Endpoint DLP - Corporate network versus VPN

New Contributor

Hi All,


I need more clarity on the above since both Configure endpoint DLP settings - Microsoft Purview (compliance) | Microsoft Learn and Using Endpoint DLP - Microsoft Purview (compliance) | Microsoft Learn aren't explicit at all with regard to how to define / configure the "Corporate network".


Similarly, endpoint DLP, Data Loss Prevention ( is pretty clear about how to do it for VPN but no mention of "Corporate network".


Any input is welcome.


Best regards,


4 Replies
So, as I understand it - the settings you configure in Endpoint DLP will apply to all compatible endpoint devices - in this case I guess you could refer to that as your "corporate network".

However, under the VPN settings, you can apply different restrictions to activity performed when users are connected to your "corporate network" using the VPN.

So essentially, the VPN settings can be configured as exceptions to the rule if you will, as they may require different standards.

Hi @PeterRising,


Many thanks for your reply. So if I understand well, "corporate network" refers to a set of devices, while VPN network refers to a set of IP ranges. I was asking because I was wondering if "corporate network" had anything to do with Conditional Access named locations (Location condition in Azure Active Directory Conditional Access - Microsoft Entra | Microsoft Learn).

best response confirmed by CorradoP (New Contributor)
You can used the named locations in CA to define your corporate locations yes, but I don't know of any way to use these in conjunction with Endpoint DLP. There are only VPN settings just now.
Thanks for confirming.