This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint Intercept X 2.0 impacting Performance - slow?

On a new software build of windows 10 on a T450 Lenovo, we found that at the end we installed Sophos Endpoint Intercept X 2.0 and it significantly slowed down the computer.  All aspects of the computer became slow.  On first bootup, connecting the Wifi - slow.  On login, the CPU would pin at 100% for long periods of time with high memory usage.  All applications would be slow to open, printing would be very slow. This is a new laptop i5, 8 GB RAM, 256 SSD.

We would remove the Intercept X and the computer would return to normal operation.  Fast bootup, fast login, apps, etc...

Now for this customer, then use Trend Micro as their primary AV.  We have Sophos Intercept X added on for the extra protection. We did not have issues previously until the Intercept X Version went up to 2.0.  Has anyone else noticed a large performance hit with Intercept X 2.0?




[locked by: SupportFlo at 11:42 PM (GMT -7) on 12 Mar 2019]
Parents
  • Hello again everyone, 

     

    I'd like to ask others in this thread - are you using any other antivirus software besides Intercept X? 

    In our setup we run it with BitDefender from SolarWinds RMM as well as Web Protection software. We experience very slow loading times of certain websites - up to 10 seconds - with both Web Protection and Intercept X installed on devices (that in addition to generall slowness experienced on PCs). A solution is to turn off either Web Protection, or uninstall Intercept X again, with removal of Intercept X yielding much more promising results. 

    Could it be that Intercept X just doesn't cooperate with other AV software? 

  • In our 2 test laptops we disabled Bitdefender, and only AV running is Sophos, but that doesn’t improve anything.

  • Have you tried completely removing BitDefender from the machines? 

    I noticed that when we snoozed Web Protection, the issues with internet for example persisted, but when we uninstalled it completely, it got a bit better.

    We've only knowledge of 1 machine where we ran Intercept X without BitDefender - it didn't help in that case as well. 

     

    In addition - surprisingly enough - the issues seem to disappear on SOME computers after a restart. Not on all of them, and in certain cases they disappear for few hours, just to come back and bite again.  

  • Honestly speaking, I don’t want to uninstall this and that and disable this service and that service. We all know that the issue is Intercept X. We just need to keep pushing Sophos to address the issue. So far it seems like Sophos not addressing this issue , if they are then they are very quiet about it. I even pointed out this thread to our SE who escalated the issue but nothing so far from Sophos.

  • I agree completely, but i asked purely out of curiosity. Since Sophos seems to ignore issues, we're trying internally to discover what's actually going on. Then, we can send all info we have to Sophos Support again. Maybe if we figure it out for them, they will finally react :)

  • I have to agree with Sam. I can also confirm that Intercept X on it's own is causing major issues with the 2.X update. I installed InterceptX on a vanilla Surface Pro 4 with no other A/V running apart from inbuilt Window Defender and here are my results. 

    Surface Pro 4 - Pre InterceptX

    27 seconds - restart to login screen

    5 seconds to load desktop after entering credentials

    30 seconds to load Skype for Business

    2 seconds to launch Task Manager

     

    Surface Pro 4 - Post InterceptX

    46 seconds - restart to login

    35 seconds to load desktop after entering credentials

    115 seconds to load Skype for Business

    10 seconds to load task manager

     

    I have also pointed this thread out to Support here in Australia and to our account manager. Still waiting ........

  • George Khalil said:

    I have to agree with Sam. I can also confirm that Intercept X on it's own is causing major issues with the 2.X update. I installed InterceptX on a vanilla Surface Pro 4 with no other A/V running apart from inbuilt Window Defender and here are my results. 

    Surface Pro 4 - Pre InterceptX

    27 seconds - restart to login screen

    5 seconds to load desktop after entering credentials

    30 seconds to load Skype for Business

    2 seconds to launch Task Manager

     

    Surface Pro 4 - Post InterceptX

    46 seconds - restart to login

    35 seconds to load desktop after entering credentials

    115 seconds to load Skype for Business

    10 seconds to load task manager

     

    I have also pointed this thread out to Support here in Australia and to our account manager. Still waiting ........

     

    I forgot to mention, I also disabled the various policies one by one, until everything was disabled and that made ZERO effect on performance.  Just having Intercept X 2.X installed with all features disabled is an issue! 

  • Well I didn’t uninstall Bitdefender but it’s disable via GPO on test laptops.

    I did see some improvement in boot time ( may be 5 sec) when I disabled following services in intercept X

    Protect from master boot record ransomware

    Mitigate exploits in vulnerable applications

    Protect processes

    Protect critical functions in web browsers (Safe Browsing)

    Disabling “Safe browsing” and “ Mitigate exploits in vulnerable applications”   stop the IE crashing.

  • Update
    One of the desktop admin  imaged a new desktop and installed Sophos with Intercept X


    Load desktop after entering credentials – 17 Sec
    Skype  for Business auto lunch  and log in – 37 sec.

    This device is new so it was never been in Sophos database.

    Then I did following test with me test laptop

    1)Uninstall Sophos AV
    2)Reboot the laptop and delete the device from Sophos consol.
    3)Download the installation package from Sophos console.
    4)Install Sophos AV with Intercept  X

    Now the performance seems better

    Load desktop after entering credentials  21 Sec
    Skype for Business auto lunch and Log in – 46 Sec.

    Previously

    Load desktop after entering credentials 29 Sec
    Skype for Business auto lunch and Log in – 1  min 40 Sec.


    I want to test this in few more new devices .. but Sophos might be working on the issue but they are not ready to push out to existing Client , but new installation might be getting the  fix.

Reply
  • Update
    One of the desktop admin  imaged a new desktop and installed Sophos with Intercept X


    Load desktop after entering credentials – 17 Sec
    Skype  for Business auto lunch  and log in – 37 sec.

    This device is new so it was never been in Sophos database.

    Then I did following test with me test laptop

    1)Uninstall Sophos AV
    2)Reboot the laptop and delete the device from Sophos consol.
    3)Download the installation package from Sophos console.
    4)Install Sophos AV with Intercept  X

    Now the performance seems better

    Load desktop after entering credentials  21 Sec
    Skype for Business auto lunch and Log in – 46 Sec.

    Previously

    Load desktop after entering credentials 29 Sec
    Skype for Business auto lunch and Log in – 1  min 40 Sec.


    I want to test this in few more new devices .. but Sophos might be working on the issue but they are not ready to push out to existing Client , but new installation might be getting the  fix.

Children
No Data