This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Performance Loss and Central Page Usage

Hello there!

I have some questions. I wasn't sure where to open this thread (f.e Sophos Central or Intercept X Endpoint ). Please excuse me if my posting here is wrong.

We recently joined Sophos. We also caught a lot of malware that our previous security software couldn't find. At first we were satisfied. But I have some problems. We would like to ask if it may be due to lack of information or misuse.

In general, we experience performance loss after installation. Our applications open late compared to the past.
The applications we use (microsoft office, solidworks & oth...);
We showed the folder and .exe paths from Sophos Central -> Global Settings -> Allowed Applications. We had all active users updated the rule via the interface. But our problem remains.

If in the software settings section;
Only if we turn off the "Realtime Scanning -> Files" section, the slowness of the application is solved.

Could it be something we did wrong or overlooked? We would be glad if you share your ideas and suggestions.
Thank you.
Kind regards.
**Sorry for spelling mistakes.

Core agent : 2.20.xxx
Endpoint Advanced: 10.8.xx.x
Sophos intercept x: 2.0.xx



This thread was automatically locked due to age.
Parents
  • Hi optimum,

    Thanks for reaching out to the Sophos Community Forum. 

    If disabling the Realtime Scanning option has alleviated the performance issue you're experiencing, I recommend adding a Process Exclusion from the Threat Protection Policy or the Global Settings page for the main executable. 
    The file/folder exclusion will prevent scanning from occurring when those specific files are accessed, whereas a Process Exclusion will white-list the operations performed by the process including files that it touches.

    I also recommend checking if the process is reaching out to external directories such as shared folders to get additional information or if the process only runs locally on the device.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hello again,
    The Global Settings >> "Allowed Applications" directive didn't work.
    After that;
    I added the software we use with the People>>Person>>Policies>>Thread Protection>> Under Settings >>Exclusions>> "Add Exclusions" directive.

    However, there are still differences when I open a design with solidworks, for example, in my control. When I close the files in the real time scanning section of the antivirus's settings page, I can reach the required speed.

    Could you please explain the settings you describe as follows ( f.e: People>> Person>> Pol...... )
    Or is there an opportunity in Sophos central to make exceptions for files with the following extension? For example, files with the x_t extension that we use in Solidworks software. I wonder if we can gain a little more performance in this way?

    What are the consequences of closing the "files" under the real-time pictured?

  • I'd like to look into the types of exclusions you are adding, I have reached out to you via PM to inquire further. 
    For reference, the different types of exclusions you can create are outlined in the following document.
    Global Exclusions

    Disabling the Files option as shown in your screenshot will disable "on-access" scanning. This will also affect Application Control and Malicious Behavior Detection. Other features shown in your screenshot will remain active. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Reply
  • I'd like to look into the types of exclusions you are adding, I have reached out to you via PM to inquire further. 
    For reference, the different types of exclusions you can create are outlined in the following document.
    Global Exclusions

    Disabling the Files option as shown in your screenshot will disable "on-access" scanning. This will also affect Application Control and Malicious Behavior Detection. Other features shown in your screenshot will remain active. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Children
No Data