Release : 15.x
Component : Enforce, Endpoint Detection Server Endpoint Agent

Not applicable to DLP 16.x or 25.1

Re-index of EMDI profile results in full data transferred to the client. There is no incremental update for EMDI profile to the client. But DLP does have an incremental update for policy changes. It's enabled by default with CommLayer.ENABLE_POLICY_MATRIX_DELTA_REPLICATION in agent configuration->advanced setting

Q: Are there any mechanisms available to throttle the index transfer on either the server-side or client-side?
A: Yes, there's minimal throttling on the agent side built into the design, nothing specific to profiles, anything as large as the profile specified will be fragmented within the IP layer and subject to TCP's throttling and backoff algorithms.

Q: Are the policies and indexes in the same transfer, ie, will a future policy update for either EMDI or EMD result in a new ~75MB data transfer to all clients even if there are no changes to the EMDI indexes?
A: No, Policy and indexes/EMDI profiles are transferred by two different replicators. Policy-only changes don't trigger EMDI profile transfer to the client. And EMDI profile changes/re-index don't trigger policy transfer to client.

Q: How can I estimate what client data transfer is required for each type of change? ie, EMDI index update, EMDI policy, EMD policy
A: EMDI index update only trigger the transfer of index/profile. EMDI policy only triggers the transfer of the policy itself(delta - if enabled by default). EDM policy only triggers the transfer of the EDM policy itself.

Q: There are several EMDI profiles in the design. Does an update to one of them force a full download of all the profiles to the client again, or are they each independent?

(The thinking here is that if they are independent, and updated across the space of several days, then we can spread out the download to the clients over time.)

A: One EMDI profile doesn't force the full download of other profiles to client again. So, you can separate one big EMDI profile into smaller ones. Deploy smaller EMDI profile, one by one gradually.

Or,

You can try to use policy group and agent group to update policy/profile for a subset of clients.

 e.g.

1. Create a policy group.
2. Create an EMDI policy with an EMDI rule associated with the EMDI profile.
3. Add this policy to the policy group.
4. Enable this policy group for certain endpoint server.
5. Create agent group with certain endpoint server as group condition. Enable EMDI for this endpoint server.
6. Then only a subset of the agents connecting to this endpoint server can get the policy and EMDI profile. Thus, it can limit the data transfer among the network. Then gradually move on to other endpoint servers and agents.