Forum Discussion
Sam_Sibeko
Dec 18, 2024Copper Contributor
How to remediate overheating endpoints
Running Microsoft Defender as Primary and Symantec Endpoint Protection as secondary. Endpoint points are overheating
Anybody with experience on how to solve this problem? Or recommendations?
- Chandra_SathyanarayanaCopper Contributor
Ideally there must be only one active AV/EDR solution running, even if there are secondary AVs running in passive mode, likely to execute/perform background scanning activities which may cause high utilization, preferable to have only one AV irrespective of their status.
On other side, high CPU utilizations are mainly due to scanning, do check the frequency set in your policy for full-scan and quick scan schedule. You can also disable the catch up scans if enabled. Catch up scans are meant to resume scans whenever the primary scheduled scans (full or quick) paused/failed due to battery power or device unavailable or any other cause during the scheduled frequency, in such cases catch up scans will auto trigger scan the moment device is turned on or sensor gets active, which most likely when the users face high CPU because of overloading the initial programs.
Further worth checking the exclusion paths and processes if they are updated in case you have recently migrated from one AV to MDE.