Anti-Virus is the second most likely Threat Prevention blade to cause performance and/or high CPU utilization issues after IPS. Anti-Bot is relatively low overhead and is probably not causing your issue.
Generally, you don't want traffic travelling between high-speed internal networks to be scanned with Anti-Virus unless you have a quite beefy firewall. There are two primary ways to ensure this does not happen, by creating a blade-based (not protection-based) exception or by adjusting the profile-based properties for the Anti-Virus blade which has many performance-impacting settings you should check. Here are the relevant pages from my Gateway Performance Optimization Course covering these topics which you should find helpful, the blade-based exception example shown is for IPS but will work for Anti-Virus too:
Tue 18 Feb 2025 @ 03:00 PM (CET)
Why Adding SASE to Your Network Infrastructure is a Win-Win - EMEATue 18 Feb 2025 @ 02:00 PM (EST)
Why Adding SASE to Your Network Infrastructure is a Win-Win - AMERICASWed 19 Feb 2025 @ 10:30 AM (BRT)
Explore o Futuro da Segurança Cibernética com o Quantum Firewall R82 - BrasilThu 20 Feb 2025 @ 11:00 AM (EST)
Tips and Tricks 2025 #2 - Controlling Access to SaaS Apps with Harmony SASETue 11 Mar 2025 @ 06:00 PM (IST)
TechTalk: The Future of Browser Security: AI, Data Leaks & How to Stay ProtectedTue 18 Feb 2025 @ 03:00 PM (CET)
Why Adding SASE to Your Network Infrastructure is a Win-Win - EMEATue 18 Feb 2025 @ 02:00 PM (EST)
Why Adding SASE to Your Network Infrastructure is a Win-Win - AMERICASWed 19 Feb 2025 @ 10:30 AM (BRT)
Explore o Futuro da Segurança Cibernética com o Quantum Firewall R82 - BrasilThu 20 Feb 2025 @ 11:00 AM (EST)
Tips and Tricks 2025 #2 - Controlling Access to SaaS Apps with Harmony SASE
