This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

When can we expect a new version for Big Sur?

I, like many other it seems, have been having problems with our Intercept X and MacOS Big Sur. 

While version 10.0.4 seems to be a bit better than previous releases, we are seeing extremely high CPU usage for com.sophos.endpoint.scanextension on Big Sur when the users are opening large files or compiling code. So much so that users are reporting a notable degradation of performance to the point we have to turn off a lot of Threat Protection features. This has undermined Sophos within the user base so now every problem is getting blamed on host protection! 

I know there are lots of posts around this topic with either scanextension or networkextension and I know Big Sur changed how kernel extensions work etc etc, but I wanted to know if Sophos have acknowledged that this issue will be fixed in future releases and when we can expect a version that plays nicely with Big Sur?



This thread was automatically locked due to age.
Parents Reply
  • I believe the release version is 10.1.3 but the EAP version is 10.1.2. We're waiting for the roll out because we've bought through an MSP we can't get bumped up the list. 

    10.1.2 fixes some of the issues but it's still not perfect. Although one odd thing we have found is a semi-known issue with Macbook Pros where by if you have the charger and a monitor plugged into the left side TB ports, the fan goes nuts and a kernel service starts using a lot of CPU, that in turn causes Sophos to get upset too. 

    In 10.1.2 the Sophos processes still seem to use a lot of resource when idling, but seem a bit better at backing off when something else wants to use the CPU. 

Children
  • We can't get Google Drive [File Stream] to work if sophos scanner is present and uninstalling intercept x doesn't remove this process...but Google Drive works just fine if Sophos never gets installed. I feel that 8 months is plenty of time to get a product to support a new OS version -at this rate, the next update will launch before Sophos gets this all working properly so, given we're 60+% Mac, I think it might be time to not renew and move on to a product that actually supports our environment.

  • We switched all of our engineering/developers to Jamf Protect because of the issues with Sophos and have had zero complaints so far, it's been about 2 months. If you already use Jamf to manage your Macs it's extremely easy to deploy. It does lack some of the features that Sophos has like programmatic ransomware protection and DLP controls, but as far as I'm concerned, if Sophos isn't usable then that's irrelevant. Protect leverages the native macOS Endpoint Security Framework that was introduced with Catalina, it's not running a proprietary agent like most antivirus solutions. It's worth checking out if you're looking at alternatives.

  • That is a path I am exploring but I also am conflicted on the idea of continuing to give $$ to a company that offers such mediocre support for paying customers. I get the commenters who say "maybe don't update as soon as it comes out..." but realistically, we're closer to the next release [of MacOS] than the current version's release and the current isn't working.

  • We waited to update until Sophos "supported" Big Sur, and that did not end well for us. 

    Annoyingly we don't use Jamf for Mac management but I've heard Bitdefender works quite well so might look at running a POC with that if we're not 100% with the next Sophos release. 

    Absolutely going to block the next MacOS release and watch these forums like a hawk

  • On the topic of Big Sur updates, we have found 11.5 update seems to also improve performance a little.