This topic is for ITM / Endpoint DLP rules only.
ITM / Endpoint DLP Detection Rules are used to trigger alerts. You can define the severity of the alert and configure notifications to be sent when an alert is triggered.
Prevention Rules are used to block harmful users or action by preventing file exfiltration to USB or Cloud Sync folder. You can define lists of permitted and prevented values for users, files extensions and devices.
Currently, by default, a limit is set allowing you to activate up to 100 total (detection and prevention) rules. Contact Proofpoint support if you want to change this.
Related Topics: