Platform Support
Focus
Focus
Enterprise DLP

Platform Support

Table of Contents


Platform Support

Platforms supported by Enterprise Data Loss Prevention (E-DLP).
The following platforms support Enterprise Data Loss Prevention (E-DLP). Enterprise DLP data patterns and data filtering profiles are designed to work across all supported platforms to provide consistent data security across all locations. Review the minimum versions and licenses required for each.
Enterprise DLP supports multitenancy on the Panorama™ management server with the following restrictions:
  • Only a Superuser on Panorama can create Enterprise DLP patterns and profiles, and can associate profiles to Security policy rules for tenants.
  • A Superuser must commit all changes to Panorama whenever they make changes to patterns and profiles.
  • All tenants share a single copy of pattern and profile configurations; therefore, Enterprise DLP synchronizes any changes done you make across all your tenants where you activated Enterprise DLP.
  • Since Security policy rules can be different across tenants, each tenant can have different data profiles associated with Security policy rules.
  • NGFW and VM-Series (Managed by Panorama)
    PA-410, PA-415, and PA-415-5G firewalls are not supported.
    • NGFW PAN-OS Version—PAN-OS 10.0.2 or a later version.
    • Panorama PAN-OS VersionM-Series or virtual appliance running PAN-OS 10.0.2 or later version.
      To successfully use Enterprise DLP, you must configure your Security policy rule and Security Profile Group on Panorama and push these configurations to your managed firewalls.
      Enterprise DLP does not support pushing an Enterprise DLP data filtering profile to your managed firewall and referencing the data filtering profile in a Security policy rule or Security Profile Group created locally on the firewall.
    • Apps & Threats Content Update Version—Application and Threats content release version 8334 or a later version.
      Upgrade to PAN-OS 10.0.3 and install Application and Threats content release version 8413 or later version for additional application support.
    • Licenses—Support licenses (NGFW and Panorama) and a Panorama device management license.
  • Prisma Access (Managed by Panorama)
    • Prisma Access VersionPrisma Access 2.0 Innovation or a later version.
    • PanoramaPAN-OS VersionM-Series or virtual appliance running PAN-OS 10.0.2 or later version.
      To successfully use Enterprise DLP, you must configure your Security policy rule and Security Profile Group on Panorama and push these configurations to your managed firewalls.
      Enterprise DLP does not support pushing an Enterprise DLP data filtering profile to your managed firewall and referencing the data filtering profile in a Security policy rule or Security Profile Group created locally on the firewall.
    • Apps & Threats Content Update Version—Application and Threats content release version 8334 or a later version.
      Install Application and Threats content release version 8413 or later version for additional application support.
    • LicensesPrisma Access license, Strata Logging Service license, and Panorama support license.
  • NGFW (Managed by Strata Cloud Manager)
    PA-410, PA-415, and PA-415-5G firewalls are not supported.
    • Review the list of NGFW supported on Strata Cloud Manager.
    • NGFW PAN-OS Version—PAN-OS 10.2.3 or a later version.
    • Apps & Threats Content Update Version—Application and Threats content release version 8614 or a later version.
    • LicensesNGFW support license and a AIOps for NGFW Premium license.
  • Prisma Access (Managed by Strata Cloud Manager)
    • Enterprise DLP is an add-on license for Prisma Access when using Strata Cloud Manager from a Single Prisma SASE Platform or Multitenant Prisma SASE Platform.
      However, the CASB-X and CASB-PA licenses include the Enterprise DLP license by default and does not require a separate license to activate and use Enterprise DLP.
    • Important: Install the Panorama plugin for Enterprise DLP 1.0.6 or later release if you’re using Enterprise DLP on both NGFW and Prisma Access (Managed by Strata Cloud Manager) and NGFW and Prisma Access (Managed by Panorama).
      This is required to ensure Enterprise DLP configurations are successfully synchronized across both Strata Cloud Manager and Panorama.