I'm trialing Webroot SecureAnywhere Business. In the console I have the "threat detected" alert enabled. I have the check-in interval set to 15 minutes.
I have a few questions:
1. Is there any way to receive "immediate" alerts when an endpoint detects a threat?
2. I am not always receiving the alert emails. For example, a colleague of mine download a Google Nexus Rooting toolkit which Webroot detected and I received an email alert. On another machine that is on an isolated network with its own internet circuit I've been downloading all kinds of "known malware" that I use for testing AV products including spyware installers, crapware, ransomware, etc. Webroot has blocked/detected all of these files (see screenshot attached) however I have yet to receive a single alert. I can't really try these same tests in our production network for obvious reasons. It's troubling to me that if we were to choose Webroot and a user was engaging in this sort of activity on our production network we would receive zero alerts.
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
1. Nothing faster than the 15 minute interval you have now
2. Make sure you have firstname.lastname@example.org whitelisted. Try deleting and recreating the alert. If that doesn't work, go ahead and contact our support and they'll grab some logs and see what is going on.
This is not a known issue and we are unsure what may have happened. This is not a common issue that we have seen. If you continue to experience any issues, please let us know.
Recreating the alert seems to have done the trick, however that does not explain why it stopped working in the first place. Hopefully this was a one-time glitch.
This is unfortunate since everything was looking really good until I started adding more endpoints and throwing malware at them. What I was hoping is for the console to provide timely alerts 100% of the time and to always show the most up to date status of all the endpoints.