Knowing all webroot specifications

  • 16 August 2020
  • 2 replies
  • 124 views

I have questions from my clients about Webroot and I am trying to find an answer through the available files, but I am unable to get an adequate answer.


2 replies

I need yes or no answer about the following specs :
Yes if available and no if not 
 

Shall shield endpoints from network 
exploitable vulnerabilities targeting endpoint 
Operating System (OS) 
 
Shall provide protection for computing devices not limited to laptop, notebook, iMac and/or desktop, with the Endpoint Protection agent to ensure threat protection and application management 
 
Shall provide protection to endpoints against unauthorized encryption and modification 
 
Shall be able to perform a behavioral analysis on unknown or low-prevalence processes to determine if an emerging or unknown threat is attempting to infect your network 
 
Shall be able to perform backup of files changed by suspicious programs 
automatically 
 
Shall be able to block processes commonly associated with ransomware 
 
Shall be able to block against known & unknown vulnerability exploits 
 
Shall include anti-exploit protection to detect and block threats using Common 
Vulnerabilities and Exposures (CVE) exploits. 
 
Shall be able to Identify vulnerabilities based 
on CVE, MS-ID, and severity 
 
Shall have automated detection and response function that blocks and detects threats 
 
Shall include with Data Leakage/Loss 
Prevention function for protection of sensitive data on and off network of the endpoints 
 
Shall have behaviour monitoring capability to detect abnormal program behaviour that is common to exploit attacks 
 
Shall be able to support multi-threading scan 
engine for maximum performance 
 
Shall support centralized Spyware and 
Adware detection and automatic removal 
 
Shall support centrally automatic update of virus definition, spyware patterns, databases and etc of endpoints’ agents and management console 
 
Shall be able to detect and remove any malicious application (Spyware and/or Adware) installed and running on the endpoints 
 

Shall be able to restore files encrypted by the ransomware 

 

 

Shall provide URL or web filtering to restrict web traffics on endpoints  
 
Shall support block and approve URLs list 
 
Shall be able to display the web reputation security level 
 
Shall be able to display web reputation 
notification to users 
 
Shall provide notification alerts upon web reputation violations. 
 
Shall provide file reputation check on all endpoints  
 
Shall provide protection to endpoints from drive-by downloads, ransomware, crypto jacking malware, and other malicious browserexecutable code 
 

Shall be able to update the agents’ databases, virus definition and etc manually and automatically from the endpoints. 

 

 

Management Console 

Shall provide single and centralized cloudbased management console for central visibility of reviewing of all reporting and dashboards of end point threats, risks, and information.  

 

 

Shall be able to manage and control all functions of the security solution.  
 
Shall support SSL- based encryption (HTTPS) for secure browser access from any web browsers 
 
Shall define and manage policies for USB devices control and data management 
 
Shall provide report functionality for security analysis, IT administrator and management 
  
Shall support and provides role-based access and control  
 
Shall allow communication, protections and software updates with endpoints that are connected to the Internet 
 
Shall support centrally managed of Data Leakage/Loss Prevention policies and reporting. 
 
Shall provide email notification alerts on security risks, threats, and violations to administrators. 
 
Shall support centrally deployment of updates to all endpoints 
 
Userlevel 6
Badge +26

 @waeem_ABS-MENA  - this looks like an RFP, which we’d be happy to work with your directly to answer and provide more clarification of needs assessment. You’re welcome to reach out to me directly at shanec@opentext.com.

The short answer is, the Webroot agent and business management console supports all of these requirements short of Data Leakage and SIEM integration. If you need more direct information and/or a technical demo to answer questions more thoroughly, please contact me and I’ll get you in touch with the appropriate resource based upon your location.

 

I need yes or no answer about the following specs :
Yes if available and no if not 
 

Shall shield endpoints from network 
exploitable vulnerabilities targeting endpoint 
Operating System (OS) 
 Yes
Shall provide protection for computing devices not limited to laptop, notebook, iMac and/or desktop, with the Endpoint Protection agent to ensure threat protection and application management 
 Yes - Mac/Windows OS
Shall provide protection to endpoints against unauthorized encryption and modification 
 Yes
Shall be able to perform a behavioral analysis on unknown or low-prevalence processes to determine if an emerging or unknown threat is attempting to infect your network 
 Yes
Shall be able to perform backup of files changed by suspicious programs 
automatically 
 Yes - but only through the journal/rollback feature with caveats as it’s not a replacement for traditional backup
Shall be able to block processes commonly associated with ransomware 
 Yes
Shall be able to block against known & unknown vulnerability exploits 
Yes 
Shall include anti-exploit protection to detect and block threats using Common 
Vulnerabilities and Exposures (CVE) exploits. 
 Yes
Shall be able to Identify vulnerabilities based 
on CVE, MS-ID, and severity 
Yes 
Shall have automated detection and response function that blocks and detects threats 
Yes - ADR is default 
Shall include with Data Leakage/Loss 
Prevention function for protection of sensitive data on and off network of the endpoints 
 No - Data leakage is not part of traditional security tools
Shall have behaviour monitoring capability to detect abnormal program behaviour that is common to exploit attacks 
 Yes
Shall be able to support multi-threading scan 
engine for maximum performance 
 Yes
Shall support centralized Spyware and 
Adware detection and automatic removal 
 Yes
Shall support centrally automatic update of virus definition, spyware patterns, databases and etc of endpoints’ agents and management console 
 Yes - all Threat Data is cloud based an available on demand, no local signature data files
Shall be able to detect and remove any malicious application (Spyware and/or Adware) installed and running on the endpoints 
 Yes

Shall be able to restore files encrypted by the ransomware 

 

Yes - with caveats around rollback/journal limitation and agent activity interuption

Shall provide URL or web filtering to restrict web traffics on endpoints  
 Yes - WebThreatShield included
Shall support block and approve URLs list 
 Yes - block only, allows on categories moves into DNS Protection functionality
Shall be able to display the web reputation security level 
Yes 
Shall be able to display web reputation 
notification to users 
 Yes - if the block pages is displayed
Shall provide notification alerts upon web reputation violations. 
No - not yet
Shall provide file reputation check on all endpoints  
 Yes
Shall provide protection to endpoints from drive-by downloads, ransomware, crypto jacking malware, and other malicious browserexecutable code 
 Yes

Shall be able to update the agents’ databases, virus definition and etc manually and automatically from the endpoints. 

 

No - there is no endpoint based file definitions to update, so this is irrelevant 

Management Console 

Shall provide single and centralized cloudbased management console for central visibility of reviewing of all reporting and dashboards of end point threats, risks, and information.  

 

Yes

Shall be able to manage and control all functions of the security solution.  
 Yes
Shall support SSL- based encryption (HTTPS) for secure browser access from any web browsers 
 Yes
Shall define and manage policies for USB devices control and data management 
 Yes
Shall provide report functionality for security analysis, IT administrator and management 
  Yes - but no SIEM integration, yet
Shall support and provides role-based access and control  
 Yes
Shall allow communication, protections and software updates with endpoints that are connected to the Internet 
 Yes
Shall support centrally managed of Data Leakage/Loss Prevention policies and reporting. 
 No - Data Leakage is not typically part of a security agents scope
Shall provide email notification alerts on security risks, threats, and violations to administrators. 
 Yes
Shall support centrally deployment of updates to all endpoints 
 Yes

 

Reply