Endpoint DLP
Use Endpoint DLP to prevent data loss over peripheral devices and discover sensitive
data stored on managed endpoints.
On
May 7, 2025,
Palo Alto Networks is introducing new
Evidence Storage and
Syslog Forwarding service IP
addresses to improve performance and expand availability for these services
globally.
| Where Can I Use This? | What Do I Need? |
|---|
| Prisma Access (Managed by Strata Cloud Manager) |
Endpoint DLP license - Autonomous DEM 5.3.4 or later
- Prisma Access Agent
- Prisma Access 5.1 (Preferred or Innovation) or later
|
Use Endpoint DLP to prevent exfiltration of sensitive data to peripheral devices such as
USB devices, printers, and network shares, or to control access to them. To prevent
exfiltration of sensitive data, files moved between a device and the connected
peripheral device are sent to Enterprise Data Loss Prevention (E-DLP) for inspection and verdict
rendering.
You can also use Endpoint DLP to scan managed endpoint devices for
sensitive data at rest. Data at rest scanning uses the local detection engine on the Prisma Access Agent to discover sensitive files across Windows and macOS devices
using regex-based and OCR-based pattern matching.
