Webroot® Business Endpoint Protection
Welcome to the Endpoint Protection and management console Discussion Forum!
- 1,134 Topics
- 3,656 Replies
One of our internal Macs is showing the Webroot icon in gray with the exclamation point in the menu bar. In opening it, I have found it says that some important security features are disabled. Of course, I cannot tell what they are because the system is managed by policy from the GSM console, so when I click, it doesn't let me look at what might be off. As far as I can see, the shields are on, and we are using an internal policy that uses fairly common settings on the Mac side. Is it possible to find out what settings would definitively cause a system to report like this if they are off? Thanks for any assistance.
The default polling setting of one day is fine for normal operations. But when one is troubleshooting, being able to immediately reset a policy item would be helpful. I was hoping that the Refresh configuration option of the client agent would take care of this, but I don't see that happening. When I run that on a client (open Webroot system icon and right click) I get the following message: "You are currently using the newest Secureanywhere software. With this version, Secureanywhere automatically updates the software and no longer downloads threat definitions. Threat protection is now performed "in the cloud" and is always up to date" That leads me to beleive that Refresh configuration doesn't do anything and that I need to rely on the polling interval for configuration changes to take place. Is that correct? If so, is the only way to address this to create a policy that polls faster and move systems to the group
I just wanted to share my own recent experience with uninstalling Webroot Business Endpoint Protection which has received a number of questions over the years and hopefully help someone out. This is the process that I’ve had success with and does require that your agents are checking into the Webroot console and your RMM tool (mine is ConnectWise Automate)Adjust your policies so that agents check in as frequently as possible Tag the target agent(s) with the “unmanaged” policy. For off-boarding, etc., I use a separate group with the Unmanaged policy applied and just move the agents into that group and apply the new policy. Allow them plenty of time to check in and get the policy update. Issue the Uninstall Agent command from the console. We’ve had about a 90% or so success rate with this command. Some will report that the command has executed, but continue to check in. For instances where the console uninstall doesn’t seem to take, we then jump to our RMM tool for help. I stopped using
I'm just starting to roll out Endpoint Protection and I'm running in to many problems. 1) In the Web console new endpoints show logs for other endpoint many times days old. 2) With the crazy logs, an endpoint will suddenly show an infections, that 's not there, it's from a differnt endpoint. 3) Sometimes a new end point shows up in the console, then disappers. Some endpoint do install normal and act normal. I do not have a good feeling about this product. I'm just getting started and don't know if I should continue. Jim...
For those of you who were not able to attend the Unity API Webinar, you can view the recording here: [video]https://www.youtube.com/watch?v=GkUrMIwS-5E&feature=youtu.be[/video] Let us know if you have any additional thoughts or questions, and we'll be posting more information soon!
I've installed webroot on a macbook using wsamacsme.dmg and key The installer start, stopped when there's a security setting to do, then start to scan After few time the windows closed and i've no icon finder bar ! I cannot enter on SecurAnywhere control panel.. I've tried to uninstall and reinstall but nothing.. I've set as not managed on GSM but no icon the same.. Looking process i see it running what can i do more ??
Hi, Have a client who is complaining that "it hasn't operated right since it was put on." Now this person tends to visit questionable sites, but our policies are set to block etc... and now allow them to override those settings. As a test, we created a policy with no Web or Identity shield enabled at all, but he still complains. Is there a way to download the log files from the console to my notebook so I can see what sites etc... have been accessed or blocked??? There's nothing showing in terms of malware found by looking through the scan history. So my guess he's getting sooky cause he can't visit certain adult materials. Thanks John Hart Nerds On Site email@example.com
There have been a lot of times that I have had a call from a customer who is complaining that Webroot is blocking access to a Website that they have accessed many times before, and that others in the company (and also myself) who are using Webroot are not affected. I have also checked the Webroot Brightcloud website checker which has showen the website to be trustworthy. The only way I had gotten around this in the past was to set the policy to 'Unmanaged' and allow the customer to click 'continue' and enter the captcha code which created the override, then changing the policy back. Recently, I tried using a MD5 hash generator and translating '[url=http://www.example.com']www.example.com'[/url] into a MD5 and creating an override for that MD5 as good. The customer responded shortly to advise that they can now get through, but part of me thinks it may just be a coincidence. Would / should this work to allow access to mistakenly blocked websites? Would
We are currently trialling Webroot SecureAnywhere. The majority of our servers are blocked for internet access. They have traditional pattern based AV and retrieve their updates from a local management server. If I am to consider adopting SecureAnywhere across our network, I would also have to consider opening up internet access on our servers. Due to the nature of the service, I understand that it's not possible to identify a range of public IP addresses associated with it. If I restrict the access on the servers to just port 443, will this allow the SecureAnywhere client to communicate fully with the Webroot Cloud servers or would I need to open up port 80 also?
We are having an issue when we installed the client on a Windows 2008 Term server. We have client apps that they use and it is slowing down the apps. The apps are for Tirepower and when they go to print from it, it takes 2-3 times the amount of time it normally takes. Has anyone else had this issue?
Hi I am currently testing WR end point with the intention of introducing it to my customer base. I am a managed provider and will be using the web console (WC) to manage my clients. I have tested on W7 PC's so far all ok but our W10 remote office laptop stopped scanning over a week ago even though I initiated several manual scans to no avail? Any ideas? xT
I hate to start a new thread but I am having trouble figuring out where to set up restrictions to certain domains and categories. I changed it one time, and now I want to update/change settings categories and add domains that we need to block on the end users and I have no idea where to go. Thanks for any help.
but it does look like the dissatisfaction numbers are on the rise: [url=http://www.eweek.com/small-business/it-professionals-overworked-losing-pride-in-their-jobs.html]http://www.eweek.com/small-business/it-professionals-overworked-losing-pride-in-their-jobs.html[/url] Sysadmin burnout has long been an issue, but is it worse lately?
Threat found on some of our endpoints, when we go to the console, it says that "1 endpoint needs attention", and the message: "We recommend you check whether this endpoint has automatic remediation enabled on the assigned policy" Looking at the policy settings, I don't see one specifically for this. Can anyone clarify? I guess if I could be pointed to an admin guide that spells out what each setting does, that would be helpful.
Hi, I have a Windows 2012 Essentals Server with a single Windows 10 PC connected . I also have a Windows 8 laptop and Windows 7 Media PC. What I wanted to ask is that if I get the 5 device license would I be able to use/install it in my Laptop and PC which are NOT connected to the server or do I have to get seperate 'non-endpoint' licenses Thanks Steve
Hello All, We have a new client who got hit with Cryptolocker ransomware to the point where their VHDs are decrypted. They've paid the ransom but instead of receiving the decryption key, they are being asked for more money. Any and all assistance with helping us decrypt would be greatly appreciated. M
A client is required by their bank to run IBM Trusteer Rapport Securty software in order to login to their business online banking account. A Chrome plugin for this application recently failed due to WebRoot Identity Protection Application Protection blocking a DLL used by the program. After an hour spent attempting to whitelist the DLL, then the entire application folder, I contacted WebRoot support. In the end, support was not able to get the DLL whitelisted successfully, and it has been necessary to turn off Identity Protection altogether in order for the plugin to run, allowing access to the online banking site (required for direct deposit processing for payroll). Has anyone else run into these kinds of unresolvable issues with whitelisting? Leaving Identity Protection off for any length of time is not an option really, yet at the moment it's the only way to get any protection and have the ability to process payroll for this small municipality.
We have enabled Evasion Shield and set it to remediation after a test period. The problem is that we do not receive alerts when a script is detected/quarantined. We have to run a report, daily, to discover potential problems. Do you confirm this behaviour? Thank you in advance. -- Nicola
I am using SecureAnywhere. I have created a policy specifically for admins. The purpose of the policy is to allow admins to turn off any part of Webroot running on their PC. Under Basic Configuration, I have set "Allow SecureAnywhere to be shut down manually" but I see no effect from that and still no way to stop SecureAnywhere.
So, it appears we are having issues related to the following on multiple clients, multiple endpoints: (Note, we aren't just having the issue on Windows 10; Windows 7 is having issues too, and it appears to do with Winlogon/Netlogon). We believe it is related to the issue listed below. [url=https://community.webroot.com/t5/Known-Issues-KB/Netlogon-is-not-starting-after-Reboot/ta-p/316119]https://community.webroot.com/t5/Known-Issues-KB/Netlogon-is-not-starting-after-Reboot/ta-p/316119[/url] I offered to help our team by writing a script within our RMM software that would set the Registry key per Webroot's recommendations as described in the workaround in the article. Only one problem: I cannot create a DWORD to the WKrn service key. Just for fun, I tried using the same commands to write the IFP key noted by Webroot to another spot in the Windows Registry, and it went off without a hitch, making me think Webroot has set the HKLMSYSTEMCurrentCont
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.