Cloud applications, and social media. |
√
|
√
| |
|
Report false positive detections to Palo Alto Networks to improve Enterprise DLP detection accuracy for yourself and other Enterprise DLP
users. You report false positive detections against the DLP Incident where the false
positive detection occurred.
|
√
Configured on Strata Cloud Manager
|
√
| |
| Create a Log Forwarding profile to automatically forward Enterprise Data Loss Prevention (E-DLP) incident and audit syslogs to your third-party security information and event management (SIEM), Security Orchestration, and Response (SOAR), or other automated ticketing systems. This enables your SOC Analysts and Incident admins to effectively triage, review, and resolve data security risks that occur in your organization. |
—
|
√
| |
|
Test the efficacy of your Enterprise Data Loss Prevention (E-DLP) data profiles before adding them
to your Security policy rule and pushing to your production NGFW and
Prisma Access tenants. This allows you to validate your data profiles against
a file containing known sensitive data to ensure accurate detection by Enterprise DLP.
|
√
Configured on Strata Cloud Manager
|
√
|
Double Byte Characters
Enterprise Data Loss Prevention (E-DLP) supports detection of sensitive data in Chinese, Japanese,
and Korean (CJK) double byte characters.
Enterprise Data Loss Prevention (E-DLP) supports detection of sensitive data for the following double
bye character set languages:
- Chinese (simplified)
- Chinese (traditional)
- Korean
- Japanese
Review the table below to learn more about which Enterprise DLP enforcement
channels, file types, and detection methods support and don't support double byte
characters.
- SupportedCategorySupportedChannelPrisma Access (Managed by Strata Cloud Manager)SaaS Security (API and Inline)File Types.csv.pdf.txtMicrosoft Office (.doc, .docx, .ppt, .pptx, .xls, .xlsx)ZIP filesDetection MethodsPredefined and custom regular expression (regex) data patternsPredefined and custom file property data patterns
- Not SupportedCategoryNot SupportedChannelNGFW (Managed by Panorama)NGFW (Managed by Strata Cloud Manager)File TypesMicrosoft Visio (.vsd, .vsdm, .vsdx)Image files (.jpg, .jpeg, .png, .tif, .tiff)All source code file typesDetection MethodsTitus tags for file property data patterns(SaaS Security API and Inline) Regex data patterns for PDF files
For example, Enterprise DLP can inspect and block an outbound email if sensitive
data is written in double byte plaintext characters directly in the email subject or
body. However Enterprise DLP can't inspect and block an outbound email if sensitive
data is written in double byte plaintext characters in a document meant to be detected
with a custom document type.
Non-File Based Traffic
Enterprise Data Loss Prevention (E-DLP) supports inspection of non-file based traffic.
Enterprise Data Loss Prevention (E-DLP) supports inspection of non-file based traffic for sensitive
data. A data filtering profile configured for non-file based traffic detection allows
you to configure URL and application exclusion lists to exclude specific URL and
application traffic from Enterprise DLP inspection.
On the Panorama® management server, each data profile you create can be configured to
inspect for either file based traffic or for non-file based traffic, or for both. On Strata Cloud Manager, you need to enable non-file based DLP inspection. After you enable this setting on
Strata Cloud Manager you can modify a DLP rule to inspect for either file
based traffic or for non-file based traffic, or for both.
Inspection of non-file based traffic is supported on Panorama running
PAN-OS 10.2.1 and later releases and Enterprise DLP plugin 3.0.1 and later
releases.
To upgrade to PAN-OS 10.2.1, you must install Application and Threats content release
version 8552-7333 or later version on Panorama and managed
firewalls using Enterprise DLP. This is required to support non-file based
traffic inspection.