Anti-Virus is the second most likely Threat Prevention blade to cause performance and/or high CPU utilization issues after IPS. Anti-Bot is relatively low overhead and is probably not causing your issue.
Generally, you don't want traffic travelling between high-speed internal networks to be scanned with Anti-Virus unless you have a quite beefy firewall. There are two primary ways to ensure this does not happen, by creating a blade-based (not protection-based) exception or by adjusting the profile-based properties for the Anti-Virus blade which has many performance-impacting settings you should check. Here are the relevant pages from my Gateway Performance Optimization Course covering these topics which you should find helpful, the blade-based exception example shown is for IPS but will work for Anti-Virus too:
![excp_blade1.png excp_blade1.png](https://community.checkpoint.com/t5/image/serverpage/image-id/22903iBDA8BBA16E048B7D/image-size/large?v=v2&px=999)
![excp_blade2.png excp_blade2.png](https://community.checkpoint.com/t5/image/serverpage/image-id/22904i79BEC09E37580016/image-size/large?v=v2&px=999)
![excp_blade3.png excp_blade3.png](https://community.checkpoint.com/t5/image/serverpage/image-id/22905i7F4404F29AF5F788/image-size/large?v=v2&px=999)
![avperf1.png avperf1.png](https://community.checkpoint.com/t5/image/serverpage/image-id/22906iABBBF45597073D32/image-size/large?v=v2&px=999)
![avperf2.png avperf2.png](https://community.checkpoint.com/t5/image/serverpage/image-id/22907i1BE2DE5D42D3FD4F/image-size/large?v=v2&px=999)
![avperf3.png avperf3.png](https://community.checkpoint.com/t5/image/serverpage/image-id/22908i295284690BFA20FD/image-size/large?v=v2&px=999)
![avperf4.png avperf4.png](https://community.checkpoint.com/t5/image/serverpage/image-id/22909iF03DD9ED7ACF2A83/image-size/large?v=v2&px=999)
Attend my 60-minute "Be your Own TAC: Part Deux" Presentation
Exclusively at CPX 2025 Las Vegas Tuesday Feb 25th @ 1:00pm