This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint Agent makes servers slow

Lately Sophos Endpoint agent on our servers has made our servers almost unusable.

Login takes forever, opening rudimentary programs such as task manager or File explorer takes forever.  I check memory and CPU and both are good. 

I only have Base Policy - Threat Protection enabled currently. If I remove Sophos altogether the server is as speedy as ever.  Is there some setting that has changed lately on Sophos' end?  Is there something I can turn off to enable my servers to be more responsive? Removing and not running antivirus is not a realistic option, but we need to be able to manage the servers as well.

Thanks in advance for the advice!



This thread was automatically locked due to age.
  • I would suggest create a new test threat protection policy and link it to a test server, maybe a couple.  I would then suggest disabling at least some of the features in the policy to see what helps.  Maybe start with the remediation features. 

    • Enable Threat Case creation
    • Allow servers to send data on suspicious files, network events and admin tool activity to Sophos Central

    Then maybe change the scan settings to "on write" only and disable "Detect malicious behavior (HIPS)"

    Does any of this help?