Product Version: 5.5
Expires on: 365 days from publish date
Updated: May 28, 2013
After update of Symantec Endpoint Protection (Antivirus) the logon/logoff time increased significantly at times to over 3-5 min.
Logon and log-offs are affected. This is on persistent and non-persistent VDI pools.
Option A) Use exclusion list found in this KB:
If this did not decrease logon time proceed to step "b"
Option B) Disable NTP (Network Threat Protection) component on your clients
In SEPM, select the clients on which you want to disable NTP. Right-click and choose Run Command on Clients > Disable Network Threat Protection.
If this did not decrease logon time proceed to step "c"
Option C) Remove NTP (Network Threat Protection) component from your clients
If this did not decrease logon time proceed to step "d"
Option D) In Symantec End Point Protection version 12.1.x SONAR is submitting file heuristics of our executables thus adding up to 1 min to logon time.
Option D-1) Disable SONAR
Option D-2) Disable "Allow Insight lookups for threat detection"
When one of above options is not disabled, Symantec is checking online heuristics for our executables thus pausing our logon process.
If this is not an option than proceed to step "E"
Option E) Revert to earlier version of SEP ( 11.0.x)
If this did not decrease logon time proceed to step "F"
Option F) Remove Symantec Endpoint Protection
Note: On XP clients and 2003 systems, removing "Firewall" might also improve performance: