Good morning Mihaela. I would recommend adding more information to your first question so our community can have more details of your DLP environment in order to give advice; server type, OS, memory, hard drive size and how many, and if an Endpoint server, how many clients are talking to this server. However, if it is a VM, it is pretty easy to add space, read the system requirements and server sizing documentation to figure out how much space your DLP environment will need, and comply.
For your second question, again you need to provide more detailed information on what you are trying to accomplish, and how you are doing it. Once we know what if the final goal, we can recommend a path to follow. For instance, what detection technology are you testing? EDM, EMDI, IDM, VML, each technology has a purpose and limitation. For instance, if you are trying to block HTTPs traffic based on an AD based policy, it might have a two-tier detection need and it won't be able to block. Indexed documents normally are left for detection servers, but the new EMDI technology can be used in the endpoint, check the Admin guide to properly apply detection technologies based on your needs.
Here are some documents might be useful:
Best practices for Endpoint Protection on Windows servers
Architecture best practices for deploying DLP Endpoint Prevent Detection Servers
DLP 15.7 All documents including Admin guide https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/data-loss-prevention/15-7/Related-Documents.html
Note: I will recommend posting a single question per post.