topic Enterprise DLP, Microsoft Teams, and Non-File Inspection/Blocking in Enterprise Data Loss Prevention Discussions https://live.paloaltonetworks.com/t5/enterprise-data-loss-prevention/enterprise-dlp-microsoft-teams-and-non-file-inspection-blocking/m-p/1224448#M33 <P>I'm working on testing an Enterprise DLP data profile that includes blocking traffic for non-file-based detections (e.g., PCI data in a Teams message).&nbsp; For file-based detections, the behavior is fairly straight-forward: the upload fails, Teams throws an error, user weeps.&nbsp; For non-file-based detections... Teams behaves strangely.</P> <P>&nbsp;</P> <P>Teams will, seemingly indefinitely, continue to try and try to post the message that the firewall will block.&nbsp; It doesn't appear to have a sane retry or failure state like it does with file-based detections.&nbsp; It will also spam the firewall and E-DLP portal with events and evidence.</P> <P>&nbsp;</P> <P>I'm curious if anyone has observed this behavior, or might have an idea of how to get Teams... if possible... to fail a bit more gracefully in cases like this.</P> Fri, 21 Mar 2025 14:21:55 GMT rickyboone 2025-03-21T14:21:55Z Enterprise DLP, Microsoft Teams, and Non-File Inspection/Blocking https://live.paloaltonetworks.com/t5/enterprise-data-loss-prevention/enterprise-dlp-microsoft-teams-and-non-file-inspection-blocking/m-p/1224448#M33 <P>I'm working on testing an Enterprise DLP data profile that includes blocking traffic for non-file-based detections (e.g., PCI data in a Teams message).&nbsp; For file-based detections, the behavior is fairly straight-forward: the upload fails, Teams throws an error, user weeps.&nbsp; For non-file-based detections... Teams behaves strangely.</P> <P>&nbsp;</P> <P>Teams will, seemingly indefinitely, continue to try and try to post the message that the firewall will block.&nbsp; It doesn't appear to have a sane retry or failure state like it does with file-based detections.&nbsp; It will also spam the firewall and E-DLP portal with events and evidence.</P> <P>&nbsp;</P> <P>I'm curious if anyone has observed this behavior, or might have an idea of how to get Teams... if possible... to fail a bit more gracefully in cases like this.</P> Fri, 21 Mar 2025 14:21:55 GMT https://live.paloaltonetworks.com/t5/enterprise-data-loss-prevention/enterprise-dlp-microsoft-teams-and-non-file-inspection-blocking/m-p/1224448#M33 rickyboone 2025-03-21T14:21:55Z