06-20-2013 06:17 PM
Hi, new to the forum, old to IT and looking for some hands on feedback on the webroot security products. I know there are webinars etc but my experience has always been that you get the guts of the reality by asking current users in the same situation as you so here's the story:
We are a MSP who currently provides endpoint protection to our clients as one of our offerings (AV, Content, Firewall, email scanning, web protection). We provide a cloud product from one of your competiors. We are a wee bit short of our "happiness expectation" with this current provider and are looking to move our client base to another solution - at no cost to them, and maintaining the current pricing, but money is for another discussion.
What I would like to know is how do others in a similiar situation view and use webroot for their clients? Does it meet your expectations (I'm assuming so based on my trolling this and your other boards), is it missing anything? What if anything would you change or add? Would it provide the functionality we are looking for? Our focus is giving our clients the best and most reliable services and support possible, while meeting what we consider to be our rather tough requirements for manageability, functionality, capability, and flexibility.
Here's a sample client scenario, how does webroot work in this?
Client has 40+ end users. Offices on 3 continents, end users often out in the middle of nowhere with difficult connectivity (slow and unreliable). We need to protect these clients when in the office and in the field. This includes AV, malware, content filtering, email scanning (secondary to main server scanner), and a highly manageable local firewall.
Windows firewall is OK, but it's not as manageable as it could be and many users have local admin permissions on their machines (corporate culture thing we can't overcome, yet please see malware protection need ).
We need a network/domain aware firewall that protects differently when a client is in the head office versus when he is out in the middle of the desert, or at his house that we can control (read extra password to change/disable that user will not have) and manipulate anytime, anywhere. For example in the head office they need to be able to use file sharing, in the field they don't. Remote field locations are often 3rd party offices (read construction trailer with a couple desks and internet) so external and possible internal threats.
Same ability to manage and update for content filtering (not different based on connection, always the same) and def'n updates.
The more granular the admin controls the better.
We may also have to initially deploy this protection over slow and unreliable connections, as well as update or push out policy changes over the same connections.
We also need MAC support for a handful of users.
We know other products provide most, if not all this functionality but we've been there, done that with most of them over our careers and there are reasons they are not under consideration. We really don't like discounting the problems just because they provide the sought after solution, we want a solution without the underlying problems (bloat, speed, etc).
I know people on here really like and support this product, but I'm looking for solution feedback as it applies to this product and its in production use, not marketing verbiage please.
Absolutely any feedback would be appreciated.
Solved! Go to Solution.
06-20-2013 06:55 PM - edited 06-21-2013 04:47 PM
(I am a business customer of Webroot for ~4 years with a total of ~2000 licenses across their products. I've been using Webroot SecureAnywhere since Feb 2012 which is when it went public for business. Webroot sent me a cup and stickers but other than that I am not compensated.)
Before I write 15 paragraphs, if you you have requirements of intense, granular control of an integrated, suite-style protection package and this is an unshakeable business requirement then Webroot SecureAnywhere is not for you. Their focus is on (mostly set it and forget it) AV/AM only - all other means of client management are left to your other systems. It is a plenty powerful product but in this case that may not matter.
Now, if you want to use WSA solely as the AV/AM protection in a suite of products you roll yourself I highly, highly recommend it. Heck you can even add it on top of your existing protection. The thing is unlike anything else in multiple ways- it has really intense journaling of suspicious software so all their actions can be rolled back, the installer and client is literally ~750kb, client feature updates are monthly 750kb packages that can self-install, AV rules are in the cloud so there's only a few ten or hundred kilobyte of communication each day. Explaining the backend<->client interaction is not something I really want to bother going into at the moment. Webroot's marketing about about it isn't lies, even if they sometimes have trouble communicating on a deeply technical level about their secret sauce. For example their "Identity Protection" feature, which is actually a headline ability to block keyloggers from getting data on completely compromised systems that they don't even bother trying to market.
These whitepapers are actually pretty good and you should read them
You may also be interested in Webroot's Web Security Services (WSAWSS) for web content and exploit protection, which is pretty neat. However in the case of that product I think a demo would be the best way to evaluate. I really don't have much to say about it. I can't get into pricing, but if you buy WSA then WSAWSS may be so cheap it doesn't make sense not to throw it in.
Business Products Sr. Community Leader - WSA-E and WSAWSS administrator of 1400+ computers
First company to 1000+ WSA endpoints | Power User / Business Ambassador / WSA-C and WSA-E Beta tester
06-20-2013 09:28 PM - edited 06-20-2013 09:29 PM
HI Explanoit, and thank you for the feedback. We are not in any way bound to some packaged product, and in that vein have been investigating some standalone products. In many situations as you are aware AV/AM is all that's needed as other filtering, blocking and controls are done elsewhere.
I just get frustrated trying to sort the wheat from the chaff, and your commentary has added greatly to the nice kernel of wheat I thought I was seeing with Webroot.
Complex admin isn't what we are after, capable common sense admin is. The set it and pretty much forget it works for us in almost every situation, but sometimes the fact you can do it if that one client needs it matters.
The firewall is the perfect example, all it really needs to do is get the Domain setting from DHCP and apply 1 ruleset if it sees domainA.com, and another if it doesn't. Not always needed, more often than not it isn't but when it is, well it matters. I don't want to have to install 3 pounds of chaff to get the single kernel of wheat.
Bah, I'm rambling....Thanks again.
06-21-2013 03:36 PM - edited 06-21-2013 03:49 PM
I've been using webroot since roughly 2004 (spysweeper) and brought it to my next job as a user suppor analyst. Currently we are utilizing the Webroot Secure Anywhere and Webroot Web Secure in a dual layered approach...we have roughly 300 devices. They range from your standard desktop to the surface pro.
We were using the Webroot enterprise AV/Spysweeper local hosted setup prior to the release of SecureAnywhere.
First, Webroot has been a great company to work with...pretty easy to get answers or assistance if needed...the SecureAnywhere product is an extremely valuable assest for us. Quite simply it's generally a set and forget product...it updates itself and is cloud based so you can manage it anywhere if you have access to the internet and the nice thing about having WSA is that you don't need to have the mobile device stop by the office to make sure they are updated. The ease of viewing the dashboard let's you know what has checked in and what may have issues etc.
Second, cloud based management means I don't have to have a server that I need to update and maintain...even if it were virtual etc. One less thing I need to worry about.
Third, I can design and customize policy and groups etc and once it's set...I'm sleeping better at night.
The deployment was a breeze due to the small initial size and the flexible methods you can use to deploy (login script, GPO, etc.)
Oh yeah...the users love it too because the systems don't bog down when a scan is running...the scans are quick and light and where it shines is the prevention...
I can honestly say that since we have layered up on Webroot we haven't had a single infection since (we're talking 5+ years here)....it's not from lack of users trying.
So in a nutshell...easy deployment, lightweight, low overhead, set and forget, works, and oh yeah...it works!
Great product, great people, and great support...
Not to sound like a repeat of marketing....We have been very happy with the product in a real world scenario.
If you are interested in a more pointed discussion on the Webroot Web Secure I can delve a little deeper into the good the bad and the "I just need to look at how I configured it."
Keep in mind the initial setups had a few bumps, but far from difficult...As recommended above I'd request a trial of the Webroot Web Security and see how it works in your environment...but as for the SecureAnywhere...once we made the few exceptions that we needed it's been rock solid.
Oh yeah...I haven't been compensated for this...just really happy that it's made me look good in front of my boss and made my life a lot easier.
09-18-2013 02:13 PM
My company distribute SecureAnywhere in Scandinavia. I was not a friend of the idea to take on endpoint protection in the very begining. In my mind this would mean lots of support, lots of angry infected customers and a lot of admin and monitoring.
Boy - I was wrong - SecureAnywhere is like nothing else on the market today. My belive is that most other AV vendors will follow Webroot's example and introduce a similar architecture withing a few years due to it's supperior functionaluity, protection and minimal administration.
We distribute the service to a number of MSP's in Scandinavia and most of them are reporing that the've cut costs for AV with around 60% in TCO. End-users are more than happy to find their computers performance rising and still having a superior protection.
Give me a call and I could get you in touch with some of the Scandinavian MSP's we're woring with - and you'll have their words.
CEO of WeCloud AB (www.wecloud.se)