Webroot - Limiting Access to Shutdown Protection to Admins
-
@jaredbusch fair enough, so are you saying that a Basic user can shutdown an agent as well?
I usually didn't need to even think about this as all our users are Admin since as an MSP we manage Webroot as our own and no one else.
-
@dbeato said in Webroot - Limiting Access to Shutdown Protection to Admins:
@jaredbusch fair enough, so are you saying that a Basic user can shutdown an agent as well?
I usually didn't need to even think about this as all our users are Admin since as an MSP we manage Webroot as our own and no one else.
Right. Any user can shutdown protection if it is set to enabled in the policy associated with that machine.
-
@dbeato said in Webroot - Limiting Access to Shutdown Protection to Admins:
@jaredbusch fair enough, so are you saying that a Basic user can shutdown an agent as well?
No. I said that you are talking about the wrong thing.
-
@jaredbusch So in essence what I said does not apply because it is talking about something else? Like those are not the users type? I just want to learn the mistake/error...
-
@dbeato said in Webroot - Limiting Access to Shutdown Protection to Admins:
@jaredbusch So in essence what I said does not apply because it is talking about something else? Like those are not the users type? I just want to learn the mistake/error...
You are talking about users of the Webroot web console.
He is talking about users.
-
@jaredbusch Makes sense now... O really thought OP was talking on the web interface but it makes sense since it is all or nothing with policies assigned to endpoints.
-
What software are you installing that trips webroot up? That seems like either you need to open a ticket with webroot or you need to talk to the software vendor.
When I was running webroot we never had to turn it off for software installations.
-
I don't use Webroot - but I rarely run into an issue where I need to disable my AV to install/update something.
-
I haven't had this happen with webroot yet (only been using it for a week in trial) but in the past some software has taken forever to install with Trend Micro running; to the point where I canceled the installation and disabled scanning. Then, it finished installing in less than a minute.
Also, some software vendors have it in their installation documentation to disable AV during installation. I usually don't, but have run into the occasional issue when not doing it.
-
I've always handled this by having a policy that has everything turned off. When I need to disable it on a machine, I change the policy and then go to the endpoint and "refresh configuration". Install or troubleshoot, then change the policy back.
Webroot has never really blocked or messed with anything but our internal software.
-
Thanks, everyone. Policies are the way to handle it.
Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?
-
@wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:
Thanks, everyone. Policies are the way to handle it. Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?
Not normal stuff. No.
-
@jaredbusch said in Webroot - Limiting Access to Shutdown Protection to Admins:
@wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:
Thanks, everyone. Policies are the way to handle it. Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?
Not normal stuff. No.
Nice.
-
@wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:
@jaredbusch said in Webroot - Limiting Access to Shutdown Protection to Admins:
@wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:
Thanks, everyone. Policies are the way to handle it. Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?
Not normal stuff. No.
Nice.
We gave some exceptions for shit software. But nothing modern.
-
@wrx7m Haven't had to make many overrides for normal stuff, mostly just our internal controls.
-
@wrx7m said in Webroot - Limiting Access to Shutdown Protection to Admins:
Thanks, everyone. Policies are the way to handle it.
Has anyone needed to exclude services/files/directories from being scanned by webroot? For instance, Exchange, SQL, IIS, etc?
Not really. It was recommended by some software vendors but we ignored it and everything kept humming along without issue.