Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,138 Topics
- 3,618 Replies
API Access Tab not visible in GSM console
I am trying to use simulations posted here - https://community.webroot.com/unity-api-forum-49/getting-started-with-the-webroot-unity-api-and-postman-274427 to setup Postman to communicate with the Unity API. I am logged in as Admin in the GSM console. However, following the instructions in the Simulation or the GSM Admin Guide documentation, I don't see the [b]API[/b] [b]Access[/b] tab. [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/9f3e8b9d-8934-4fd7-8044-e990e5f7d255.png[/img] Based on the tabs, I think I am in the Business Console. Could you please let me know if the API Access is available in the Business Console or should I convert to the Managed Service Provider Console (which if I do, then I can't go back to the Business console)
Query regarding restricting Webroot policies
A customer has requested Webroot access in order to view the devices for their site. We have created access, and they can only see the devices for their site but they can see all the global policies for our other customers. How do we restrict which policies they can see? Below are detail description of issue. -Partner has given "site only access" to one of the test user "XXXX" but user is able to see global policies of the other sites too. -Checked and found "Include global policy" is checked while creating Webroot site. -Please confirm is there any functionality by using which we can give access to the user for an only particular site and restrict global policies of the other sites.
New installation of Webroot Secure Anywhere picks up old licence key
Hi I am trying to install a new version of Webroot onto a machine that have previously had an installtion of webroot on them. When I install the new version they old licence key is being used and the PC is reporting into our old MSP's console. I've tried to use the installer with the licence key already and the MSI and manually enter the licence key however it this doesnt seem to work. Any ideas? Thanks Steve
Reset Stat Counter For Local Agent
I've got a support request for this one, but I figured I'd ask this anyway just in case someone else knows the answer, if not I should hopefully have the answer and will post it here for posterity. -------------------------------------------------- We're unable to reset the counter on the local agent as we use the secure anywhere portal and it won't allow us to make that change on the agent, but I also see no reset statistics option in the secure anywhere portal? Basically we want to avoid a scenario where the users overreact over recently found threats as they've all been eliminated. Thanks
Reports not showing 'inactive' clients
Hello! I have a questing regarding the reports generated from all the sites and clients in the GSM. The dashboard showes that there are an x number of active clients, but this number deviates from the number of site workstations. Is there any raport that shows this so I can take steps to fix this? Thanks in advance!
BSOD After Installing Endpoint
I run an MSP and I've been shopping around for a Endpoint antivirus. I recently tried WebRoot. I've installed the end point on two of our inhouse machines. Both of the machine had BSOD errors shortly after. Does anyone have any experience with WebRoot and these problems. Obviously I'm not too keen on rolling this out to my customers.
Does Webroot endpoint protection work in China?
We're a managed service provider located in the US and one of our clients has an office in Hong Kong. We manage endpoints in other countries but haven't had any clients in China. Wanted to see if anyone has had experience with managing Chinese endpoints in the GSM and could share any advice or issues that might come up. Thanks, Dan
App installs as standalone and does not show up in my console
I just started installing webroot endpoint on all my desktops. They all seem to install okay except one desktop. When I install using the link with the key code, it still asks for the key code and installs in as a standalone app. It doesnt show up on the console and the user has full control of the app.I tried rebooting, reinstalling, updating the pc… all the normal things, but it just doesnt want to seem to work. All the other installs are working fine on similar desktops. Any ideas???
Agent commands not received (version 22.214.171.124)
Hello everyone, I recently noticed that running an agent command like 'Scan' or 'System Optimizer' from the GSM console ends up with a 'Not received yet' status forever. I tried on different devices, some having a firewall and proxy protecting them and some not secured. The commands are executed after a manual 'Refresh configuration' only on few of the devices I tested on. I think this has something to do with the latest version updates, since I did not have any issues before. Has someone experienced something similar? Thank you.
Mac DNS hijacking malware : Mami
Hi, When will webroot detect this? Accoding to Virustotal, it still doesn't: [url=https://www.virustotal.com/#/file/5586be30d505216bdc912605481f9c8c7bfd52748f66c5e212160f6b31fd8571/detection]https://www.virustotal.com/#/file/5586be30d505216bdc912605481f9c8c7bfd52748f66c5e212160f6b31fd8571/detection[/url] Background can be found at: [url=https://objective-see.com/blog/blog_0x26.html]https://objective-see.com/blog/blog_0x26.html[/url]
New Whitelisted folders are not getting pushed out to the clients
New Whitelisted folders we added on Dec 8th and are still not getting pushed out to our Windows 10 computers. I whitelisted 4 folders for our PrimeSUITE application and it fixed the issue immediatly but I had to uninstall and reinstalled Webroot to make sure each computer got the new changes. On other computers I tried the wrsa.exe -poll command over and over but it did not help. We have over 500 computers so I can't continue to do this manually on every computer. Users keeps having issues with PrimeSUITE and I have to uninstall Webroot and reinstall Webroot to resolve the issue so that they get their folders whitelisted.
Site Permissions with Groups
It would be a lot easier if I could had people to custom groups and just assign groups. There are people that need only access to one site. I have many tech that i would like to include in a group to give full access to all sites. There are many sales and account people i would like to give read only access to everything. If I could use groups at the site level to include all uses in the group it would make life a lot easier to manager when adding additional customers instead of having to manually select everyone's individual permissions.
Unusual Dwell time
Recently over the holiday one of our machines had a suspect program pop up. For some reason it didn't delete it and rescan. As you can see the dwell time was 5 days!! What could have caused this? [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/32334i339C9C89147B2A30.png[/img]
Threat registering under Visual Studio
We are starting to see a threat register on our WebRoot Endpoint Protection under Visual Studio that is registering in the malware group System.Monitor.Project.Neptune, which is a key logger. The file name is submain.ghostdoc.codeobjectmodel.dll. Anyone have any insight on whether this is a false positive or not?
Help creating a ransomware simulator
We want to demonstrate the need for Webroot to prospective customers who use traditional AV software. So I wrote a simple "ransomware" program that only affects a test folder. It is a compiled .exe program that: [list=1] [*]Reads files one at a time from a test folder (c:userspublicvideos est) [*]Encrypts the file contents. [*]Writes the file to filename.txt.crypt. [*]Deletes the file.[/list]My expectation was that Webroot would see that a new .exe program was encrypting and deleting files and block it, but it did not. I have run the program from a Command Prompt window, from Windows Explorer and from a Desktop shortcut. I also ran this ransomware simulator on a VM protected by a dedicated anti-ransomware program, CryptoDrop, but it, too, allowed the deletions. As I am not an experienced white hat hacker, I am sure I am missiing something. I am aware of KnowBe4's RanSim ransomware simulator, but by now it is well known to signature-based antivirus products. I'd like to be
Deleting a Site
I know currently there is no way to delete sites but when speaking to a customer, they informed me that when speaking to Webroot, they were able to do so without creating a new console. We have a lot of deactivated sites such as test sites for demo purposes. Is there a way these can be deleted? I can provide all details accordingly, including who we are as we are known to webroot individually.
N00b questions on deployment through group policy
Hi guys, I have some noobish questions on depolying to endpoints using group policy in active directory. I know I can use the MSI file that is downloaded from my web console. I have downloaded it. I have also put that file in my group policy shared folder, and I can see how I deploy MSI files using GPO>Computer Configuration>Policies>Software Settings>Software installation. Now where to go from here? I understand that the MSI is interactive, and I want it it to be silent and put in its own product key. It sounds like what this guy is talking about here, but I don't know where or how to put in those command line arguments....and where to go from here. [url=https://community.webroot.com/t5/Endpoint-Protection-and-GSM-KB/Using-MSI-for-Deployment/ta-p/326532]https://community.webroot.com/t5/Endpoint-Protection-and-GSM-KB/Using-MSI-for-Deployment/ta-p/326532[/url]
Change Keycode delay following command being marked as "Executed"
[b]Questions:[/b] [list] [*]How long should an Endpoint continue to show in a Site once the 'Command Log' shows the [i]Change Keycode[/i] command as "Executed"? [*]Should a [i]Change Keycode[/i] across GSMs (instead of between Sites in the same GSM) be expected to take notably longer? [*]Does the Endpoint's host computer need to be restarted for the Change Keycode command to finish? [/list] [b][u]Background[/u][/b][spoiler]In the past I've had problems using the [i]Change Keycode[/i] command to move WRSA Endpoints between Sites within the same GSM. Just didn't seem reliable. It's been a while since I've last used that command as it is, but now we're attempting to transfer a customer's WRSA Endpoints to their new MSP's GSM (at their request). Webroot Support confirmed that doing this is possible and officially recommended using the [i]Change Keycode[/i] command over a uninstall-reboot-reinstall of the Endpoint. That Site's 'Command Log' shows the command as "Executed" for many of tho
Selling my protection history
We recently received a “security report” from an insurance underwriter related to our Cyber Liability policy. Included in the report was the one and only incident that a user had with an email threat. The threat was promptly identified and remediated. My question, since the information included the users email address, time and date of the incident, how did the insurance underwriter get this information? The only place it is contained is within our webroot data. Are you know selling our security history logs with usernames, PII, etc.? If so, we will be dropping Webroot like a rock.
Is Webroot blocking port 1433
Hi, I am using a VPN to connect to a client's SQL Server database but I am unable to connect. One of the troubleshooting tips is to make sure that my firewalls aren't blocking the port that SQL Server usually listens to which is Port 1433. Is there a way for me to check this and if it is blocking it can I tell the firewall to allow connecting using that port. Thank you Steve
We are a versatile IT company in that we take care of both small business and home users. We are trying to move away from Eset Endpoint AV to Webroot. However, we are lacking some functionality and we don't know how to overcome it. In the Eset management portal, we are able to add custom fields so that we can accurately identify the customer, computer make and model, etc. I can't figure out how to do that in the Webroot SecureAnywhere portal. For businesses, I just create a new site and put all relevant business PCs installs under that. That’s no problem. However, for a home user, I can justify creating a site for each individual user. I am looking for suggestions or best practices on how to do some type of labeling for management and record keeping purposes. I know companies like Best Buy help home users - so how do they track their licenses per home user?? Suggestions please on how others do this?
Unmanaged by policies
In the dashboard, it shows I have 2 devices unmanaged by policies. But in Policies tab, in Unmanaged menu, it shows: No sites currently use this as their default policy Any idea why that please? [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/33142i17B1DE05A9E1B5D0.png[/img]
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.