The Data Loss Prevention policy evaluates all active Real Time rules against the web requests in your environment. Upon determining that a web request matches the identity and destination criteria of a Real Time rule, Umbrella then inspects the web request for matches with the rule’s configured data classifications and file labels. Exclusions enable you to narrow your data criteria monitoring to specific applications and destinations. For example, if you have the rule to monitor data classifications for an application, but want to exclude some domains or URLs from being scanned, you can exclude a destination list with those domains. Traffic through that application will be scanned with the exception of the destination list excluded.
Within the context of a Real Time rule, exclusions will always override inclusions. For example, if a rule states that a domain on one list is excluded but the same domain is included on another destination list, the domain will automatically be excluded from the rule.
Add a Real Time Rule to the Data Loss Prevention Policy < Understand Exclusions in a Real Time Rule > Supported Applications
Updated 9 months ago