Sophos UTM: Decommissioning of obsolete URL categorization services CFFS. Click here for important info.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint Intercept X (Malicious Traffic Detection) slows down MacOS Monterey extremely

Hi all,

following issue: I upgraded different machines (4 for testing) to MacOS Monterey 12.0.1.

They got all the same issue: After upgrading and rebooting, the machines slowing down extremly.

The OS would hang with beach ball and take forever to do even one click. They got useless!

After some testing i found out, if i turned off "Malicious Traffic Detection" in the Runtime Protection Settings of the Endpoint software (10.2.2), the machine starts to work normal, the system brakes and beachballs are gone.

But after i turned "Malicious Traffic Detection" on again and restarted the machine, it slows down again the machines extremely direct after booting.

I can reproduce this setting on all machines with Monterey 12.0.1

Even the latest EAP version of Sophos Endpoint (10.3.0) didn’t fixed this issue.

Any recommendations for this?

This thread was automatically locked due to age.
  • Hello,

    Thank you for reaching out to the Sophos Community Forum.

    Do you know if multiple network extensions are installed on the macOS devices in question? In some cases, having other network extensions installed prior to that of Sophos' can cause issues. 

    I have reached out to you via PM to request logging information from one of the affected devices to look into the issue further. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi Kushal,

    I have the exact same problem running version 10.3.1 and Mac OS 12.1 on both my MacBooks, it’s impossible to use the computers with the “malicious traffic detection” setting on, when you turn it off the computer works fine

Reply Children