This topic is for ITM / Endpoint DLP rules only.
Detection Rules are used to trigger alerts. You can define the severity of the alert and configure notifications to be sent when an alert is triggered.
Prevention Rules: Policies for stopping data exfiltration. Depending on the activity, you can select to block or prompt for justification. Allow is also supported for Upload Files to the Web. (See ITM / Endpoint DLP Prevention Rules.)
Endpoint Rules: Support Apply On-Demand policies and Retain Files rules. (See Endpoint Rules.)
Currently, by default, a limit is set allowing you to activate up to 100 total (detection and prevention) rules. Contact Proofpoint support if you want to change this.
Related Topics: