ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Endpoint policies that include an EDM rules will cause extra messages to be sent to the Endpoint Server


Article ID: 159671


Updated On:


Data Loss Prevention Endpoint Prevent


EDM detection rules on an Endpoint Agent can cause network performance issues.  



[DLP Endpoint Prevent] 14.0 to 15.0


To reduce the number of messages, we recommend creating a compound rule for the Endpoint policy.

 First, set the rule for the EDM, then select 'also match' a DCM target, such as a keyword or a data identifier.

The DCM detection rule will work as a short circuit. Only the messages that match the DCM will be sent to the Server.