CB Protection: Why Do Endpoints Experience High I/O After Upgrading to Version 8.1.5
CB Protection Agent: Version 8.1.4 and Higher
Why do endpoints temporarily experience high I/O after applying the version 8.1.4 upgrade?
There is a cache consistency check that happens when the agent is upgraded to Version 8.1.4, because a new Script Rule to track '*.hta' files when the process is '*\mshta.exe' is introduced.
This *.hta Script Rule is enabled by default due to the security value provided; however, as a result all agents will automatically run a cache consistency check to discover and approve any pre-existing HTA files. This cache consistency check may cause temporary I/O overhead on endpoints.