Beginning with Symantec Data Loss Prevention 15.5, you can easily customize the content inspection size of files beyond the default maximum of 30 MB. To adjust the content inspection size, configure a server using the Enforce Server administration console at System > Servers and Detectors > Overview > Configure Server, and select the Detection tab for detection servers. You can move the slider on the Detection tab to the value you desire. Depending on the content inspection size you choose, certain advanced settings are automatically adjusted.
You need to edit certain properties files on the Enforce Server and the Discover Server to use this feature if you move the slider beyond 30 MB. In addition, you may need to increase your system memory if you do not have enough to accommodate your preferred content inspection size.
You do not need to edit properties files or increase memory for DLP Agents.
Note: After you edit properties files, you must save the files and restart services to implement your changes.
There are different content inspection file size limit for different channels. The following table lists the different channels that Symantec has tested and the corresponding supported file size limits.
|Channel||File size limit|
|Endpoint Prevent||150 MB|
|Discover Exchange Crawler||150 MB|
|Discover File System||2 GB|
|Discover Sharepoint||2 GB|
|Appliance - REST||
1.7 GB (Base64 encoded)
|Web Prevent FTP||150 MB|
|Web Prevent HTTPS/HTTP||100 MB|
|SMTP Prevent||150 MB|
See the attached Guidelines for tuning Symantec Data Loss Prevention to scan large files (last updated on 7 February 2020).