Perfomance Problems due to Disk Usage since Symantec Endpoint Protection Installation
We have installed Symantec Endpoint Protection (12.1.4013.4013) last July and we noticed that, since then, many computers we manage went slow. After investigation, we found that this is due to the disk usage which becomes frequently at 100%. The machines are then hanging and this might be for few seconds or few minutes. The AV was installed by an external company and they have applied the default "Balanced" template.
We have disabled the Outlook Add-In which made Outlook usable as users were getting stuck whenever they use it since Symantec Endpoint Protection installation. That helped for Outlook but the overhaul performance is not good at all. When I remove Symantec Endpoint Protection and install Microsoft Security Essentials then everything works Perfectly. It is just that when I install Symantec Endpoint Protection then everything goes wrong.
We use Microsoft Forefront Protection as the AV of the servers and it performs well without causing performance issues. We have decided to not use that on the Desktops so that we can have additional layer of protection by not using the same AV technology everywhere and that is why we went with Symantec.
I believe that the Symantec AV can be performing much better by tweaking it. So, Are there any recommendations you can give to help us having the Symantec AV installed but with high performance PCs?
Comments 10 Comments • Jump to latest comment
What specific process takes up the CPU?
Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.
When I check the Disk Usage, there are usually two scenarios:
Scenario 1: Smc.exe or SymCopUI.exe are doing many I/O and cause the computer to hang
Scenario 2: No Symantec process is eating the I/O. However, I see that, in many cases, the System process is the one eating the I/O or Outlook / Google Chrome / Firefox
Our systems are up-to-date and we do not have these problems when Symantec Endpoint Protection is not installed. I have done some exclusions to exclude the processes of applications we use on few computers (Like Outlook / Google Chrome / Firefox). The systems are performing better but still hang from time to time. Also, we need to reboot the PCs at least once a day so that the PC performs with no frequent hangs.
Is it constant or only when PCs update their defs? Do you have the option to run an active scan when new defs arrive enabled or is the quarantine re-scanned when new defs arrive?
Have you tried with 12.1.5? You're running an old version.
Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.
The hanging is not constant and appears randomly.
I will see the responses to your other questions with our Security Manager and I will get back to you.
I have checked with our Security Manager but he do have a deep knowledge about the product.
How can I check if I have the option to run an active scan when new defs arrive? Could you please let me know where I can find that in the console?
For the Symantec version, our Security Manager told me that we will be upgrading it soon.
I have found this: http://www.symantec.com/business/support/index?page=content&id=TECH203382
Also, I have disabled some options that are not required. Since then, I feel that my test computer feels better but it hangs from time to time and I see that Symantec Service Framework is the process eating my disk.
In the AV policy under Administrator-Defined Scans >> Advanced tab
check to see if "Run an active scan when new definitions arrive" is checked
Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.
I have checked the option and it is not enabled.
Any ideas about how to step forward with this?
Your issue looks to be from the article you linked to which there has been no resolution yet. You should contact support to see what's going on.
Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.
We also encountered the same issue. Our office use Symantec endpoint protection. When the "symantec service framework" start working, the disk usage increase dramatically, and the computer stop working for couple minutes. It is really very bad when you are doing urgent task or in an on-line meeting. I hope Symantec can solve this ASAP. It really cause much inconvenience.
Would you like to reply?
Login or Register to post your comment.