When I do this in our environment I see that the SEP client will not start up anymore. I was wondering what would happen if you tried to stop your SEP client with the smc.exe -stop command and then try to start it again (smc.exe -start)?
I will update you when we hear something back from Symantec or VMware. We collected all log files again recently. And so the exceptions and exclusions may not have worked at all. We declared all de collected log files to be unreliable, because the symantec client did not work at all.
Since Symantec is working now we see better (not optimal) startup times of thinapps in an app stack. We want to have these exceptions validated by VMware. A simple EICAR virus test was not even detected !! Through exceptions in the snapvol.cfg we got symantec working properly. The client was healthy from de management server point of view, but stopping and then starting the smc.exe resulted in a crash.
Due to the spectre and meltdown patch the performance degradation in this combination is severe.īy accident we found out that symantec didn't work at all !! Every thing looked fine.
The filter drivers of Symantec, App Volumes and DEM all want to use their resources probably at the same time. Well that was not true, but maybe difficult to find? For now the only thing what is seen is there are extremely high CPU spikes and Symantec scans a lot of registry entries. You name it.īoth Symantec and VMware indicated that no other support calls are registred with this specific problem. We have delivered many gb of logfiles and videos. From the current support calls of Symantec and VMware no rootcause has been found yet. I am a little pleased to hear that we are not the only ones with this problem.Īfter a few months of troubleshooting we have only achieved small results. And still hoping for this issue to not rise!
We were about to organize a call between VMware and Symantec, but finally we closed the cases, unresolved, hoping for a better experience with Windows 10.Īnd now I'm working on Windows 10 migration, and I still have to test AppVolumes and SEP. They suggested you contact Symantec and confirm if they have a way to solve the performance drop and/or to exclude App Volumes driver.
They could confirm that Symantec is the component that is making our driver work slow. They confirmed that the issue is related with a performance drop down that is making the access to registry key take longer. Our backline engineers provided feedback about the procmon log files provided. We had WebEx sessions, phone call, emails.Īfter months, we had this answer from VMware : I sent them dumps, videos of the user experience with and without the problem, logs. I had a case at VMware and another one at Symantec, but none of them solved the problem. Until now, no Monthly security updates from Microsoft has solved anything. If I remove ANY ONE of these 3 elements, everything works well. This means the problem is not only with SEP + AppVolumes, but SEP + AppVolumes + MS Updates (starting january 2018 and all the Intel security breaches fixes). Interesting fact : I notice this problem only appears after I apply Microsoft Security KB4056897 or later (and of course, with SEP agent installed and active and AppStacks mounted) On Windows 10, I haven't tested a lot for now as we purchased licences recently.īy the way, Hmunning, you didn't tell us what Windows version you're using. I'm fighting with this issue for more than a year (almost 2 actually) on Windows 7 machines. I'm sorry to say that Hmunning, but I'm happy someone else is facing the same problem, as I was starting to become crazy and feeling alone ! No Symantec cliënt installed + 3 Appstacks 0,50 MinĪnyone dealing the same issues? We can`t skip Symantec or move to another AV vendor. Symantec Application & Device Control off + 1 Appstack 1,25 Min Symantec all components on + 1 Appstack 1,51 Min Symantec Application & Device Control off + 3 AppStacks 2,06 Min Symantec all components on + 3 Appstacks 2,36 Min Only disabling "Application & Device Control" seems to improve login and application performance. We`ve been testing all scenario`s disabling components of symantec. When SEP is installed including all obvious exceptions and even using the virtual image exception tool no significant change in performance is noticed. Without a SEP cliënt installed everything is performing well and user experience feels like a persistent VDI. App Volumes and Symantec Endpoint Protection doesn`t seem to like each other.
We`ve been troubleshooting slow login and poor application performance on our Non Persistent VDI for a while now.