Since rolling out TIE Agent to test machines I am getting users complaining of 100% CPU when Scheduled Scans or and On Demand scan is ran, I have had to currently disable TIE in observation mode as this was causing 80-90% CPU even with this disabled the TIE Agent is causing issues on the scheduled /on demand scans, I have removed the TIE Agent from a machine and now a scheduled scan is not causing 100% CPU issue.
I need to do more testing to see if this is the TIE Agents fault or an issue with my TIE Configuration has anyone else had issues or seen increased CPU usage?
After more testing and updating TIE to the latest version this is still an issue, I have support tickets open with McAfee but struggling to get updates on this, I can replicate this issue on lots of different machines as soon as you have the VSE for TIE installed and do any scans the machine grinds to a halt.
does anyone else run TIE I have spoken with 2 McAfee partners and neither have installed TIE for end users?
Based on the symptoms described it would appear the ODS/Scheduled scan is touching all files as expected of course which appears to be triggering the TIE client to submit the scanned files that do not have a TIE Reputation status to the TIE server.
What are the settings for the TIE for VSE policy - balance security?
Just a thought but have you tried to use the TIE scanner tool to add the files for your gold build which can then have a TIE reputation set?
This should help with root cause analysis as the "gold" client build files can be ruled out from the CPU loading for an ODS/Scheduled scan.
what VSE Version are you using? VSE 8.8 Patch4 and a Hotfix or VSE 8.8 Patch 4. I imagine there was a know problem with a version causing your problem.
We are using Patch 5, I see Patch 6 has been released so I may try this on some test machines.
Support are unaware of any issues.
After further thought TIE only inspects at the point of execution which rules out my humble observatiions
I heard some issues with TIE in combination with network drives. A hotfix should be available.
Could this be your problem ?
we have a hotfix and will be testing, advise from McAfee was to stop using until the hotfix. will update once tested.