This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint Intercept X (Malicious Traffic Detection) slows down MacOS Monterey extremely

Hi all,

following issue: I upgraded different machines (4 for testing) to MacOS Monterey 12.0.1.

They got all the same issue: After upgrading and rebooting, the machines slowing down extremly.

The OS would hang with beach ball and take forever to do even one click. They got useless!

After some testing i found out, if i turned off "Malicious Traffic Detection" in the Runtime Protection Settings of the Endpoint software (10.2.2), the machine starts to work normal, the system brakes and beachballs are gone.

But after i turned "Malicious Traffic Detection" on again and restarted the machine, it slows down again the machines extremely direct after booting.

I can reproduce this setting on all machines with Monterey 12.0.1

Even the latest EAP version of Sophos Endpoint (10.3.0) didn’t fixed this issue.

Any recommendations for this?



This thread was automatically locked due to age.
Parents
  • The performance issue is extremely bad on Intel CPU based Mac computers since MacOS Big Sur. Especially for our Engineering team when they doing code compiling.Is there any way we can see the real version number of the Sophos Intercept X installed on the computers? Now we have some computers under EAP, some updated to the latest released on April 14 and some of them are still on the previous version. But all of those Macs are showing on version 10.3.3. It is very confusing and won' help troubleshooting. We currently created a new policies and disabled almost all of the critical Intercept X services on that policy to avoid the performance issues. That is the only solution that works so far.

Reply
  • The performance issue is extremely bad on Intel CPU based Mac computers since MacOS Big Sur. Especially for our Engineering team when they doing code compiling.Is there any way we can see the real version number of the Sophos Intercept X installed on the computers? Now we have some computers under EAP, some updated to the latest released on April 14 and some of them are still on the previous version. But all of those Macs are showing on version 10.3.3. It is very confusing and won' help troubleshooting. We currently created a new policies and disabled almost all of the critical Intercept X services on that policy to avoid the performance issues. That is the only solution that works so far.

Children
No Data