ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Configure DLP to monitor Remote Desktop Protocol on endpoints


Article ID: 162237


Updated On:


Data Loss Prevention Endpoint Prevent Data Loss Prevention Enforce Data Loss Prevention Endpoint Discover


Symantec DLP endpoints are not monitoring or reporting actions over Remote Desktop Protocol (RDP).


Application monitoring needs to be configured


On the Symantec DLP Enforce console, configure the following:


  • Navigate to System | Agent | Application Monitoring
    • Click Add Application
    • Under Application Information create a name for your application monitor rule
    • Under Application Information fill out Internal Name and Original Filename with "mstsc\.exe" (no quotation marks)
    • Ensure Application File Access is checked off and set to Read under Application Monitoring Configuration
    • Click Save
  • Add another Application Monitoring rule by repeating the process above but instead specifying "rdpclip\.exe" (no quotation marks)
  • Update your DLP endpoint policy


rdpclip.PNG get_app