>
    Edit the Enterprise DLP Data Filtering Settings on Strata Cloud Manager
    Focus
    Download PDF
    Focus
    1. Home
    2. Enterprise DLP
    3. Edit the Enterprise DLP Data Filtering Settings
    4. Edit the Enterprise DLP Data Filtering Settings on Strata Cloud Manager
    Download PDF
    Enterprise DLP

    Edit the Enterprise DLP Data Filtering Settings on Strata Cloud Manager

    Table of Contents

    Edit the Enterprise DLP Data Filtering Settings on Strata Cloud Manager

    Edit the Enterprise Data Loss Prevention (E-DLP) data filtering settings for Prisma Access (Managed by Strata Cloud Manager) and NGFW (Managed by Strata Cloud Manager).
    1. Log in to Strata Cloud Manager.
    2. Select ManageConfigurationData Loss PreventionSettingsData Transfer and edit the Data Transfer settings.
    3. Edit the File Based Settings.
      1. Specify the File Movement Max Latency (sec) for a file forward before an action is taken by Enterprise DLP.
        For inspection of files greater than 20 MB, Palo Alto Networks recommends setting the max latency to greater than 60 seconds.
      2. Specify the Action When Max Latency is Reached (Allow or Block) Enterprise DLP takes if no verdict was received for a file forward due to the file forward time exceeding the configured Max Latency.
        Selecting Block applies only to DLP rules configured to block files. This setting does not impact Enterprise DLP data profiles configured to alert when traffic containing sensitive data is scanned.
      3. Specify the Scan Limit Max File Size for Alert (MB) to enforce the maximum file size for file forwarded to Enterprise DLP when a DLP rules is configured to Alert.
      4. Specify the Scan Limit Max File Size for Block (MB) to enforce the maximum file size for files forwarded to Enterprise DLP for inspection.
      5. Specify the Action on Max File Size (Allow or Block) Enterprise DLP takes if no verdict was received for a file forward due to the file size being larger than the configured Max File Size.
        Selecting Block applies only to DLP rules configured to block files. This setting does not impact Enterprise DLP data filtering profiles configured to alert when traffic containing sensitive data is scanned.
      6. Check (enable) Log Files Not Scanned to generate an alert in the DLP incident when Enterprise DLP can't scan a forwarded file.
      7. Specify the Action When Scanning Error Occurred (Alert or Block) the NGFW or Prisma Access tenant takes when any kind of error occurs that prevents Enterprise DLP from inspecting a forwarded file and rendering a verdict.
      8. Save.
    4. Edit the Non-File Based Settings.
      1. Enable non-file based DLP.
        Enable this setting to prevent exfiltration of sensitive data in non-file format traffic for collaboration apps, web forms, cloud and SaaS apps, and social media on your network.
      2. Specify the Max Latency (sec) to configure the allowable time for a non-file data forwards to determine the allowable time before the NGFW or Prisma Access tenant take the configured Action on Max Latency.
      3. Specify the Action on Max Latency (Allow or Block) NGFW or Prisma Access tenant takes if it did not receive a verdict from Enterprise DLP due to the forward time exceeding the configured Max Latency.
        Selecting Block applies only to DLP rules configured to block non-file data. This setting does not impact Enterprise DLP data profiles configured to alert when traffic containing sensitive data is scanned.
      4. Specify the Min Data Size (B) to enforce a minimum size for non-file data to be scanned by Enterprise DLP. By default, Enterprise DLP supports a minimum non-file traffic data size of 250 bytes.
      5. Specify the Max Data Size (KB) to enforce a maximum size for non-file data to be scanned by Enterprise DLP.
      6. Specify the Action on Data Size (Allow or Block) NGFW or Prisma Access tenant takes if it did not receive a verdict from Enterprise DLP for a non-file traffic due to the traffic data size being larger than the Max Data Size.
        Selecting Block applies only to DLP rules configured to block non-file data. This setting does not impact Enterprise DLP data profiles configured to alert when traffic containing sensitive data is scanned.
      7. Check (enable) Log Data Not Scanned to generate an alert in the DLP incident when Enterprise DLP can't scan non-file traffic.
      8. Save.
    5. In the DLP Settings, configure the Action on any Error to specify the action the NGFW or Prisma Access tenant takes when any kind of error occurs that prevents Enterprise DLP from inspecting forwarded file or non-file traffic and rendering a verdict.
      Select Allow to allow the file or non-file traffic to continue to the intended destination when Enterprise DLP encounters an error or select Block to block the file or non-file traffic. This includes when the NGFW or Prisma Access tenant encounter file or non-file traffic smaller than the configured Min Data Size (B) (non-file), and the Action on Max File Size (file) and Max Data Size (KB) (non-file).
      Save.
    6. Push your DLP rule.
      1. Push Config and Push.
      2. Select (enable) Remote Networks and Mobile Users.
      3. Push.

    © 2025 Palo Alto Networks, Inc. All rights reserved.