The DLP Endpoint Agent and other program files are blocked when installed on a system where an antivirus (AV) application is installed.
This article covers exclusions for DLP Agents; for servers, see Antivirus flagging Symantec Data Loss Prevention (DLP) as a virus or security threat (broadcom.com).
With a typical antivirus program, excluding a folder prevents the AV program from monitoring data that are written to, or read from, the folder.
Excluding a binary or executable file prevents the AV engine monitoring executable during read and write operations.
It is recommended to whitelist all of the processes, files, and folders that are listed below.
Endpoint Agent Installation Location | C:\Program Files\Manufacturer\Endpoint Agent |
Endpoint Agent Temp Folder Location | C:\Program Files\Manufacturer\Endpoint Agent\temp |
Processes |
edpa.exe |
Drivers | vfsmfd.sys vrtam.sys vnwcd.sys |
Files | C:\Program Files\Manufacturer\Endpoint Agent\*.ead |
Endpoint Agent Installation Location | /Library/Manufacturer/Endpoint Agent |
Endpoint Agent Temp Folder Location | /Library/Manufacturer/Endpoint Agent/Temp |
Processes | edpa wdp cui kvoop |
Drivers | N/A |
Files | /Library/Manufacturer/Endpoint Agent/*.ead |