The Webroot Evasion Shield protects users from a variety of script-based attacks. Admins can enable it via a global policy setting in the Webroot management console. For answers to frequently asked questions, check out our Evasion Shield FAQ.
- To manage Evasion Shield settings, you must be at the Webroot management console level. You cannot manage these settings at the Site or Endpoint console level.
- Your admin account must be of the Account Type GSM Super Admin to modify global policy settings. Click here for more information on Admin accounts.
- The Webroot Endpoint Protection agent must be running version 9.0.28.00 or later to support the Evasion Shield.
To enable the Webroot Evasion shield:
- Log in to the Webroot Management console and click the Policies tab.
- Find and click the global policy you want to modify to display the policy settings.
Note: If the endpoints you have chosen to apply the Evasion Shield are currently using a System Policy (designated by a lock icon and located at the top of the list), you will need to create a copy of the policy and modify that. System Policies cannot be changed.
To create a copy of any policy:
- Click the policy you want to copy.
- Click the Copy button.
- Enter a Policy Name and Policy Description.
- Click Copy.
- Click the Policy Section drop-down menu and select Evasion Shield (it is towards the bottom of the list).
- Make a selection for the Script Protection setting. The options include:
- Off (default setting) – the shield is disabled
- Detect and Report – scripts are detected and reported; admins can view script activity in the Reports tab by opening the Evasion Shield – Detections report
- Detect and Remediate – scripts are detected, moved to quarantine, reported, and any system changes auto-remediated
- Click Save to modify the policy and save the new setting.
- If you are modifying the policy already assigned to endpoints, move to step 7. To assign the updated policy to endpoints in other sites, use the Groups tab in the Webroot Management console.
Note: To assign global policies to a site, that site must be configured to use global policies.
To enable a site to use global policies:
- Click the Sites tab.
- Find the desired site and click Manage.
- Select the Endpoint Protection sub-tab and check the box next to the Include Global Policies setting.
- Click Save Changes.
- Endpoints will get the new policy settings when they check in during the polling interval defined by the assigned policy. Read more about the polling interval here.
You can force an individual endpoint to check in by:
- Right-clicking the Webroot agent icon in the system tray on that endpoint and selecting Refresh Configuration.
- By command line:
- For 64-bit operating systems, enter "C:\Program Files\Webroot\WRSA.exe" -poll
- For 32-bit operating systems, enter "C:\Program Files (x86)\Webroot\WRSA.exe" -poll