Watchguard EPDR and Fastvue Syslog
Hi @ all,
we have a Windows Server 2019 with FastVue SysLog as a Syslog Server solution installed.
Since we installed Watchguard EPDR on that virtual Server, the CPU is always at 100% whenever the Advanced Protection is active (Process "Panda Cloud Antivirus Service")
As a workaround for now we have disabled Advanced Protection, but this is no ultimate solution of course.
The Syslog process is called "Fastvue.SyslogServer.Service.exe". What i have already tried:
- set the FastVue Process as an exception in the Code Injection
- disable Code Injection
- disabled Network Attack Protection
- added the FastVue Process to AMSI exclusions (alltough this is not part of the Advanced Protection Module)
Nothing has helped. As soon as i enable the Advanced Protection Module, the CPU jumps to 100%.
Did i miss anything? Any other ideas?
Best
Gil
0
Sign In to comment.
Comments
hello, @Gileraracer
If you are completely sure this is due to the Advanced Protection module, we recommend to send an email to:
Support at watchguard dot com
Explaining your issue and providing your customer ID
This action will open a case to the tech support department, so they can request info in order to study your specific case, and provide a solution.
Regards,
David Carro | Technical support
WatchGuard Technologies, Inc. | www.watchguard.com
Hi David,
yes, as soon as i disable the Advanced Protection the CPU load goes down (and vice versa). I will do that, thanks!
Best,
Gil