Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,128 Topics
- 3,583 Replies
Hi Guys, Just wanted to know if anyone experienced WR blocking this file. It gave me two minutes to decide and I got some mixed answers while looking online in general so I didn't get to respond whether to allow it or block it. Oddly enough when I looked into the quarantine/block files, it wasn't there. Thanks in advance.
I am posting here because the DNS FIltering forum has a grand total of 2 threads and no activity in several weeks. Does the WebRoot DNS Filtering alter the TCP/IP v4 DNS properties of the client it's installed on? I have seen clients that are unable to access the internet, and on investigation found the TCP/IP v4 settings DNS address set to a local static IP instead of "Auto", so that it receives the DHCP determined DNS IP. Restoring the DHCP DNS setting instantly resolves the issue. The only thing suspect was WebRoot DNS Filtering, as I could see how it might redirect DNS requests of the client to itself in order to filter. And if it needs to do that, that would be fine except that it ain't working, can't surf and can't send / receive email when WebRoot is handling DNS.
It was running normally yesterday, then I turned off computer. This morning, when turning on my Mac, I could see Webroot started (it's also showing in Activities Monitor), but the icon on the top tray disappeared. I tried to run Webroot manually, nothing appears on my screen. GSM is not available either: We are currently hard at work improving Webroot SecureAnywhere, which unfortunately means the SecureAnywhere website is temporarily unavailable. We apologise for any inconvenience this may cause, but promise the site will be back up very soon and running better than ever! Thank you for your patience. Something changed in Webroot, and it affects to my installation?
Looking through the updates to the GSM this morning and I noticed that the Primary Browser report has basically no clue what browser is the primary one on my endpoints. All, but two of my endpoints are using IE as their primary browser based on the report. I know this to be incorrect because I set the primary browser to Firefox on almost all my endpoints. There's one that requires IE as the primary, but this is due to a software on it and it's a server that only I use. I even have Firefox installed on it and use it for anything other than that software and it can't be set as the primary due to the software. OS doesn't appear to matter. I've got Windows XP through Windows 10 desktops and Windows Server 2003 through Windows Server 2012 R2 servers. The reporting is reading incorrectly on all these OSs. Apparently there is a bug in the software that is misreading this information from the endpoints. Just thought you might want to fix the issue.
Hi. This has been a recurring issue with Webroot. Multiple endpoints stop checking into the portal. Already spoke with Support and the solution was to completely reinstall Webroot with all previous data/program data being removed. This is not a feasible solution specially since WR Support has not been able to determine the root cause. All of the wrdomain have been added to Proxy. Anyone have a fix to this?
How to install using GPOKnowledge Base
[b]This solution addresses Webroot SecureAnywhere Business – Endpoint Protection[/b] To install SecureAnywhere using GPO, you should have experience with Microsoft’s Active Directory and the GPO editor. You can also watch a video on how to use GPO at [url=https://www.youtube.com/watch?v=raP0jQHyFYE]How to Deploy Using Group Policy - SecureAnywhere Business[/url]. [b]To install SecureAnywhere using GPO:[/b] [list=1] [*]From the following location, download the SecureAnywhere MSI installer to a network share:[url=http://anywhere.webrootcloudav.com/zerol/wsasme.msi]http://anywhere.webrootcloudav.com/zerol/wsasme.msi[/url] Downloading the file makes it accessible to all endpoints on which you will deploy SecureAnywhere. [*]Go to the server that is the domain controller for the deployment group. [*]Open the GPO editor on the domain controller and create a policy for the deployment group. [*]Assign SecureAnywhere to all endpoints that belong to the Organizational Unit where t
Hi, in the scheduled report of the installation report, in my opinion the management fails to list the name of the hosts belonging to the sites that are installed. The installation display is there and the host / site name is displayed. This feature is missing from the scheduled report. What do you think? for me it's an urgent change to do! The same list is also missing for all deactivated host sites, so they can be deleted.
Downloading and running the installerKnowledge Base
[b]This solution addresses Webroot SecureAnywhere Business – Endpoint Protection[/b] You can deploy the SecureAnywhere installer file using one of these methods: [list] [*]Install SecureAnywhere on each endpoint. [*]Send emails to end users, so they can install the software by clicking on the link provided in the email template. [*]Rename the executable file using your keycode. This method is useful if you plan to use your own deployment tool and if you prefer not to use MSI commands to run the installation in the background. [*]Use additional commands with the executable file to deploy it in the background. [*]Use command-line options with the installer to deploy to endpoints that are behind a proxy server. [/list][b]To use the SecureAnywhere installer:[/b] 1. On the endpoint, download the SecureAnywhere installer file. The installer file is available from the [b]Resources [/b]tab or by clicking this link: [url=http://anywhere.webrootcloudav.com/zerol
How to submit a ticket to Business SupportKnowledge Base
[b]This solution addresses Webroot SecureAnywhere Business – Endpoint Protection [/b] To submit a support ticket for Webroot SecureAnywhere Business Endpoint Protection, [url=https://mysupport.webrootanywhere.com/supportwelcome.aspx?SOURCE=ENTERPRISEWSA]click here[/url]. If prompted, log into your account. If you prefer to speak with a support representative by phone, [url=https://www.webroot.com/us/en/business/support/contact]click here[/url] for a list of our telephone numbers.
So I ran into one of our users and found they had a bunch of Cracks, Key Generators and pirated software and wondered why webroot did not detect the cracks/key gens? We really want to sweep these from our organization. Any suggestions on settings that I may be missing? or is a no go?
[b]This solution addresses Webroot SecureAnywhere Business – Endpoint Protection[/b] The first time you add endpoints to SecureAnywhere Endpoint Protection, they are assigned to the Default group. You can then move endpoints to the appropriate groups. [b]To move endpoints to another group:[/b] [list=1] [*]Click the [b]Group Management[/b] tab. [*]From the [b]Groups [/b]panel on the left, select the group that contains the endpoints you want to move.[b]Note[/b]: For this procedure you must select a specific group, not [b]All Endpoints[/b]. [*]From the [b]Endpoints[/b] panel on the right, select one or more endpoints.[b][i]Tip[/i][/b]: You can select all endpoints within the selected group by clicking the [b]Hostname [/b]checkbox at the top of the list (first column). [*]Click [b]Move endpoints to another group[/b] from the command bar.[b]Note[/b]: If the group has more than one page of endpoints, the dialog prompts you to ap
Hello! I tried to browse topics and knowledge base, but could not find an answer. My small company manages my remote PC with Endpoint Protection where I would be allowed to set up exceptions and overrides. For this reason my boss added me as a Basic user, so I can do that from the GSM console (as they explained me). However, if I log in, in do not see anything as my console, except “You have not been granted access or permissions to any console.” What do they/I miss? Thank you if you have a minute for this one. ~snip Removed email address please don’t post email addresses in public snip~
So I guess we've seen this file before right? [url=https://community.webroot.com/t5/Endpoint-Protection-and-GSM/File-named-C-Program/m-p/77475#M3612]https://community.webroot.com/t5/Endpoint-Protection-and-GSM/File-named-C-Program/m-p/77475#M3612[/url] But I've seen it again on another system now, and when I called support I couldn't seem to get a straight answer as to what's calling it. Best theory I got so far was perhaps an update rollout is doing a reinstall which might cause it, since it does seem to happen on install. I'm just trying to decide how concerned I should or should not be. Thanks,
I just enabled a feature of our email service that tells me when incoming emails were not sent via TLS. It is telling me that Infection Alert messages from email@example.com are not utilizing TLS. This is probably minor, but it could constitute a security risk in some cases.
I have a lot of "orphan" endpoints I need to change the keycode on. I have access to then via a RMM package but need the WRSA commandline parameter to change the keycode. For that matter it would be really nice to have a list of all wrsa command line options.....
edit: Title should be MacOS users able to uninstall Webroot without* admin I am curious if this is just some of our devices or if this is a wider issue. Currently Webroot clients on 9.1.x.x can be uninstalled without any password requirement.If you go to the About SecureAnywhere page of the client, you will see a link to uninstall Webroot. If you click it, and click yes, you don’t get any sort of password prompt or “this device is managed” prompt. Anyone else have this behavior?Edit: We have since disabled the GUI for all our devices to be on the safe side.
I just wanted to share my own recent experience with uninstalling Webroot Business Endpoint Protection which has received a number of questions over the years and hopefully help someone out. This is the process that I’ve had success with and does require that your agents are checking into the Webroot console and your RMM tool (mine is ConnectWise Automate)Adjust your policies so that agents check in as frequently as possible Tag the target agent(s) with the “unmanaged” policy. For off-boarding, etc., I use a separate group with the Unmanaged policy applied and just move the agents into that group and apply the new policy. Allow them plenty of time to check in and get the policy update. Issue the Uninstall Agent command from the console. We’ve had about a 90% or so success rate with this command. Some will report that the command has executed, but continue to check in. For instances where the console uninstall doesn’t seem to take, we then jump to our RMM tool for help. I stopped using
Hello All, Seeing if anyone has run into this one before. I have configured a policy to have all endpoints check in every 15 minutes. This only works on PCs. To get Macs to update, I am attempting to use the sudo /usr/local/bin/WSDaemon –poll command to force the endpoint to contact the cloud. It doen't error, and I get no return status. However I also don't see the "Last Seen" date and time on the console update. Anyone experiencing the same?
Hi all,I’ve ended up here as I’m not quite sure where else to go for dialog. I'm not sure if I'm correct or incorrect in my approach. I'm interested in the greater opinion!Where I work, we have a fairly sensitive IT manager, who on seeing a Webroot Alert will shout 'fire fire fire' and shut everything and everyone down until a full investigation has been undertaken. This gets fairly wearing as every alert generates a lot of work. (Usually to no benefit) He has a particular urgency for Trojan notifications.Now, while I appreciate the sentiment, I can't help be get ever frustrated at this approach. I am under the (correct/incorrect?) impression that an alert from Webroot is a GOOD thing and that nothing has been executed/infected. Although I do agree that a quiet investigation is probably necessary to ensure that an infection hasn't taken hold.So my question/discussion point is this - if Webroot highlights an 'infection', is the detection done at a safe point i.e. pre execution, or
I received this kind of phishing: the spammer sent a PDF file, with a link in it. The file is clean, so it passed the checking. However, I believe that if I click to the link in the file, I will have trouble (what kind of trouble, I don't know, but it's definitely a bad site!). So, my question is: if I click to that link, will webroot give me any warning, or prevent my browser open the link?
I am using my Mac everyday, but from GSM, Endpoint shows that the last seen of my computer was 2 days ago. Of course, Webroot is running and activated "green" on my computer. It was scanning yesterday too. But it looks like that the activities were not connected to GSM. Any error in GSM? Or something else?
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.