Does Webroot use only HTTPS connections

  • 13 April 2016
  • 1 reply
  • 403 views

We are currently trialling Webroot SecureAnywhere.
 
The majority of our servers are blocked for internet access.  They have traditional pattern based AV and retrieve their updates from a local management server.
 
If I am to consider adopting SecureAnywhere across our network, I would also have to consider opening up internet access on our servers.
 
 
Due to the nature of the service, I understand that it's not possible to identify a range of public IP addresses associated with it.
 
If I restrict the access on the servers to just port 443, will this allow the SecureAnywhere client to communicate fully with the Webroot Cloud servers or would I need to open up port 80 also?
 

1 reply

Userlevel 7
Badge +56
Here's the list of servers that WSA needs to communicate with to function.  You'll just need ports 443 and 80 for these:
 
*.webrootcloudav.com
Agent communication and updates
(Please note: Some firewalls do not support double dotted subdomain names with a single wildcard mask (i.e.
 
g1.p4.webrootcloudav.com being represented by *.webrootcloudav.com) so some environments might require either *.p4.webrootcloudav.com or *.*.webrootcloudav.com)
*.webroot.com
Agent messaging
 
*.s3.amazonaws.com
Agent file downloading and uploading
WSAWebFilteringPortal.elasticbeanstalk.com
Required for agent Web Filtering, elasticbeanstalk is an amazon AWS domain
 
*.webrootanywhere.com
Management portal and support ticket logs upload
 
That way you don't have to open up your servers to the whole Internet, just to the specific servers that we need to talk to.

Reply