When integrating cloud-based storage solutions like Azure File Sync or Microsoft's CloudFiles with Symantec Endpoint Protection (SEP), it's essential to understand the compatibility and recognition of specific file attributes. This article focuses on SEP's support for and recognition of CloudFiles, which utilize the following attributes:

• FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS
• FILE_ATTRIBUTE_RECALL_ON_DATA_OPEN

For further details, please refer to the Microsoft documentation provided below:

File Attribute Constants (WinNT.h) - Win32 apps | Microsoft Learn

CloudFiles was introduced with Windows 10 version 1709 (Fall Creators Update), formalizing support for sync engines. 

Symantec Endpoint Protection has the capability to identify files with the FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS attribute set. By default, files are scanned when they are opened, created, or run. Additionally, scheduled scans allow skipping the scanning of dehydrated files when the scan utilizes the default scheduled scan policy settings "skip offline and sparse files."

For further information, please check:

Advanced Scanning Options: Storage Migration (broadcom.com)