By default, DFS file share scans will scan the dynamic internal DFS folders that DFS creates. These folders are internal to DFS, so they do not need to be scanned.
To exclude DFS internal folders
1. In the Enforce Server administration console, on the Policies menu, click Discover Scanning > Discover Targets.
2. Click the name of the scan where you want to add the exclude filter for the DFS internal folders.
3. Click the Scanned Content tab.
4. Enter /DfsrPrivate/* in the Exclude Filters field.
5. Click Save.
For more details about using Exclude Filters, see the Symantec Data Loss Prevention Administration Guide.