Hi colleagues,
I have an issue with a customer. He has a Symantec DLP 15.7 with only Endpoint Prevent Servers. Microsoft Teams was working and still working on its classic version but employees with the new version of Microsoft Teams are not getting blocked as per our policy. I tried to include a new custom Global Applicationa (for msedgewebview2\.exe) as per this Broadcom KB article New version of Desktop Microsoft Teams Application is not triggering DLP response Rules.
but still dont see any results. In addition, just for the recap, in Global Application Monitoring exist the default Microsoft Teams (Teams\.exe) and I have added as well this application which I noticed on the Task Manager that is running (ms-teams.exe).
So, in total three Applications for monitoring:
- Teams\.exe
- ms-teams\.exe
- msedgewebview2\.exe
but none of them are preventing the transfer of sensitive files via MS Teams.
Could you please assist me on that, if anyone had a similar challenge but he/she was able to manage it?
Best Regards,
Chris K.