Active Directory Domain Controllers experiencing high CPU with Endpoint Protection
search cancel

Active Directory Domain Controllers experiencing high CPU with Endpoint Protection

book

Article ID: 273996

calendar_today

Updated On:

Products

Endpoint Security Complete

Issue/Introduction

Active Directory Domain Controllers experiencing high CPU with Symantec Endpoint Protection (SEP). SEP process takes ~30-40% CPU frequently.

Environment

Release : 14.3 RU6

Cause

Policy configuration for Endpoint Detection and Response caused the extra load.

Resolution

For busy domain controllers, either:

  1. Increase the system resources
  2. Disable the EDR policy.

The following exceptions for EDR can also increase performance:

 Actor: c:\program files\microsoft monitoring agent\agent\monitoringhost.exe  Operation: All  Target: *
 Actor: c:\windows\system32\dfsrs.exe  Operation: All  Target: *
 Actor: c:\windows\system32\repadmin.exe  Operation: All  Target: *