Managing a complex security policy rulebase and minimizing false positive data loss prevention incidents requires fine-grained control over network inspection settings. The Enterprise Data Loss Prevention (E-DLP) Exclude URLs and Apps for Non-File Based Traffic feature enables your data security administrators to precisely define traffic inspection exceptions within a DLP rule.

Your data security administrators can now easily exclude certain URLs and apps from having their non-file based traffic forwarded to Enterprise DLP for inspection. This exclusion capability is essential for several scenarios. For example, when you have traffic containing sensitive data destined for specific, trusted URLs and you want to exclude them from incident reporting, or when you only require file-based traffic inspection for specific apps but do not need inspection of accompanying non-file based data. This prevents unnecessary processing and avoids false positive detections.

By configuring these targeted exclusions using existing Security policy rules, you significantly ease the operational overhead of managing your policy rulebase, reducing the total number of policy rules required and improving overall system efficiency. This allows you to continue enforcing your data loss prevention requirements only where they are most needed.