Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,139 Topics
- 3,625 Replies
Broken Agent commands
As of lately a majority of my endpoints don't accept agent commands, it says they either elapsed, executed (but is never executed on the endpoints) or not received. Sometimes it can take days or weeks for the endpoints to show executed even though they check in every day. Changing policy is instant. After a remote session and submit logs to Webroot, Webroot says there is no fix for this at this time. Does anyone else experience this issue?
duplicated agents/hostnames that increases the licenses used?
Is there anyone that has problems with duplicated hostnames/agents in your customer sites? I have to frequently check all my sites for agents that has been duplicated and therefore breaks the licensing seats. it should be fixed because this is a problem but for now i can manage if i could get a better view of sites that has to many licenses issued.
Agent commands not received (version 18.104.22.168)
Hello everyone, I recently noticed that running an agent command like 'Scan' or 'System Optimizer' from the GSM console ends up with a 'Not received yet' status forever. I tried on different devices, some having a firewall and proxy protecting them and some not secured. The commands are executed after a manual 'Refresh configuration' only on few of the devices I tested on. I think this has something to do with the latest version updates, since I did not have any issues before. Has someone experienced something similar? Thank you.
Need wrsa parameter to change keycode
I have a lot of "orphan" endpoints I need to change the keycode on. I have access to then via a RMM package but need the WRSA commandline parameter to change the keycode. For that matter it would be really nice to have a list of all wrsa command line options.....
2-Factor authentication implementation time-frame
Hi Webroot, For nearly 4 years you've been saying that 2FA is in the works, but it still hasn't been implemented (The security code isn't 2FA, it's just a second password). Have you released a timeline where your customers can expect to have 2FA security available?
Primary Browser Doesn't Work
Looking through the updates to the GSM this morning and I noticed that the Primary Browser report has basically no clue what browser is the primary one on my endpoints. All, but two of my endpoints are using IE as their primary browser based on the report. I know this to be incorrect because I set the primary browser to Firefox on almost all my endpoints. There's one that requires IE as the primary, but this is due to a software on it and it's a server that only I use. I even have Firefox installed on it and use it for anything other than that software and it can't be set as the primary due to the software. OS doesn't appear to matter. I've got Windows XP through Windows 10 desktops and Windows Server 2003 through Windows Server 2012 R2 servers. The reporting is reading incorrectly on all these OSs. Apparently there is a bug in the software that is misreading this information from the endpoints. Just thought you might want to fix the issue.
Query regarding restricting Webroot policies
A customer has requested Webroot access in order to view the devices for their site. We have created access, and they can only see the devices for their site but they can see all the global policies for our other customers. How do we restrict which policies they can see? Below are detail description of issue. -Partner has given "site only access" to one of the test user "XXXX" but user is able to see global policies of the other sites too. -Checked and found "Include global policy" is checked while creating Webroot site. -Please confirm is there any functionality by using which we can give access to the user for an only particular site and restrict global policies of the other sites.
Change Keycode delay following command being marked as "Executed"
[b]Questions:[/b] [list] [*]How long should an Endpoint continue to show in a Site once the 'Command Log' shows the [i]Change Keycode[/i] command as "Executed"? [*]Should a [i]Change Keycode[/i] across GSMs (instead of between Sites in the same GSM) be expected to take notably longer? [*]Does the Endpoint's host computer need to be restarted for the Change Keycode command to finish? [/list] [b][u]Background[/u][/b][spoiler]In the past I've had problems using the [i]Change Keycode[/i] command to move WRSA Endpoints between Sites within the same GSM. Just didn't seem reliable. It's been a while since I've last used that command as it is, but now we're attempting to transfer a customer's WRSA Endpoints to their new MSP's GSM (at their request). Webroot Support confirmed that doing this is possible and officially recommended using the [i]Change Keycode[/i] command over a uninstall-reboot-reinstall of the Endpoint. That Site's 'Command Log' shows the command as "Executed" for many of tho
Hi, in the scheduled report of the installation report, in my opinion the management fails to list the name of the hosts belonging to the sites that are installed. The installation display is there and the host / site name is displayed. This feature is missing from the scheduled report. What do you think? for me it's an urgent change to do! The same list is also missing for all deactivated host sites, so they can be deleted.
Is there a way to Deactivate "Not seen lately" Automatically like not seen in 60 days?
Or is there a way to do it from the groups list as it'll show all of the old but no option to disable. We have 90 clients and 3K devices and the switching between tabs in the Webroot Console is ridiculously slow and tedious switching between tabs.
Post clean up scan after a clean scan?
I work for an MSP and we have Webroot integrated with our Datto RMM software. I have been getting alerts for threats detected but when I go to the device in the Webroot console it just shows a post clean up scan. No threats previously detected. Below is a screenshot that shows an example. [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/e0e79e37-e976-4467-b5bd-7e281cd046ea.png[/img] Why is this?
Does Webroot endpoint protection work in China?
We're a managed service provider located in the US and one of our clients has an office in Hong Kong. We manage endpoints in other countries but haven't had any clients in China. Wanted to see if anyone has had experience with managing Chinese endpoints in the GSM and could share any advice or issues that might come up. Thanks, Dan
Site Permissions with Groups
It would be a lot easier if I could had people to custom groups and just assign groups. There are people that need only access to one site. I have many tech that i would like to include in a group to give full access to all sites. There are many sales and account people i would like to give read only access to everything. If I could use groups at the site level to include all uses in the group it would make life a lot easier to manager when adding additional customers instead of having to manually select everyone's individual permissions.
Block execution of unknown software
Through testing some "unknown to Webroot (or any other AV)" malware, I feel WebRoot may be insufficient protection for my clients. By allowing untrusted code to run, it seems a lot of ransomware can get through without a lot of difficulty (the first ransomware-as-a-service a colleague tried with Webroot was successful while other well known competing AVs were able to block it with their own heuristics. Webroots heuristics were turned to max also. While it might be possible to do rollback, WebRoot doesn't do rollback on network drives and unknown applications are allowed access to these resources. Since this is often deployed as a business AV solution, this is unacceptable. Is there functionality in WebRoot currently, or that could be easily added to straight up block execution of unknown executables (as a configurable option of course) -- ideally whitelisting anything SIGNED by a trusted entity (eg. Microsoft)? Or is there a way I can already do this? I know that I could u
Whitelisting Files and Folders
I went in to the GSM console 3 days ago and whitelisted several a couple for a site yet when I look at Webroot on one of those endpoints nothing shows up under Block/Allow files. It is all done via the GSM because when I try and and "allow" files on the endpoint it says I can't and that they must be added via the console. So.... what am I doing wrong?
New installation of Webroot Secure Anywhere picks up old licence key
Hi I am trying to install a new version of Webroot onto a machine that have previously had an installtion of webroot on them. When I install the new version they old licence key is being used and the PC is reporting into our old MSP's console. I've tried to use the installer with the licence key already and the MSI and manually enter the licence key however it this doesnt seem to work. Any ideas? Thanks Steve
API Access Tab not visible in GSM console
I am trying to use simulations posted here - https://community.webroot.com/unity-api-forum-49/getting-started-with-the-webroot-unity-api-and-postman-274427 to setup Postman to communicate with the Unity API. I am logged in as Admin in the GSM console. However, following the instructions in the Simulation or the GSM Admin Guide documentation, I don't see the [b]API[/b] [b]Access[/b] tab. [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/9f3e8b9d-8934-4fd7-8044-e990e5f7d255.png[/img] Based on the tabs, I think I am in the Business Console. Could you please let me know if the API Access is available in the Business Console or should I convert to the Managed Service Provider Console (which if I do, then I can't go back to the Business console)
Renamed PC appears twice in console (with old name & new name)
We have a Windows 7 laptop, where we have installed Webroot SecureAnywhere. Recently, the laptop was assigned to a new hire. The laptop was reformatted, installed again with Windows 7 and configured with a new PC name. Webroot was also reinstalled. Now, on the console, the endpoint appears with the new name. However, the old endpoint name is also listed. What is the best practice in removing the old name from the console. Deactivating? Uninstall the agent via Agent Commands > Agent > Uninstall? We want to make sure the endpoint with new name is not affected as this laptop is now online and in use. Thanks!
BSOD After Installing Endpoint
I run an MSP and I've been shopping around for a Endpoint antivirus. I recently tried WebRoot. I've installed the end point on two of our inhouse machines. Both of the machine had BSOD errors shortly after. Does anyone have any experience with WebRoot and these problems. Obviously I'm not too keen on rolling this out to my customers.
I am new at using the webroot endpoint security. I had a threat detected on one of my endpoints and I was alerted on the webroot management console dashboard. I clicked on the 1 endpoint protect needs attention to view threat. As usual, it gave me information on the threat and the endpoints affected by the threat. On the very right-hand side, there is a brush icon to clean up the threat. I clicked on to manually clear the threat, all it did was run a scan on that endpoint but it did not remove the threat. The threat is quarantined but it keeps alerting me on the dashboard saying 1 endpoint needs protection. I assumed that I had the ability to manually clear threats on endpoints, but I may be wrong. I had used other endpoint protection software in the past that gave me the ability to manually clear threats on endpoints. If I can get some enlightenment on how threats are cleared, whether if its automatic or manual. I will really appreciate the feedback and responses.
Citrix printing issues - printers going offline unless Webroot is uninstalled or partially disabled
Webroot Endpoint Protection 22.214.171.124 Citrix Receiver 3.4 Enterprise connecting to a XenApp 6.5 farm Recently we've had a rash of complaints of users whose printers stop working in our XenApp 6.5 environment. We find that the printers are showing offline on the Citrix servers when this happens. In order to stop this, we either have to disable 'Scan files when written or modified' as per CTX218745, or totally remove Webroot from the workstation (whether Windows 7 or 10). Obviously both of these are big security concerns! One of our customers' onsite technicians says he called Webroot on this and was supposedly told that this was a known issue and would be resolved in a future release. Is this actually the case? If so, when will it be resolved?
Threat registering under Visual Studio
We are starting to see a threat register on our WebRoot Endpoint Protection under Visual Studio that is registering in the malware group System.Monitor.Project.Neptune, which is a key logger. The file name is submain.ghostdoc.codeobjectmodel.dll. Anyone have any insight on whether this is a false positive or not?
Labtech reporting some computers as non-GSM ?
Dealing with a line of issues with Webroot and Labtech[Automate:On-Prim]. Just discovering some computers are listed as non-GSM in the Webroot plugin. Why would this be the case they definitly should be and are GSM. Has anyone had this issue, or have resolved this issue and could share.
Endpoint CLI Shutdown adn Restart
My ERP software is faitly limited when it comes to hostnames and DNS. I need to add a host to the 'host' file, but Webroot doesnt allow that edit from the command line. Is it possible to shutdown Endpoint Security make my edits and and then restart via the CLI?
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.