How can check the impact of AMP/FTD lookups on connections? On tests I've done, sometimes the scanning slows connections down. I need to be sure this doesn't cause a timeout.
Is there any way to tell if incoming connections are getting dropped/timeouts because of malware lookups?
When I check file events, I see a few "Cloud Lookup Timeout" but it's not that many.
I'm scanning everything, and doing Spero, Dynamic and Local analysis. I have capacity handling enabled.