The scanning is too slow: 

A file of 100 MB was scanned in about 6 seconds.

A file of 10 MB is scanned in 38 seconds

And a file of 100 MB in 382 seconds

Examples:

100 MB file:

Username@123:/test/example/example1/SFTP/example2/lib/AVScanNew # time /usr/java8_64/bin/java -cp .:SymJavaAPI.jar JavaAPICheck -streambased:1 -api:1 -server:{SPE IP address}:1344:false:0:false -file:'../FILESETS/file.size_100M.txt' | grep :

Persistent connection count : 0

File Scanned            : ../FILESETS/file.size_100M.txt

Scan Policy             : DEFAULT

File Status             : CLEAN

File Quarantine Status : NOT_AVAILABLE

Total Infection         : 0

Virus Def Date          : Mon Apr 10 00:00:00 CEST 2023

Virus Def Revision No   : 019

No of bytes scanned     : -1

Total files scanned     : -1

True type of file       : NA

Symantec Protection Engine IP           : *********

Symantec Protection Engine Port : 1344

Symantec Protection Engine Connection Status    : Able to connect

real    6m22.926s

user    0m1.854s

sys     0m1.320s

10 MB file on *******IP address********

Username@123:/test/example/example1/SFTP/example2/lib/AVScanNew# time /usr/java8_64/bin/java -cp .:SymJavaAPI.jar JavaAPICheck -streambased:1 -api:1 -server:{SPE IP address}:1344:false:0:false -file:'../FILESETS/file.size_10M.txt' | grep :

Persistent connection count : 0

File Scanned            : ../FILESETS/file.size_10M.txt

Scan Policy             : DEFAULT

File Status             : CLEAN

File Quarantine Status : NOT_AVAILABLE

Total Infection         : 0

Virus Def Date          : Mon Apr 10 00:00:00 CEST 2023

Virus Def Revision No   : 019

No of bytes scanned     : -1

Total files scanned     : -1

True type of file       : NA

Symantec Protection Engine IP           : 10.144.39.26

Symantec Protection Engine Port : 1344

Symantec Protection Engine Connection Status    : Able to connect

real    0m38.146s

user    0m0.930s

sys     0m0.173s

10 MB file on *******IP address********

Username@123:/test/example/example1/SFTP/example2/lib/AVScanNew # time /usr/java8_64/bin/java -cp .:SymJavaAPI.jar JavaAPICheck -streambased:1 -api:1 -server:{SPE IP address}:1344:false:0:false -file:'../FILESETS/file.size_10M.txt' | grep :

Persistent connection count : 0

File Scanned            : ../FILESETS/file.size_10M.txt

Scan Policy             : DEFAULT

File Status             : CLEAN

File Quarantine Status : NOT_AVAILABLE

Total Infection         : 0

Virus Def Date          : Mon Apr 10 00:00:00 CEST 2023

Virus Def Revision No   : 019

No of bytes scanned     : -1

Total files scanned     : -1

True type of file       : NA

Symantec Protection Engine IP           : *************

Symantec Protection Engine Port : 1344

Symantec Protection Engine Connection Status    : Able to connect

real    0m40.318s

user    0m0.886s

sys     0m0.178s

Release : 8.2.2

This SPE server either doesn't have an internet connection or traffic is going through a proxy which is not configured in SPE configurations.

All SPE network queries are timing out. Eicar scan took 30 secs because its reputation query failed after 30 secs of timeout.

The signature-based scanning identifies it as bad but reputation query time out.

stargate sef_file_reputation_cpp451 stargatePlatform::sefApi::SefWrapper::GetReputationData 69C 1DF4 3 4294968895 04\28\2023-10:21:02   TRACE_DEBUG TRACE_LEVEL_ERROR   File reputation query timed out. SYMRESULT: 0x8002000E (30000 ms) 

Analyzing logs regarding live update, Live update was also failing for the same reason.

Fri Apr 28 12:22:04 Central European Daylight Time 2023, There was an error running content update, scanning will continue using the original definitions, Event Severity Level = Error, Definitions = Virus definitions, Error Message = LiveUpdate Error, Update Method = LiveUpdate, Symantec Protection Engine IP address = XX.XXX.XX.XX, Symantec Protection Engine Port number = 1344, Uptime (in seconds) = 18, Date/time of event(with millisec) = 1682677324082, Symantec Protection Engine Host Name = **********, Process ID = 7264