ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Configure DLP to monitor Remote Desktop Protocol on endpoints
Article ID: 162237
Updated On:
Products
Data Loss Prevention Endpoint Prevent
Data Loss Prevention Enforce
Data Loss Prevention Endpoint Discover
Issue/Introduction
Symantec DLP endpoints are not monitoring or reporting actions over Remote Desktop Protocol (RDP).
Cause
Application monitoring needs to be configured
Resolution
On the Symantec DLP Enforce console, configure the following:
- Navigate to System | Agent | Application Monitoring
- Click Add Application
- Under Application Information create a name for your application monitor rule
- Under Application Information fill out Internal Name and Original Filename with "mstsc\.exe" (no quotation marks)
- Ensure Application File Access is checked off and set to Read under Application Monitoring Configuration
- Click Save
- Add another Application Monitoring rule by repeating the process above but instead specifying "rdpclip\.exe" (no quotation marks)
- Update your DLP endpoint policy
Attachments
Feedback
Yes
No
Powered by
