Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,134 Topics
- 3,648 Replies
Hi Webroot, For nearly 4 years you've been saying that 2FA is in the works, but it still hasn't been implemented (The security code isn't 2FA, it's just a second password). Have you released a timeline where your customers can expect to have 2FA security available?
Looking through the updates to the GSM this morning and I noticed that the Primary Browser report has basically no clue what browser is the primary one on my endpoints. All, but two of my endpoints are using IE as their primary browser based on the report. I know this to be incorrect because I set the primary browser to Firefox on almost all my endpoints. There's one that requires IE as the primary, but this is due to a software on it and it's a server that only I use. I even have Firefox installed on it and use it for anything other than that software and it can't be set as the primary due to the software. OS doesn't appear to matter. I've got Windows XP through Windows 10 desktops and Windows Server 2003 through Windows Server 2012 R2 servers. The reporting is reading incorrectly on all these OSs. Apparently there is a bug in the software that is misreading this information from the endpoints. Just thought you might want to fix the issue.
A customer has requested Webroot access in order to view the devices for their site. We have created access, and they can only see the devices for their site but they can see all the global policies for our other customers. How do we restrict which policies they can see? Below are detail description of issue. -Partner has given "site only access" to one of the test user "XXXX" but user is able to see global policies of the other sites too. -Checked and found "Include global policy" is checked while creating Webroot site. -Please confirm is there any functionality by using which we can give access to the user for an only particular site and restrict global policies of the other sites.
[b]Questions:[/b] [list] [*]How long should an Endpoint continue to show in a Site once the 'Command Log' shows the [i]Change Keycode[/i] command as "Executed"? [*]Should a [i]Change Keycode[/i] across GSMs (instead of between Sites in the same GSM) be expected to take notably longer? [*]Does the Endpoint's host computer need to be restarted for the Change Keycode command to finish? [/list] [b][u]Background[/u][/b][spoiler]In the past I've had problems using the [i]Change Keycode[/i] command to move WRSA Endpoints between Sites within the same GSM. Just didn't seem reliable. It's been a while since I've last used that command as it is, but now we're attempting to transfer a customer's WRSA Endpoints to their new MSP's GSM (at their request). Webroot Support confirmed that doing this is possible and officially recommended using the [i]Change Keycode[/i] command over a uninstall-reboot-reinstall of the Endpoint. That Site's 'Command Log' shows the command as "Executed" for many of tho
Or is there a way to do it from the groups list as it'll show all of the old but no option to disable. We have 90 clients and 3K devices and the switching between tabs in the Webroot Console is ridiculously slow and tedious switching between tabs.
I work for an MSP and we have Webroot integrated with our Datto RMM software. I have been getting alerts for threats detected but when I go to the device in the Webroot console it just shows a post clean up scan. No threats previously detected. Below is a screenshot that shows an example. [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/e0e79e37-e976-4467-b5bd-7e281cd046ea.png[/img] Why is this?
We're a managed service provider located in the US and one of our clients has an office in Hong Kong. We manage endpoints in other countries but haven't had any clients in China. Wanted to see if anyone has had experience with managing Chinese endpoints in the GSM and could share any advice or issues that might come up. Thanks, Dan
It would be a lot easier if I could had people to custom groups and just assign groups. There are people that need only access to one site. I have many tech that i would like to include in a group to give full access to all sites. There are many sales and account people i would like to give read only access to everything. If I could use groups at the site level to include all uses in the group it would make life a lot easier to manager when adding additional customers instead of having to manually select everyone's individual permissions.
Through testing some "unknown to Webroot (or any other AV)" malware, I feel WebRoot may be insufficient protection for my clients. By allowing untrusted code to run, it seems a lot of ransomware can get through without a lot of difficulty (the first ransomware-as-a-service a colleague tried with Webroot was successful while other well known competing AVs were able to block it with their own heuristics. Webroots heuristics were turned to max also. While it might be possible to do rollback, WebRoot doesn't do rollback on network drives and unknown applications are allowed access to these resources. Since this is often deployed as a business AV solution, this is unacceptable. Is there functionality in WebRoot currently, or that could be easily added to straight up block execution of unknown executables (as a configurable option of course) -- ideally whitelisting anything SIGNED by a trusted entity (eg. Microsoft)? Or is there a way I can already do this? I know that I could u
I went in to the GSM console 3 days ago and whitelisted several a couple for a site yet when I look at Webroot on one of those endpoints nothing shows up under Block/Allow files. It is all done via the GSM because when I try and and "allow" files on the endpoint it says I can't and that they must be added via the console. So.... what am I doing wrong?
Hi I am trying to install a new version of Webroot onto a machine that have previously had an installtion of webroot on them. When I install the new version they old licence key is being used and the PC is reporting into our old MSP's console. I've tried to use the installer with the licence key already and the MSI and manually enter the licence key however it this doesnt seem to work. Any ideas? Thanks Steve
I am trying to use simulations posted here - https://community.webroot.com/unity-api-forum-49/getting-started-with-the-webroot-unity-api-and-postman-274427 to setup Postman to communicate with the Unity API. I am logged in as Admin in the GSM console. However, following the instructions in the Simulation or the GSM Admin Guide documentation, I don't see the [b]API[/b] [b]Access[/b] tab. [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/9f3e8b9d-8934-4fd7-8044-e990e5f7d255.png[/img] Based on the tabs, I think I am in the Business Console. Could you please let me know if the API Access is available in the Business Console or should I convert to the Managed Service Provider Console (which if I do, then I can't go back to the Business console)
We have a Windows 7 laptop, where we have installed Webroot SecureAnywhere. Recently, the laptop was assigned to a new hire. The laptop was reformatted, installed again with Windows 7 and configured with a new PC name. Webroot was also reinstalled. Now, on the console, the endpoint appears with the new name. However, the old endpoint name is also listed. What is the best practice in removing the old name from the console. Deactivating? Uninstall the agent via Agent Commands > Agent > Uninstall? We want to make sure the endpoint with new name is not affected as this laptop is now online and in use. Thanks!
I run an MSP and I've been shopping around for a Endpoint antivirus. I recently tried WebRoot. I've installed the end point on two of our inhouse machines. Both of the machine had BSOD errors shortly after. Does anyone have any experience with WebRoot and these problems. Obviously I'm not too keen on rolling this out to my customers.
I am new at using the webroot endpoint security. I had a threat detected on one of my endpoints and I was alerted on the webroot management console dashboard. I clicked on the 1 endpoint protect needs attention to view threat. As usual, it gave me information on the threat and the endpoints affected by the threat. On the very right-hand side, there is a brush icon to clean up the threat. I clicked on to manually clear the threat, all it did was run a scan on that endpoint but it did not remove the threat. The threat is quarantined but it keeps alerting me on the dashboard saying 1 endpoint needs protection. I assumed that I had the ability to manually clear threats on endpoints, but I may be wrong. I had used other endpoint protection software in the past that gave me the ability to manually clear threats on endpoints. If I can get some enlightenment on how threats are cleared, whether if its automatic or manual. I will really appreciate the feedback and responses.
Webroot Endpoint Protection 184.108.40.206 Citrix Receiver 3.4 Enterprise connecting to a XenApp 6.5 farm Recently we've had a rash of complaints of users whose printers stop working in our XenApp 6.5 environment. We find that the printers are showing offline on the Citrix servers when this happens. In order to stop this, we either have to disable 'Scan files when written or modified' as per CTX218745, or totally remove Webroot from the workstation (whether Windows 7 or 10). Obviously both of these are big security concerns! One of our customers' onsite technicians says he called Webroot on this and was supposedly told that this was a known issue and would be resolved in a future release. Is this actually the case? If so, when will it be resolved?
We are starting to see a threat register on our WebRoot Endpoint Protection under Visual Studio that is registering in the malware group System.Monitor.Project.Neptune, which is a key logger. The file name is submain.ghostdoc.codeobjectmodel.dll. Anyone have any insight on whether this is a false positive or not?
Dealing with a line of issues with Webroot and Labtech[Automate:On-Prim]. Just discovering some computers are listed as non-GSM in the Webroot plugin. Why would this be the case they definitly should be and are GSM. Has anyone had this issue, or have resolved this issue and could share.
My ERP software is faitly limited when it comes to hostnames and DNS. I need to add a host to the 'host' file, but Webroot doesnt allow that edit from the command line. Is it possible to shutdown Endpoint Security make my edits and and then restart via the CLI?
We want to demonstrate the need for Webroot to prospective customers who use traditional AV software. So I wrote a simple "ransomware" program that only affects a test folder. It is a compiled .exe program that: [list=1] [*]Reads files one at a time from a test folder (c:userspublicvideos est) [*]Encrypts the file contents. [*]Writes the file to filename.txt.crypt. [*]Deletes the file.[/list]My expectation was that Webroot would see that a new .exe program was encrypting and deleting files and block it, but it did not. I have run the program from a Command Prompt window, from Windows Explorer and from a Desktop shortcut. I also ran this ransomware simulator on a VM protected by a dedicated anti-ransomware program, CryptoDrop, but it, too, allowed the deletions. As I am not an experienced white hat hacker, I am sure I am missiing something. I am aware of KnowBe4's RanSim ransomware simulator, but by now it is well known to signature-based antivirus products. I'd like to be
We have found after some deployments of the newest version that a percentage of clients are having issues with files on Windows file shares. With some clients, Excel spreadsheets are showing as blank upon opening. In our case, every time Webroot is closed, the file share issues go away. We have an open case with Webroot. They have told us this issue was discovered and known (as of this time, it is still not posted on the forum's "Known Issues"), but we received conflicting reports; some techs knew the issue, but other people higher up at that point did not. This pointed to us for a real need for communication within Webroot, as it seems like the left hand may not know what the right hand is doing. At this time, I would actively discourage any MSP or large business client from updating past 220.127.116.11. In fact, my topic is also a request: I need the MSI file from 18.104.22.168 so we may roll back our clients, and more importantly, I nee
Hello! I have a questing regarding the reports generated from all the sites and clients in the GSM. The dashboard showes that there are an x number of active clients, but this number deviates from the number of site workstations. Is there any raport that shows this so I can take steps to fix this? Thanks in advance!
I've installed webroot on a macbook using wsamacsme.dmg and key The installer start, stopped when there's a security setting to do, then start to scan After few time the windows closed and i've no icon finder bar ! I cannot enter on SecurAnywhere control panel.. I've tried to uninstall and reinstall but nothing.. I've set as not managed on GSM but no icon the same.. Looking process i see it running what can i do more ??
Folks, I'm really interested to understand what apps you are running on users Windows computers. This is for us to better align our test systems with what you have. Example:- Windows 7 32bit with [list] [*]Office 365 [*]WSA [*]Chrome [*]Open VPN Client [*]RMM Agent[/list] Please post below with your replies Many thanks Jonathan.giffard Senior Product Manager WSA Business
Already have an account? Login
Login to the community
No account yet? Create an account