Hope you are doing well.
Yes Anti Malware engine overload errors are being observed quite frequently in past few months.
It is when our default queue of 1000 reaches its value , then all subsequent request are being blocked by Anti Malware engine overload errors .
you can configure a fail open here for Anti Malware errors , so that users don't get MWG Anti Malware error page if at all it is required .
what is your current MWG version? We have seen some performance issues related to GAM 2017 version which are resolved in 188.8.131.52 version and above .
Also rechability/connectivity issues to our GTI servers are one of the causes/contributor to Anti Malware overload situation.
I would also suggest to open a case with support by providing a feedback file taken during the time of issue for investigation. Ping me the SR number here if you open a case with support for me to have a look.
I'm also seeing increasing number of anti malware overload situations that didn't exist before a couple of months ago. We upgraded to 184.108.40.206 in an attempt to correct the issue but to no avail. The GTI servers don't seem to be an issue either as we are getting good responses from them using the diagnosis script when the issue occurs. We've set the error handler to continue on 14001 errors but we see a BIG dropoff in connections when the problem occurs. We have 2 MWGs being load balanced so the second box picks up the load but within a few seconds it too gets the overload message.
Are there any updates to this at all? Any steps we can take besides pressing the AV Threads button over and over. Is there a better way to determine what is causing this issue? This feels more like an issue with an update that might have dropped a while back. We're currently running engine 5900.7845..
A belated reply -- I haven't heard any significant updates about this specific issue.
As I understand it, MFE support has told us that we need to upgrade our hardware. I'm not sure what their answer will be if the underlying problem remains when the hardware is upgraded, but for now it kicks the can down the road a bit.
My current interpretation is that there is a specific issue that McAfee believes to exist, but does not yet necessarily have sufficient data to isolate and resolve.
My interpretation could be completely incorrect...