Applies To: Locally-managed Fireboxes
Data Loss Prevention (DLP) is end-of-life as of 26 February 2025. For Fireboxes that run Fireware v12.11.3, WSM and Fireware Web UI no longer include DLP configuration settings in the user interface. For Fireboxes that run Fireware v12.11.2 or lower, DLP is required by the configuration schema but is no longer functional if your DLP license is expired. For more information, go to this Product and Support News Blog post.
DLP scans each file up to a specified kilobyte count. Any additional bytes in the file are not scanned. This enables the proxy to partially scan very large files without a large effect on performance. You can set a different DLP scan limit for each DLP sensor. The minimum scan limit is 10 Kb for all devices. The default and maximum scan limits vary by device model.
| Default (Kb) | Min | Max | Device Model |
|---|---|---|---|
| 512 | 10 | 5120 | Firebox T15 |
| 5120 | 10 | 30720 | Firebox T35, T55, T70, M370, M470, M570, M670, M4600, M5600, FireboxV |
If you enable DLP and Gateway AntiVirus for the same proxy action, the larger configured scan limit is used for both services.
For information about how to set the scan limit, go to Configure DLP Scan Settings.