Solved

Sonicwall AV is blocking Webroot downloads. Can you please work with Sonicwall to correct this?

  • 28 October 2016
  • 11 replies
  • 21696 views

The Sonicwall Antivirus is suddenly identiifying Webroot dowloads as Trojans.  Can someone from Webroot please contact Sonicwall to correct this?  From what I have read, Java updates and Sophos are also being flagged as Trojans.  They are both working with Sonicwall to correct the situation.  Can someone from Webroot do the same since it may not be the same signature that is blocking webroot.   It does not seem to prevent webroot from working, but it does prevent version updates and fresh installs.
 
Thanks for looking into this.
icon

Best answer by johnnybor 3 April 2017, 22:27

 
These is no question it was blocking Webroot from updating in the counsel for some users,  it appears what you have blocked in your CFS policy’s makes the difference, I noticed it blocking users that were restricted more than others that were not. I solved the problem aby adding these domains in the the allowed group:
 
 
webroot.com
webrootcloudav.com
webrootanywhere.com
prevx.com
amazonaws.com
cloudfront.net
webrootdns.net
wsawebfilteringportal.elasticbeanstalk.com
View original

11 replies

Userlevel 3
You may add Webroot at the exclusions of Sonicwall (if this is possible) and you will find peace of mind 🙂
I understand that this is a Sonicwall issue, but I also know that the makers of other software that are blocked are actively involved in working with Sonicwall to get it resolved.  Shouldn't Webroot do the same?  Isn't it in the best interest of Webroot to get this resolved?  I am sure we are not the only users impacted by this.  
It is blocked by Sonicwall Antivirus and not the content filter.  I cannot just allow domains and URL's to fix it.
One more thing, I cannot just disable the Sonicwall and just use Webroot.  We have 500 devices on our network and not all of them will run webroot.  Also, we are a school and we are required by law to have a firewall and content filter in place.  I like Webroot, and we have a large number of licenses, but if I am forced to choose between the Sonicwall or Webroot, I will have no choice except to pick the Sonicwall.  
 
Please help in resolving this.  Why is Webroot so opposed to trying to fix this?   When we first purchased our licenses, I got multiple emails and calls from Webroot seeing if we needed any help getting things installed and worknig correctly.  Why, when help is needed, does it seem like Webroot doesn't want to get involved.  
 
 
Userlevel 3
I have never used Sonicwall but usually when an antivirus blocks an application, it transfers it to Quarantine. If you know that the quarantined application is safe, then you can set it as safe by excluding it from future scan or blocking by the antivirus. Isn't this possible to do at Sonicwall?
 
If also possible try allowing the following domains:
*.webrootcloudav.com
Agent communication and updates
(Please note: Some firewalls do not support double dotted subdomain names with a single wildcard mask (i.e.  g1.p4.webrootcloudav.com being represented by *.webrootcloudav.com) so some environments might require either *.p4.webrootcloudav.com or *.*.webrootcloudav.com)
 
*.webroot.com
Agent messaging
 
*.s3.amazonaws.com
Agent file downloading and uploading
 
WSAWebFilteringPortal.elasticbeanstalk.com
Required for agent Web Filtering, elasticbeanstalk is an amazon AWS domain
 
*.webrootanywhere.com
Management portal and support ticket logs upload
@ wrote:
One more thing, I cannot just disable the Sonicwall and just use Webroot.  We have 500 devices on our network and not all of them will run webroot.  Also, we are a school and we are required by law to have a firewall and content filter in place.  I like Webroot, and we have a large number of licenses, but if I am forced to choose between the Sonicwall or Webroot, I will have no choice except to pick the Sonicwall.  
 
Please help in resolving this.  Why is Webroot so opposed to trying to fix this?   When we first purchased our licenses, I got multiple emails and calls from Webroot seeing if we needed any help getting things installed and worknig correctly.  Why, when help is needed, does it seem like Webroot doesn't want to get involved.  
 
 
Hi GreenKnight.
 
Thanks for the additional info. I think this would best be handled by the professionals at Webroot Support. If you could please submit a trouble ticket and include a link to this post so that you don't have to re-explain everything, that would be your best avenue for resolving this issue.
 
Thanks,
BD
Userlevel 1
Is there a resolution to this yet?
Userlevel 7
@ wrote:
Is there a resolution to this yet?
I'm not sure if this is still an issue or not, @, but I've submitted our installer to Sonicwall using their https://threat_samples.eng.sonicwall.com/vx_sample_upload.html Will update here once I hear anything back.
Userlevel 2
I am running SonicWalls at half a dozen locations, with active subscriptions for Gateway AV, Anti-Spyware, Intrusion Prevention, and Premium Content Filtering, and have not experienced this issue.
 
 
Userlevel 1
 
These is no question it was blocking Webroot from updating in the counsel for some users,  it appears what you have blocked in your CFS policy’s makes the difference, I noticed it blocking users that were restricted more than others that were not. I solved the problem aby adding these domains in the the allowed group:
 
 
webroot.com
webrootcloudav.com
webrootanywhere.com
prevx.com
amazonaws.com
cloudfront.net
webrootdns.net
wsawebfilteringportal.elasticbeanstalk.com
Badge +1
Please tell someone tell me how to add the webroot at the exclusions of sonicwall. Please suggest a proper procedure.

Reply