Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,134 Topics
- 3,606 Replies
This should be simple: we run a large multi-site network with a number of admins.I need to see the status of our Admins:Name and email, 2FA status, admin type (all on current console) Most recent login date Any login failure info you can provideI can’t see ANY way to discover which admins haven’t logged in. Not in the old or new console, not in API reporting. :(How to solve it?
Partial Outage Webroot Management ConsolesIdentified - The issue has been identified and a fix is being implemented.Feb 24, 09:03 UTCInvestigating - Webroot Management Consoles is currently experiencing a partial outage. We are investigating the issue and working on a speedy resolution. Thank you for your patience.Feb 24, 08:37 UTC
Webroot has effectively shut down O365 for my whole organization by blocking the login page.It doesn’t matter which way we approach, eg. “portal.office365”, “portal.azure” it’s when you get to the login landing you are met with: Warning: This is a High Risk SiteWebroot has blocked the website you are trying to access for your protection:https://login.microsoftonline...Detected Phishing SiteThis site might try to trick you into disclosing your login, password, or other sensitive information by disguising itself as a website that you trust.
I just can’t say enough bad about Webroot. I blew it away two years ago because of all the problems and lack of support. So here I am two years later and am still being haunted. I uninstalled it from all my endpoints but it did not remove itself from SecurityCenter. It is still in the WMI. That really doesn’t surprise me. It is obvious that Webroot has no business getting in to the virus arena but anyway….. is there an automated way to remove the Webroot entries in the WMI?
Looking for evidence/story/anecdote where this feature successfully blocked something malicious. The feature looks intriguing, but we’ve had enough webroot problems with their basic features and I’m hesitant to introduce what looks like a beta still without a known upside.
Hi all, We are getting pretty frustrated because of no automation of billing the correct webroot agents to the customer.We’re working with Autotask PSA and when a customer takes Webroot or change the number of agents it is beeing changed in the WebRoot portal. Next we send a email to our admin who has to change within the contract of Autotask of that specific customer the numer of webroot agents. Sometimes it happens that the email has nog been read or someone forgot to sent an email resulting in not a correct invoice to the customer and not paid costs for us.Which possibillities offers webroot to automate this? Kind Regards, Niels
There’s a list of URLs that need to be granted access through firewalls from your KB that float around this forum. In anticipation of a new console going live in five days, are there any new exceptions that need to be made to our clients’ firewalls in order for endpoints to continue checking in?List of URLs we currently allow traffic to:*.webrootcloudav.comAgent communication and updates(Please note: Some firewalls do not support double dotted subdomain names with a single wildcard mask (i.e. g1.p4.webrootcloudav.com being represented by *.webrootcloudav.com) so some environments might require either *.p4.webrootcloudav.com or *.*.webrootcloudav.com) *.webroot.comAgent messaginghttps://wrskynet.s3.amazonaws.com/*https://wrskynet-eu.s3-eu-west-1.amazonaws.com/*https://wrskynet-oregon.s3-us-west-2.amazonaws.com/*Agent file downloading and uploading *.webrootanywhere.comManagement portal and support ticket logs upload WSAWebFilteringPortal.elasticbeanstalk.comWeb Threat Shield
How does the following registry key get populated? We have had several instances where this value is populated and it causes issues for our users. Once we blank it out, everything is back to normal. One instance where this happens is when our users connect to VPN for another company we support. This key gets updated with server names inside that customers environment which obviously won’t work. Trying to understand if the their VPN process is updating this key directly or if Webroot is populating this key based on the network configuration at some point in time? Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\WRData\RSP
So were to begin. we have multiple clients that have webroot installed on DELL AIO pc’s are the majority being used on daily basis however in light of certain DELL updates that have to be done manually at this time Team is finding it increaseingly difficult upon boot to wait and sit for WEBROOT to stop pegging out the main disk drive with read and write scanning anything in the background running on startup which there is not much to scan until a user starts using their PC for daily use. noticed in task manager that DISK usage is pegged making anything on the DELL AIO inoperable to use. what is good way to keep this from happening besides disabling the end point service form the mywebroot management dashboard, then rebooting there by uninstalling it from the machine do our work then reboot again to reinstall it. management dashboard CE 21.4 and webroot end point version - 184.108.40.206 is client versionplease advise.
Hello, Recently we have seen fileless malware come up on some endpoints. PowerShell is launching a script that loads a text file, that spawns a remote connection back to an attacker.I understand the Evasion Shield is supposed to detect this. Is there a way we can block PowerShell scripts with Webroot, or even better, where we can be alerted if a PowerShell script launches, or can we block it, etc? Thank you
Some of our endusers (not all) are experiencing problem with the Webroot Web Threat Shield extension in Microsoft Edge (the new Chromium based version). They get a request to enter the keycode. That should not happen, as the environment is fully managed by us as MSP. Is this a known bug?
Hi!We are operating 12 vessels in open sea water and internet communication is not available. We can send receive email from vessel along with small file replication to vessel computers.We are interested in deploying Webroot Business Endpoint to the fleet.BIG question is , how we can perform Webroot updates as vessels are practically offline. Any suggetsions? RegardsElias Kouros
Hello everyone,My company is using Webroot SecureAnywhere for Business. We are trying to deploy an application that may require us to turn off webroot. Everything I’ve seen shows how to do so manually via the client’s GUI. This is too time consuming as we have dozens of endpoints. Is there a way to shutdown webroot via powershell (or any other automated way), install what I need, then turn it on again? I know the security implications of this and understand why this may not even be possible. But I just wanted to make sure.
I have a user having issues and the only thing that changed was installing webroot. I want to disable the agent remotely to see if the users notices a difference. I created a test policy that allows the agent to be shutdown. Is there a way I can run a terminal command to shutdown the agent?
I would like to see the machine names displayed without being truncated to 15 characters. Glib comment: That is so 20th century.Seriously though. And when you pull a report, the report also shows the truncated names.Thanks for listening!
Hi Team, We recently purchased the webroot secure anywhere for one of our enterprise servers. The agent was installed on the server with the new keycode received. The finance team lost the email with the keycode but the server still has the agent installed and shows only the first 4 digits of the keycode applied.The finance team even does not remember the first name / last name used for registration as they work on multiple things.We only have two things: Th first 4 digits of the keycode and the purchase date. Please help.Regards
Hello, Is there any way to control what applications are listed under application protection from the web management portal? We’re looking into this because lately we’ve had quite a few clients being unable to open chrome because webroot is stopping it from opening, and we can’t figure out what is telling webroot to put the chrome exe under app protection.
For SOC Compliance, we need to have a evidence of our policies. Currently the work around is to just take screen shots, but this is very tedious and inefficient.I see there was an older thread, however that answer does not apply to the current UI.We currently use the CE 21.4 version, is there a solution to be able to export the policies? (I tried through the reporting tool, but I do not see the option there as well...)
Hello - I recently started manage Webroot in our environment, and I noticed none of the active policies have this “Favor low CPU usage” setting enabled. Anyone got any experience with this setting? I figured there had to be a reason why it is disabled. Maybe it doesn’t do much, or maybe the scan will be too slow?The setting for “Favor low RAM usage” is enabled in most policies. Thanks!
This link mentions that Secure Anywhere Endpoint Protection can “Lock down ports and devices such as USB, CD and DVD Drives” - We’re looking to possibly wanting to lock down USB Storage devices from being access on our machines. How/where can I configure this in our Webroot Policy? http://wrpolska.pl/wp-content/uploads/2013/01/WSA.pdf
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.