This solution addresses Webroot Business Endpoint Protection.
Endpoint policies are used to control the settings and behavior of the Webroot Business Endpoint Protection agent. It is possible to set custom scan times, allow or block user initiated scans, allow or suppress the ability to open the agent locally or control many other behaviors of the agent.
Endpoint policies are managed in the Webroot Management console under the Policies tab, assigned to endpoints, then applied as those endpoints check-in. Multi-site Webroot Management consoles allow the creation of global policies, which can be applied to multiple sites to make administration easier.
There are a number of default policies that can be used as they exist or copied to be used as a starting point for custom policies. The default policies include:
- Covers the majority of endpoint requirements for general users working on workstations or laptops. User interface and PUA detection is turned Off.
Recommended DNS Enabled
– Uses the same settings as Recommended Defaults but has DNS Protection enabled, which will install the DNS agent (assuming the account/site has DNS Protection enabled).
Recommended Server Defaults
– To be used in server environments, this policy is tuned with a primary focus on minimizing resources used to cause as little impact as possible to servers and server environments.
- A derivative of Recommended Defaults, it purposefully has the remediation functions suppressed so as to not effect production. This policy should be used for short durations during initial site/endpoint setup to capture potential production false positives.
- Designed for troubleshooting and/or no policy management where necessary, when applied, this policy allows the end user complete control over the agent. This is not a manageable or editable policy and the primary recommended use is for technical support. It is not recommended for use in production, as it moves the management responsibility to the endpoint user which could cause a network vulnerability.
- Policy names must be unique and cannot be re-used, even if prior versions with that name have been deleted.
- It is not possible to modify the pre-existing policies, but they can be copied and used as the starting point for custom policies.
- It is not possible to make a copy of the Unmanaged Policy.
- Administrators need proper permissions to be able to modify and assign policies:
- Policies > Create & Edit
- Policies > Assign Policies to Endpoints
More information on policies is available in the User Guide
Below is a table containing more information about the types of policy settings available. Each section contains settings used to customize the agent behavior.
To see a description of the policy settings, hover your cursor over each one to open its tooltip.
||General preferences that change the behavior of the Webroot program, such as whether the program icon appears in the endpoint's system tray and whether the user can shut down the program.
||Settings that allow you to run scans at different times, change the scanning behavior, or turn off automatic scanning. If you do not modify the scan schedule, Webroot launches scans automatically every day, at about the same time you installed the software.
||Settings that provide more control over scans, such as performing a more thorough scan.
||Additional protection that prevents malicious software from modifying the Webroot program settings and processes on the endpoint. If Webroot detects another product attempting to interfere with its functions, it launches a protective scan to look for threats.
||Threat analysis that Webroot performs when scanning endpoints. Heuristics can be adjusted for separate areas of the endpoints, including the local drive, USB drives, the Internet, the network, CD/DVDs, and when the endpoint is offline.
||Settings that block known threats listed in Webroot's threat definitions and in Webroot's community database.
||Settings that analyze the applications and processes running on the endpoints.
|Core System Shield
||Settings that monitor the computer system structures to ensure that malware has not tampered with them.
|Web Threat Shield
||Settings that protect endpoints as users surf the Internet and click links in search results.
||Protection from identity theft and financial loss. It ensures that sensitive data is protected, while safe-guarding users from keyloggers, screen-grabbers, and other information-stealing techniques.
||Firewall protection that monitors data traffic traveling out of computer ports. It looks for untrusted processes that try to connect to the Internet and steal personal information. The Webroot firewall works in conjunction with the Windows firewall, which monitors data traffic coming into the endpoints.
||User access to the Webroot program on the endpoint.
||Settings that control the System Cleaner behavior, such as an automatic cleanup schedule and what types of files and traces to remove from the endpoint.
||Controls if the Webroot DNS Protection agent is installed to endpoints, Webroot DNS Protection must be enabled for the account and site (if using a multi-site console).