Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,137 Topics
- 3,618 Replies
Change Keycode delay following command being marked as "Executed"
[b]Questions:[/b] [list] [*]How long should an Endpoint continue to show in a Site once the 'Command Log' shows the [i]Change Keycode[/i] command as "Executed"? [*]Should a [i]Change Keycode[/i] across GSMs (instead of between Sites in the same GSM) be expected to take notably longer? [*]Does the Endpoint's host computer need to be restarted for the Change Keycode command to finish? [/list] [b][u]Background[/u][/b][spoiler]In the past I've had problems using the [i]Change Keycode[/i] command to move WRSA Endpoints between Sites within the same GSM. Just didn't seem reliable. It's been a while since I've last used that command as it is, but now we're attempting to transfer a customer's WRSA Endpoints to their new MSP's GSM (at their request). Webroot Support confirmed that doing this is possible and officially recommended using the [i]Change Keycode[/i] command over a uninstall-reboot-reinstall of the Endpoint. That Site's 'Command Log' shows the command as "Executed" for many of tho
Hi, in the scheduled report of the installation report, in my opinion the management fails to list the name of the hosts belonging to the sites that are installed. The installation display is there and the host / site name is displayed. This feature is missing from the scheduled report. What do you think? for me it's an urgent change to do! The same list is also missing for all deactivated host sites, so they can be deleted.
Sonicwall AV is blocking Webroot downloads. Can you please work with Sonicwall to correct this?
The Sonicwall Antivirus is suddenly identiifying Webroot dowloads as Trojans. Can someone from Webroot please contact Sonicwall to correct this? From what I have read, Java updates and Sophos are also being flagged as Trojans. They are both working with Sonicwall to correct the situation. Can someone from Webroot do the same since it may not be the same signature that is blocking webroot. It does not seem to prevent webroot from working, but it does prevent version updates and fresh installs. Thanks for looking into this.
Endpoints needs attention, even after clean up...
Hi, I was wondering why my site is always displaying the "endpoints need attention". I cleaned up the computers. I did many full scans after and all of them said Protected and did not show any infected files anymore. But in my console I see the "endpoints need attention, last threat on 11-16-2016 (2 days before)" for the same 2 computers. Is there a way to reset in the console so that they are now viewed as protected? I don't know if you understand my issue...< Thanks !
Sophos Intercept X Comparison
Hey All, I wanna share my response to a fellow community member and Webroot Ambassador[b]@GryozoK[/b] in a post he made in a private area about Sophos Intercept X and it competing with Webroot. This will be a long post but I'll first place his quote first and then below my actual response due to my experience in vetting out all the "Next-Gen" Antivirus/Endpoint Security products and my real world review of it. I thought this would be beneficial to all the community as it dispels some of what Sophos is actually doing with Intercept X. Here is @GryozoK Post: Sophos says that InteceptX: 1. is ligth-weight agent 2. no agent daily updates 3. can protect against all 24 of the cpu level exploits 4. detects mass encryption (ransomware) 5. cut off connection to the attacking host 6. remediating any encrypted documents using a local mirror image copy All these sayings above seems to be similar to what WSA advantages used to be up until now - and actually WSA cann
can i add a password or PIN when Turn off webroot secureAnywhere temporally?
Hi folks, We can add the option "shutdown webroot" check here: [url=http://prntscr.com/ico9f6]http://prntscr.com/ico9f6[/url] on the policies manager for the agent, i get a captcha when click on shutdown but is there an option we can set a admin password or PIN when that option is selected? that way only the admin can shut it down.
Post clean up scan after a clean scan?
I work for an MSP and we have Webroot integrated with our Datto RMM software. I have been getting alerts for threats detected but when I go to the device in the Webroot console it just shows a post clean up scan. No threats previously detected. Below is a screenshot that shows an example. [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/e0e79e37-e976-4467-b5bd-7e281cd046ea.png[/img] Why is this?
Does Webroot endpoint protection work in China?
We're a managed service provider located in the US and one of our clients has an office in Hong Kong. We manage endpoints in other countries but haven't had any clients in China. Wanted to see if anyone has had experience with managing Chinese endpoints in the GSM and could share any advice or issues that might come up. Thanks, Dan
Ports required for firewall exceptions
Hi Please could someone let me know which specific ports to allow outbound to the following URLs as part of the SecureAnywhere Endpoint Protection setup: [b]Communicating Through a Firewall[/b] If a firewall is in place, please allow Webroot’s path masks through the firewall, as described in the following table. PATHINFORMATION *.prevxinfo.com -- *.prevx.com -- *.amazonaws.com -- *.cloudfront.net -- *.webrootcloudav.com Covers the g-url’s as well as several other target addresses. *.*.webrootcloudav.com Some devices don’t like a single * for urls that contain dots in the value of *. *.p4.webrootcloudav.com For devices that don't like multiple *’s. *.compute.amazonaws.com Covers inbound communication from the Amazon cloud servers. *.webroot.com To be used for future communications *.webrootanywhere.com To be used for future communications Thanks
Site Permissions with Groups
It would be a lot easier if I could had people to custom groups and just assign groups. There are people that need only access to one site. I have many tech that i would like to include in a group to give full access to all sites. There are many sales and account people i would like to give read only access to everything. If I could use groups at the site level to include all uses in the group it would make life a lot easier to manager when adding additional customers instead of having to manually select everyone's individual permissions.
In the Webroot console, how do we permanently delete a quarantined threat?
In the Webroot console, how do we permanently delete a quarantined threat? I see in the front-end user GUI the option to permanently delete from quarantine, but user receives error message that settings are centrally managed. Also, will the "Needs Attention" then clear? On a similar note, if we create an override for a found threat, should the "Needs Attentions" clear or about how long should it take before that status clears? Thanks so much for any input!
New installation of Webroot Secure Anywhere picks up old licence key
Hi I am trying to install a new version of Webroot onto a machine that have previously had an installtion of webroot on them. When I install the new version they old licence key is being used and the PC is reporting into our old MSP's console. I've tried to use the installer with the licence key already and the MSI and manually enter the licence key however it this doesnt seem to work. Any ideas? Thanks Steve
API Access Tab not visible in GSM console
I am trying to use simulations posted here - https://community.webroot.com/unity-api-forum-49/getting-started-with-the-webroot-unity-api-and-postman-274427 to setup Postman to communicate with the Unity API. I am logged in as Admin in the GSM console. However, following the instructions in the Simulation or the GSM Admin Guide documentation, I don't see the [b]API[/b] [b]Access[/b] tab. [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/9f3e8b9d-8934-4fd7-8044-e990e5f7d255.png[/img] Based on the tabs, I think I am in the Business Console. Could you please let me know if the API Access is available in the Business Console or should I convert to the Managed Service Provider Console (which if I do, then I can't go back to the Business console)
Citrix printing issues - printers going offline unless Webroot is uninstalled or partially disabled
Webroot Endpoint Protection 126.96.36.199 Citrix Receiver 3.4 Enterprise connecting to a XenApp 6.5 farm Recently we've had a rash of complaints of users whose printers stop working in our XenApp 6.5 environment. We find that the printers are showing offline on the Citrix servers when this happens. In order to stop this, we either have to disable 'Scan files when written or modified' as per CTX218745, or totally remove Webroot from the workstation (whether Windows 7 or 10). Obviously both of these are big security concerns! One of our customers' onsite technicians says he called Webroot on this and was supposedly told that this was a known issue and would be resolved in a future release. Is this actually the case? If so, when will it be resolved?
Renamed PC appears twice in console (with old name & new name)
We have a Windows 7 laptop, where we have installed Webroot SecureAnywhere. Recently, the laptop was assigned to a new hire. The laptop was reformatted, installed again with Windows 7 and configured with a new PC name. Webroot was also reinstalled. Now, on the console, the endpoint appears with the new name. However, the old endpoint name is also listed. What is the best practice in removing the old name from the console. Deactivating? Uninstall the agent via Agent Commands > Agent > Uninstall? We want to make sure the endpoint with new name is not affected as this laptop is now online and in use. Thanks!
BSOD After Installing Endpoint
I run an MSP and I've been shopping around for a Endpoint antivirus. I recently tried WebRoot. I've installed the end point on two of our inhouse machines. Both of the machine had BSOD errors shortly after. Does anyone have any experience with WebRoot and these problems. Obviously I'm not too keen on rolling this out to my customers.
I am new at using the webroot endpoint security. I had a threat detected on one of my endpoints and I was alerted on the webroot management console dashboard. I clicked on the 1 endpoint protect needs attention to view threat. As usual, it gave me information on the threat and the endpoints affected by the threat. On the very right-hand side, there is a brush icon to clean up the threat. I clicked on to manually clear the threat, all it did was run a scan on that endpoint but it did not remove the threat. The threat is quarantined but it keeps alerting me on the dashboard saying 1 endpoint needs protection. I assumed that I had the ability to manually clear threats on endpoints, but I may be wrong. I had used other endpoint protection software in the past that gave me the ability to manually clear threats on endpoints. If I can get some enlightenment on how threats are cleared, whether if its automatic or manual. I will really appreciate the feedback and responses.
IP Address for Firewall
Beginning this morning, our SonicWall gateway antivirus has started blocking the endpoint upgrade to 188.8.131.52 - clearly a false positive signature in the SonicWall AV database. What are the IP address ranges for the Business Endpoint Protection service so that I can add them to my firewall exclude list?
Threat registering under Visual Studio
We are starting to see a threat register on our WebRoot Endpoint Protection under Visual Studio that is registering in the malware group System.Monitor.Project.Neptune, which is a key logger. The file name is submain.ghostdoc.codeobjectmodel.dll. Anyone have any insight on whether this is a false positive or not?
Labtech reporting some computers as non-GSM ?
Dealing with a line of issues with Webroot and Labtech[Automate:On-Prim]. Just discovering some computers are listed as non-GSM in the Webroot plugin. Why would this be the case they definitly should be and are GSM. Has anyone had this issue, or have resolved this issue and could share.
Endpoint CLI Shutdown adn Restart
My ERP software is faitly limited when it comes to hostnames and DNS. I need to add a host to the 'host' file, but Webroot doesnt allow that edit from the command line. Is it possible to shutdown Endpoint Security make my edits and and then restart via the CLI?
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.