Whitelist Microsoft Metro Mail in DLP
Article ID: 226409
Updated On:
Products
Data Loss Prevention
Issue/Introduction
The application hxtsr.exe is causing a lot of false positives.
Environment
DLP 15.x
Cause
The Microsoft Metro Mail application is being monitored by Data Loss Prevention
Resolution
In order to reduce false positive incidents for hxtsr.exe traditionally one of the following items were implemented:
1. In Application Monitoring > Microsoft Metro Mail > uncheck all monitoring configuration.
2. Add Agent Configuration > Channel Filters > Add an action for Application file access to not monitor the file for which the incident is triggered.
3. You can add "application file access" in the exception of the policy which triggered the incident.
2. Add Agent Configuration > Channel Filters > Add an action for Application file access to not monitor the file for which the incident is triggered.
3. You can add "application file access" in the exception of the policy which triggered the incident.
The metro info can be seen in the screenshot below:
many have chosen to do the following:
They applied the below changes in the Agent Configuration under Filepath and ignore the below path:
Filepath: $ProgramFiles$\WindowsApps\*
It is always best to test to see which would be best for your environment.
Feedback
Yes
No
Powered by
