light bulb

Did You Know?



New Idea

Is it possible to have a setting for 'keep me logged in' on the portal for monitoring purposes aswell as general admin.
I'm fed up of having to log in every few minutes while administering the site every day.

Status: Reviewed

Notify the system administrator that an endpoint has removed Webroot

Status: Reviewed
by Community Manager Community Manager 4 weeks ago
Computers
Expert
Webroot
Expert

Notify or Alert the system administrator that an endpoint has removed Webroot.

Status: Reviewed

Hi,

 

Would love to see full Application Control with the option to have a Change/Modify time window to be able to be added by policy.

 

What this would do is, when enabled, block any newly introduced application from running on the system that has this policy feature enabled. Only applications that are currently on the system/device would be allowed to run and any other attempts to run new or modify existing applications will be denied and an alert sent to admins.

 

The change/modify would be a separate option after enabling the above to temporarily allow you to modify or change system settings, install patches etc...

 

Thanks

 

John Hart

Nerds On Site

Agents not seen report for GSM

Status: Reviewed
by Community Manager Community Manager on ‎06-20-2016 02:19 PM
Computers
Expert
Webroot
Expert

Report that shows agents that have not been seen by the console, but at the GSM report level instead of the site level.

Status: Reviewed

Last seen severity

Status: Reviewed
by New Voice ekithump on ‎06-14-2016 03:31 AM

At the moment, 'not seen recently' gets displayed for an endpoint whether it hasn't been seen for 10 days or 6 months.

 

Please add the ability to have user defined, graded levels of severity, preferably with a traffic light option.

 

If a machine hasn't been seen for two weeks, I'm not overly concerned (the user could be on holiday and their machine not switched on). However, if a machine hasn't been seen for over a month then that bares investigating. If a machine hasn't been seen for 3 months, it would indicate some housekeeping or deep troubleshooting is in order.

Status: Reviewed

Notification option if the Webroot agent is shutdown via a ticket or email.

Status: Reviewed
by Community Manager Community Manager on ‎06-22-2016 04:37 PM
Computers
Expert
Webroot
Expert

Notification option if the Webroot agent is shutdown via a ticket or email (through the Continuum software).

Status: Reviewed

N-able and Webroot

Status: Under Consideration
by netfriends on ‎05-03-2016 02:08 PM

We would like to make a feature request to have Webroot integrate with N-able RMM tool to send alerts, information, and anything relevant that can show up in the N-able console. Bonus would be an easy way to deploy Webroot through N-able.

Status: Under Consideration

They're on our list under consideration, but we don't have a definite decision either way yet.  

Immediate email alert for new unknown process run (based on a CryptoWall infection)

Status: New
by Community Guide GyozoK ‎12-14-2015 12:12 PM - edited ‎12-14-2015 12:23 PM

Hi,

We just got CryptoWall infection at one of custmoers with 1500 PCs.

Even though WSA client is capable to recognize new unknown processes starting on an endpoint, and even though it also reports it to the console, still the most important things are missing:

- send email alert to admins immediately when an endpoint reports new unknow process running on the endpoint
- be able to create a report in the console for a specific day that includes the new unknows started found on THE SPECIFIED DAY only

If we had these information, we possible could very quickly pinpoint the infection among the 1500 PCs.

Now we could not, because, just imagine, what is the best advice if you see files being encrypted on file server shares? Switch off the shares and disconnect the endpoints from LAN / INTERNET! Well, but then again, that would lead to several days off work, and you will be need to find the infected machine all offline.


So in our example, Saturday morning some user suddenly found encrypted files on a netwrok share. The share was swithed off. We saw the timestamps of HELP_DECRYPT.TXT files so we could see when the malware encrypted the files. It was Saturday morning. OK. Then, IF we had an alert about new unknowns of this Saturday then we could easily pinpoint  out of 1500 clients which ones were running an unknown process at the time of encryption - and we could stop only these PCs and let others work.


So, I believe, as I told it in 2012 several times to Webroot already: sending alerts about caugth viruses to admins (meaning existing "Threat Detected" and "" reports) is simply useless as they contain information after auto-remediation (auto-quarantining the malware). Some email collectors may like to get these alerts, but they will really not have any job with it.


Rather, admins need to focus on hidden things running in the environments, and those are the unknowns.
We need alerts for each and every unknown process immediately, just as soon as they first run! That is what admins must take care about! And then admins will have a chance to stay in control.


Kind regards,
Gyozo

Community GuideCommunity Guide



WSA 6500+ endpoints inatalled and maintained daily, 11+ years with Webroot, 1 yr Webroot MSP

Generate Alerts when Aministrators log into the managment conole and make Policy changes,"The alerting/auditing feature request would be tied to the SSO/identity federation feature requests as well. Having either feature would be very useful."

Status: Reviewed

Provide download of agent via https instead of http

Status: Reviewed
by Community Manager Community Manager on ‎02-16-2016 12:31 PM
Computers
Expert
Webroot
Expert

Webroot should provide our download via Https rather than Http, “to give clients comfort that what they intend to receive is legitimate”.

Status: Reviewed
Idea Categories
Top Kudoed Authors