Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,134 Topics
- 3,656 Replies
We have enabled Evasion Shield and set it to remediation after a test period. The problem is that we do not receive alerts when a script is detected/quarantined. We have to run a report, daily, to discover potential problems. Do you confirm this behaviour? Thank you in advance. -- Nicola
Hi I just wanted to ensure my understanding on how endpoints (managed by GSM) get policy updates and how this is reflected in the GSM portal. Setup: I have a group called “test-group” I have a policy applied to the group called “test-policy” I have a pc in that group called “test-PC” The test-policy has polling interval set to 15 minutes Questions: If I make a change to the policy, “test-PC” endpoint should reflect that change within a max of 15 minutes? How long should I then expect for that change to then reflect back in the GSM portal. If a policy polling interval is 15 minutes, then the “Last Seen” value should never be more 15 minutes in the past (unless of course the device has been switched off)? 2 Specific examples: This morning I have turned on the Evasion Shield for a group of servers and this afternoon they are still not reflecting the change. Polling is set to 15 minutes and the “Last Seen” value is within the last hour. Another example this morning I enabl
Hi I have some questions regarding the fundamentals of Webroot and the GSM and Endpoint Protection Console We are an internal IT department that use Secure Anywhere Webroot Endpoint Protection (We are not an MSP). We have 1 site in GSM which contains groups of our company devices with policies associated to those groups (IT Dept, Users, Server, Terminal Servers etc) Policies in GSM are pushed down to the Endpoint Protection Console (We didn't do this and must have been converted from the legacy console when GSM was pushed out to us……) What console should we be using to manage everything? I can see there are some major differences: for example: GSM Policy management has features that the Endpoint Protection Console doesn't such as the new Evasion Shield - This doesn't show in the Endpoint Protection Console at all Endpoint Protection Console has many more agent commands than GSM Reporting in GSM has many more reports compared to Endpoint Protection Console No Deactivated grou
I see a new version for Mac has been released since 8 days, a new version for Windows has been released since 17 days. However, all agents in my clients are stil the old version. Mac is 22.214.171.124 Windows is 126.96.36.199 I know they said not everyone will receive the update at the same time, but one or two weeks should be enough? Any problem with upgrading?
HI: I am testing the usage of the WSA for buisness and the agent commands. One of which I need to use is the “uninstall command” so that I can remove the program from computers owned by users that leave the company, or for any other multitude of reasons. The agent refresh is set at 15 minutes. I manually refresh the WSA client. Nothing happens, I even reboot. No over one hour hour later still nothing. Is this a feature that is expected to work? Version 188.8.131.52 Windows 10 1909 18363,778. I can’t distribute the software if I cannot uninstall the agents. Any help is welcome.
Support ticket (#314077) I got on an endpoint yesterday and the Webroot icon down by the clock was greyed out and when you hovered on it, it said “Protection Disabled”. All I had to do was open it and click “Enable” but that bring up a couple questions: 1) How did it get disabled in the first place? I can see the option to “Shut Down Protection” but not simply disable it. How did the end-user do this? 2) Why wasn't I notified and why is the “Disabled” status not reflected in the GSM? Supports response: To #1 we don’t know. To #2 they never responded even though I asked it twice. Gotta love their support…….
I am new to this group, so please tell me where the most appropriate place this question should be placed. I have a bunch of developers who do stuff that once in a while Business Endpoint Protection complains. From what I can ascertain, in the policies I enable the policy “Allow SecureAnywhere to be shutdown manually”. From what I can see this is the only way to allow developers access to the HOSTS file for example. I need to be able to monitor the Manual Shutdown of and startup. I see that the Windows Application Event Log Security Center application creates events and records “Updated Webroot SecureAnywhere status successfully to SECURITY_PRODUCT_STATE_OFF.” and “Updated Windows Defender status successfully to SECURITY_PRODUCT_STATE_ON.” Is there a way from within the Webroot Business Console to get this information for an endpoint? Or is the only way to do this is to create a central event log manager? Thank you, David
I have never, in my life, seen a bigger waster of time and money. This software is a bottomless pit of pain and frustration with no end in sight. The GSM can’t contact the endpoint. Commands expire. The endpoint can’t contact the GSM so you can’t uninstall it because it things it is managed. Excludes aren’t excluded. it won’t register as the the “on” virus in Security Center so both Windows Defender and Webroot are active. It won’t install or uninstall properly. It is hit and miss if it puts itself in Add/Remove programs. The latest update makes the WRSVC service fail to start because it is improperly digitally signed. Endpoints show up in the wrong site It thinks programs are harmful that are totally safe. Now you can’t even end the numbering system in the post! Can’t you do anything right Webroot! Do not use this program! It is total junk!
Hello. I can’t seem to log in to my SecureAnywhere Console. Apparantly I’ve enabled 2FA. But I don’t remember where the security code is sent. Its not going to any authenticator I have. (Google, Microsoft, Authy). Its not going to my email. I’ve tried resetting but its saying my security questions are wrong. Could Webroot please help with this? Thank You.
I’m running Webroot SecureAnywhere EndPoint Protection v184.108.40.206 I’ve been battling a strange issue where my whole OS becomes unresponsive. I get the “(Unresponsive)” message on all windows. Sometimes the screen goes black with only a mouse cursor movable. When it begins, the start menu stops working and I can’t start new applications. Task manager won’t open and CTRL+ALT+DEL doesn’t do anything. Any applications that were running before have a random chance to continue working or freeze. I can’t reboot. If I am able to issue the reboot command it never happens, likely because Windows can’t close all the hung windows. I thought it might be a hardware issue, maybe a failing HDD but I’ve ran numerous tests. All the tests tell me that nothing is wrong. I have been keeping Task Manager open all the time just to see what is going on. I’ve finally noticed a pattern. Webroot kicks up to 10% CPU usage when the event begins. After that, Webroot remains steady
I understand that 2019 is ‘supported’ and listed here; LINK, however Webroot does not seem to disable or put Windows Defender in to passive mode on Server 2019 like it would for Windows 10. It also does not show as a listed Security provider in Settings-->Windows Security-->Open Windows Security-->Virus & Threat protection-->Manage providers (link on the right). This leaves the Windows Defender Antivirus Service set to Automatic and running. We all know that less is more when it comes to the amount of antivirus agents on a single machine. I have been unable to find any documentation on your site or in the community regarding 2019 best practices or when it will be fully compatible. Please advise. Thanks, Nic
Where did the Business Endpoint Protection forum go? Is this the beginning of the end? The product was absolutely filled with bugs and errors. It was obvious support wasn’t doing anything about the problem. Does anyone have any idea if OpenText was going to fix things or should we all start looking for something new (and a whole lot better)?
I’ve tried rebooting and reinstalling multiple times. I’m testing the business endpoint protection free trial out for my company, we really can’t have two antivirus programs running at once. From other posts it seems like I will need to leave the windows firewall running, that is fine. Web Root is running, I can perform scans and there is a green system tray icon. Windows is not recognizing Web Root as antivirus software though and it’s not appearing in the drop down for providers. The only provider appearing under antivirus is Windows itself (see screen shot). Any assistance would be appreciated, I’m hoping to switch all our licenses from Symantec to Web Root but only if it cleanly installs and runs with Windows.
So I’m trying to set up 2FA for my Webroot console login. I plan on using an authenticator app, but I haven’t gotten far enough to actually make that happen because I can’t get that far in the process. I would like to know if I’m the only one who finds the “Security Question” portion of setting up 2FA on Webroot to be foolish and insecure. The problem is that before I can get to setting up my authenticator with Webroot, I have to choose answers to two “Security Questions”. Nothing new about security questions, right? You choose a question from those provided and put in your answer (usually something unique to the user’s life history). It’s a good way to avoid stolen passwords from allowing access to an account. It’s not foolproof - some bad actor could possibly know a user well enough to guess the answers - but it’s a fairly secure second-string method of verifying the users identity in the case of something like a lost password or other sensitive operation. However, Webroot’s executio
Just an FYI, A Business SecureAnywhere client had a noticeable increase in DNS requests coming from their network with no apparent cause. As a precaution I temporarily installed and ran MalwareBytes which detected Adware.FusionCore on one of the systems. This had gone undetected by WebRoot and Windows Defender.
As of lately a majority of my endpoints don't accept agent commands, it says they either elapsed, executed (but is never executed on the endpoints) or not received. Sometimes it can take days or weeks for the endpoints to show executed even though they check in every day. Changing policy is instant. After a remote session and submit logs to Webroot, Webroot says there is no fix for this at this time. Does anyone else experience this issue?
Is there anyone that has problems with duplicated hostnames/agents in your customer sites? I have to frequently check all my sites for agents that has been duplicated and therefore breaks the licensing seats. it should be fixed because this is a problem but for now i can manage if i could get a better view of sites that has to many licenses issued.
Hello everyone, I recently noticed that running an agent command like 'Scan' or 'System Optimizer' from the GSM console ends up with a 'Not received yet' status forever. I tried on different devices, some having a firewall and proxy protecting them and some not secured. The commands are executed after a manual 'Refresh configuration' only on few of the devices I tested on. I think this has something to do with the latest version updates, since I did not have any issues before. Has someone experienced something similar? Thank you.
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.