Sophos Endpoint 10.0.3 on macOS 11.2.1 Big Sur

Hi, currently the latest (as of today, 14 February 2021) version of Sophos Endpoint for macOS on 11.2.1 Big Sur causes issues with operating system performance.

Specifically the Sophos Network Extension process, keeps ballooning in RAM until it gets around twice or more the system RAM of the system, causing other applications to crash or hang, until it cleans itself of RAM, possibly because the process runs out of memory and restarts itself.

I was wondering if there's any knowledge of this or fix in the works.

Parents
  • I'm happy to say that we have identified the issue with the high CPU usage for the Sophos Network Extension process and will be included in our GA release.

    Unfortunately there won't be an update to the EAP before GA which begins rollout next week at which point both EAP and GA lines will update together. If you can provide us with your updating credentials we can move you into the first rollout group, expected to release on Tue 23rd.

    In the meantime, we can offer a workaround to disable the network extension. In Central amend, or create new, policies to disable:

    • Threat Protection
        • Real-time Scanning - Internet

          • Scan downloads in progress
          • Block access to malicious websites
        • Remediation
          • Enable threat case creation
          • Protect network traffic
    • Web Control
      • Disable Web Control 

    Once the features are disabled rebooting the machine will ensure the network extension is not loaded.

    Thank you for all the feedback, it really is appreciated, and we apologize for the inconvenience

Reply
  • I'm happy to say that we have identified the issue with the high CPU usage for the Sophos Network Extension process and will be included in our GA release.

    Unfortunately there won't be an update to the EAP before GA which begins rollout next week at which point both EAP and GA lines will update together. If you can provide us with your updating credentials we can move you into the first rollout group, expected to release on Tue 23rd.

    In the meantime, we can offer a workaround to disable the network extension. In Central amend, or create new, policies to disable:

    • Threat Protection
        • Real-time Scanning - Internet

          • Scan downloads in progress
          • Block access to malicious websites
        • Remediation
          • Enable threat case creation
          • Protect network traffic
    • Web Control
      • Disable Web Control 

    Once the features are disabled rebooting the machine will ensure the network extension is not loaded.

    Thank you for all the feedback, it really is appreciated, and we apologize for the inconvenience

Children