ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Webroot - Limiting Access to Shutdown Protection to Admins

    IT Discussion
    webroot av antivirus
    6
    21
    2.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • wrx7mW
      wrx7m @JaredBusch
      last edited by

      @jaredbusch said in Webroot - Limiting Access to Shutdown Protection to Admins:

      @dbeato said in Webroot - Limiting Access to Shutdown Protection to Admins:

      Mm there is only two types of users
      Basic and Admin

      Basic has readonly access and well Admin is admin.
      https://download.webroot.com/SecureAnywhereWebsiteUserGuide.pdf (page 26)

      Wrong answer.

      If you set the policy to allow the agent to be shutdown, anyone can shut it down. You cannot restrict it to admins.

      My question to @wrx7m is why do you want this in the first place? The point is you should never be shutting it down on a regular basis anyway.
      If you need to, just move the endpoint to a group with a policy that allows it, or just change their policy. shut it down, do whatever and then put them back in the right group/policy.

      Thanks for the options. As stated in my OP, I disable it for installation of some software or troubleshooting purposes.

      JaredBuschJ 1 Reply Last reply Reply Quote 0
      • JaredBuschJ
        JaredBusch @wrx7m
        last edited by JaredBusch

        @wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:

        @jaredbusch said in Webroot - Limiting Access to Shutdown Protection to Admins:

        @dbeato said in Webroot - Limiting Access to Shutdown Protection to Admins:

        Mm there is only two types of users
        Basic and Admin

        Basic has readonly access and well Admin is admin.
        https://download.webroot.com/SecureAnywhereWebsiteUserGuide.pdf (page 26)

        Wrong answer.

        If you set the policy to allow the agent to be shutdown, anyone can shut it down. You cannot restrict it to admins.

        My question to @wrx7m is why do you want this in the first place? The point is you should never be shutting it down on a regular basis anyway.
        If you need to, just move the endpoint to a group with a policy that allows it, or just change their policy. shut it down, do whatever and then put them back in the right group/policy.

        Thanks for the options. As stated in my OP, I disable it for installation of some software or troubleshooting purposes.

        Right, I have been using Webroot for years at various clients and about the only reason I ever shut it down is to tinker with the hosts file. I once had to shut it down on a user machine in order for the user to pass an automated PCI compliance test. Then I turned it back on. But that was a once off issue.

        1 Reply Last reply Reply Quote 0
        • dbeatoD
          dbeato @JaredBusch
          last edited by

          @jaredbusch fair enough, so are you saying that a Basic user can shutdown an agent as well?

          I usually didn't need to even think about this as all our users are Admin since as an MSP we manage Webroot as our own and no one else.

          wrx7mW JaredBuschJ 2 Replies Last reply Reply Quote 0
          • wrx7mW
            wrx7m @dbeato
            last edited by

            @dbeato said in Webroot - Limiting Access to Shutdown Protection to Admins:

            @jaredbusch fair enough, so are you saying that a Basic user can shutdown an agent as well?

            I usually didn't need to even think about this as all our users are Admin since as an MSP we manage Webroot as our own and no one else.

            Right. Any user can shutdown protection if it is set to enabled in the policy associated with that machine.

            1 Reply Last reply Reply Quote 0
            • JaredBuschJ
              JaredBusch @dbeato
              last edited by JaredBusch

              @dbeato said in Webroot - Limiting Access to Shutdown Protection to Admins:

              @jaredbusch fair enough, so are you saying that a Basic user can shutdown an agent as well?

              No. I said that you are talking about the wrong thing.

              dbeatoD 1 Reply Last reply Reply Quote 0
              • dbeatoD
                dbeato @JaredBusch
                last edited by

                @jaredbusch So in essence what I said does not apply because it is talking about something else? Like those are not the users type? I just want to learn the mistake/error...

                JaredBuschJ 1 Reply Last reply Reply Quote 0
                • JaredBuschJ
                  JaredBusch @dbeato
                  last edited by

                  @dbeato said in Webroot - Limiting Access to Shutdown Protection to Admins:

                  @jaredbusch So in essence what I said does not apply because it is talking about something else? Like those are not the users type? I just want to learn the mistake/error...

                  You are talking about users of the Webroot web console.

                  He is talking about users.

                  dbeatoD 1 Reply Last reply Reply Quote 1
                  • dbeatoD
                    dbeato @JaredBusch
                    last edited by

                    @jaredbusch Makes sense now... O really thought OP was talking on the web interface but it makes sense since it is all or nothing with policies assigned to endpoints.

                    1 Reply Last reply Reply Quote 0
                    • coliverC
                      coliver
                      last edited by

                      What software are you installing that trips webroot up? That seems like either you need to open a ticket with webroot or you need to talk to the software vendor.

                      When I was running webroot we never had to turn it off for software installations.

                      1 Reply Last reply Reply Quote 1
                      • DashrenderD
                        Dashrender
                        last edited by

                        I don't use Webroot - but I rarely run into an issue where I need to disable my AV to install/update something.

                        1 Reply Last reply Reply Quote 0
                        • wrx7mW
                          wrx7m
                          last edited by

                          I haven't had this happen with webroot yet (only been using it for a week in trial) but in the past some software has taken forever to install with Trend Micro running; to the point where I canceled the installation and disabled scanning. Then, it finished installing in less than a minute.

                          Also, some software vendors have it in their installation documentation to disable AV during installation. I usually don't, but have run into the occasional issue when not doing it.

                          1 Reply Last reply Reply Quote 0
                          • RojoLocoR
                            RojoLoco
                            last edited by

                            I've always handled this by having a policy that has everything turned off. When I need to disable it on a machine, I change the policy and then go to the endpoint and "refresh configuration". Install or troubleshoot, then change the policy back.

                            Webroot has never really blocked or messed with anything but our internal software.

                            1 Reply Last reply Reply Quote 1
                            • wrx7mW
                              wrx7m
                              last edited by wrx7m

                              Thanks, everyone. Policies are the way to handle it.

                              Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?

                              JaredBuschJ RojoLocoR coliverC 3 Replies Last reply Reply Quote 0
                              • JaredBuschJ
                                JaredBusch @wrx7m
                                last edited by

                                @wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:

                                Thanks, everyone. Policies are the way to handle it. Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?

                                Not normal stuff. No.

                                wrx7mW 1 Reply Last reply Reply Quote 1
                                • wrx7mW
                                  wrx7m @JaredBusch
                                  last edited by

                                  @jaredbusch said in Webroot - Limiting Access to Shutdown Protection to Admins:

                                  @wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:

                                  Thanks, everyone. Policies are the way to handle it. Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?

                                  Not normal stuff. No.

                                  Nice.

                                  JaredBuschJ 1 Reply Last reply Reply Quote 0
                                  • JaredBuschJ
                                    JaredBusch @wrx7m
                                    last edited by

                                    @wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:

                                    @jaredbusch said in Webroot - Limiting Access to Shutdown Protection to Admins:

                                    @wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:

                                    Thanks, everyone. Policies are the way to handle it. Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?

                                    Not normal stuff. No.

                                    Nice.

                                    We gave some exceptions for shit software. But nothing modern.

                                    1 Reply Last reply Reply Quote 1
                                    • RojoLocoR
                                      RojoLoco @wrx7m
                                      last edited by

                                      @wrx7m Haven't had to make many overrides for normal stuff, mostly just our internal controls.

                                      1 Reply Last reply Reply Quote 1
                                      • coliverC
                                        coliver @wrx7m
                                        last edited by

                                        @wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:

                                        Thanks, everyone. Policies are the way to handle it.

                                        Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?

                                        Not really. It was recommended by some software vendors but we ignored it and everything kept humming along without issue.

                                        1 Reply Last reply Reply Quote 1
                                        • 1
                                        • 2
                                        • 1 / 2
                                        • First post
                                          Last post