03-21-2025 07:19 AM - edited 03-21-2025 07:21 AM
I'm working on testing an Enterprise DLP data profile that includes blocking traffic for non-file-based detections (e.g., PCI data in a Teams message). For file-based detections, the behavior is fairly straight-forward: the upload fails, Teams throws an error, user weeps. For non-file-based detections... Teams behaves strangely.
Teams will, seemingly indefinitely, continue to try and try to post the message that the firewall will block. It doesn't appear to have a sane retry or failure state like it does with file-based detections. It will also spam the firewall and E-DLP portal with events and evidence.
I'm curious if anyone has observed this behavior, or might have an idea of how to get Teams... if possible... to fail a bit more gracefully in cases like this.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
