Data Loss Prevention

Dear,

I have a doubt the deloy of the dlp enpoint via SCCM in windows x64 its made in the folder C:\Program Files (x86)\Manufacturer\Endpoint Agent , change the installation folder maybe cause any problem with the agent and the rules or deteccion?

Product: AgentInstall64.msi
           ******* Action: 
           ******* CommandLine: **********
MSI (c) (B8:08) [14:20:46:003]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (B8:08) [14:20:46:003]: Grabbed execution mutex.
MSI (c) (B8:08) [14:20:46:720]: Cloaking enabled.
MSI (c) (B8:08) [14:20:46:720]: Attempting to enable all disabled privileges before calling Install on Server
MSI (c) (B8:08) [14:20:46:752]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (1C:2C) [14:20:46:767]: Running installation inside multi-package transaction C:\Windows\ccmcache\3\AgentInstall64.msi
MSI (s) (1C:2C) [14:20:46:767]: Grabbed execution mutex.
MSI (s) (1C:4C) [14:20:46:767]: Resetting cached policy values
MSI (s) (1C:4C) [14:20:46:767]: Machine policy value 'Debug' is 0
MSI (s) (1C:4C) [14:20:46:767]: ******* RunEngine:
           ******* Product: C:\Windows\ccmcache\3\AgentInstall64.msi
           ******* Action: 
           ******* CommandLine: **********
MSI (s) (1C:4C) [14:20:46:783]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (1C:4C) [14:20:46:814]: SRSetRestorePoint skipped for this transaction.
MSI (s) (1C:4C) [14:20:46:861]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer 3: 2 
MSI (s) (1C:4C) [14:20:46:892]: File will have security applied from OpCode.
MSI (s) (1C:4C) [14:20:46:939]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'C:\Windows\ccmcache\3\AgentInstall64.msi' against software restriction policy
MSI (s) (1C:4C) [14:20:46:939]: SOFTWARE RESTRICTION POLICY: C:\Windows\ccmcache\3\AgentInstall64.msi has a digital signature
MSI (s) (1C:4C) [14:20:46:939]: SOFTWARE RESTRICTION POLICY: C:\Windows\ccmcache\3\AgentInstall64.msi is permitted to run because the user token authorizes execution (system or service token).
MSI (s) (1C:4C) [14:20:47:360]: End dialog not enabled
MSI (s) (1C:4C) [14:20:47:360]: Original package ==> C:\Windows\ccmcache\3\AgentInstall64.msi
MSI (s) (1C:4C) [14:20:47:360]: Package we're running from ==> C:\Windows\Installer\5b154.msi
MSI (s) (1C:4C) [14:20:47:469]: APPCOMPAT: Compatibility mode property overrides found.
MSI (s) (1C:4C) [14:20:47:563]: APPCOMPAT: looking for appcompat database entry with ProductCode '{D675A448-C21A-47C9-9F9D-1FF04A02570A}'.
MSI (s) (1C:4C) [14:20:47:563]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (1C:4C) [14:20:48:093]: MSCOREE not loaded loading copy from system32
MSI (s) (1C:4C) [14:20:48:109]: Machine policy value 'TransformsSecure' is 0
MSI (s) (1C:4C) [14:20:48:109]: User policy value 'TransformsAtSource' is 0
MSI (s) (1C:4C) [14:20:48:203]: Machine policy value 'DisablePatch' is 0
MSI (s) (1C:4C) [14:20:48:203]: Machine policy value 'AllowLockdownPatch' is 0
MSI (s) (1C:4C) [14:20:48:203]: Machine policy value 'DisableLUAPatching' is 0
MSI (s) (1C:4C) [14:20:48:203]: Machine policy value 'DisableFlyWeightPatching' is 0
MSI (s) (1C:4C) [14:20:48:218]: APPCOMPAT: looking for appcompat database entry with ProductCode '{D675A448-C21A-47C9-9F9D-1FF04A02570A}'.
MSI (s) (1C:4C) [14:20:48:218]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (1C:4C) [14:20:48:218]: Transforms are not secure.
MSI (s) (1C:4C) [14:20:48:218]: PROPERTY CHANGE: Adding MsiLogFileLocation property. Its value is 'C:\installAgent.log'.
MSI (s) (1C:4C) [14:20:48:218]: Command Line: INSTALLDIR=C:\Program Files (x86)\Manufacturer\Endpoint Agent 

you should be able to customize the default installation directory for endpoint.

Hello,

I've seen different locations for the DLP agent without impacts in the agent performance (detection, etc...).

Best,

Morgado