search cancel

DLP Agent performance degrades when a user remotely accesses another endpoint


Article ID: 163296


Updated On:


Data Loss Prevention Endpoint Prevent


DLP Agent performance degrades when an endpoint user accesses another endpoint using the Microsoft Remote Desktop Connection application and both endpoints have DLP Agents running.


Performance may be degraded because the endpoint that uses a Remote Desktop Connection to access the other endpoint attempts to analyze the network packets that are generated for the Remote Desktop Connection. The endpoint being accessed may also experience similar performance degradation due to the same network packet analysis process.


Whitelist network access monitoring for the Microsoft Remote Desktop Connection application.

Complete the following steps in the Enforce Server administration console:

  1. Go to System > Agents > Application Monitoring.
  2. Add the Microsoft Remote Desktop Connection application.
    • ​Enter Microsoft Remote Desktop Connection in the Name field.
    • Enter mstsc\.exe in the Internal Name field.
    • Enter mstsc\.exe in the Original Filename field.
    • Select Generic under the Application Type section.
  3. Enable the following under the Application Monitoring Configuration section:
    • Print/FAX
    • Clipboard, Paste
    • Write operations
  4. Confirm that Network access is disabled.
  5. Save your changes.