To simplify policy management and enhance comprehensive coverage,
Enterprise Data Loss Prevention (E-DLP) now supports creating a dedicated file type exclusion list
when modifying a
DLP rule. File Type Exclusions provide
your data security administrators with a flexible and efficient way to define the
traffic that should and should not be forwarded to
Enterprise DLP. When your
data security administrator configures a DLP rule with an exclusion list,
Enterprise DLP automatically instructs the enforcement point to forward all
file types except those specifically added to the exclusion list to
Enterprise DLP for inspection and verdict rendering. This ensures that
inspection resources are focused on potentially sensitive, relevant traffic. Your
data security administrator configures the file type exclusions for a specific DLP
rule when defining the data profile match criteria action and log severity. Data
security administrators must choose between an inclusion file list or an exclusion
file list for a DLP rule.
Enterprise DLP doesn't support configuring both
simultaneously.