Endpoint policies that include an EDM rules will cause extra messages to be sent to the Endpoint Server
search cancel

Endpoint policies that include an EDM rules will cause extra messages to be sent to the Endpoint Server

book

Article ID: 159671

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

EDM detection rules on an Endpoint Agent can cause network performance issues.  

 

Environment

[DLP Endpoint Prevent] 14.0 to 15.0

Resolution

To reduce the number of messages, we recommend creating a compound rule for the Endpoint policy.

 First, set the rule for the EDM, then select 'also match' a DCM target, such as a keyword or a data identifier.

The DCM detection rule will work as a short circuit. Only the messages that match the DCM will be sent to the Server.

 

 

Powered by Wolken Software