Creating a Notification Policy for a Prevention Rule

For ITM / Endpoint DLP prevention rules, a notification policy lets you define an endpoint notification that will notify end users about disallowed activities.

Notification policies are assigned to one or more prevention rules. The notification appears as a pop-up message when an activity is blocked by a prevention rule.

From a prevention rule, you select the action:

  • Block the action

  • Prompt the user to provide a justification

Then you assign the notification policy to the rule by clicking Assign End User Notification. For details about creating a Notification Policy, see Notification for Endpoint Activities.