Webroot SecureAnywhere Endpoint Protection
Security and navigation
SECURITY Administrator
NAVIGATION Sites > All Sites > click the name of a site > select one or more devices (check boxes) > click the Row Actions icon > Webroot SecureAnywhere
NAVIGATION Devices > All > select one or more devices (check boxes) > click the Row Actions icon > Webroot SecureAnywhere
NAVIGATION Device summary page > click the More icon > Webroot SecureAnywhere Endpoint Protection. To view the various navigation paths you can use to access the device summary page, refer to Device summary.
NAVIGATION A targeted list of devices > select one or more devices (check boxes) > click the Row Actions icon > Webroot SecureAnywhere. To view the navigation paths for the various targeted lists of devices, refer to Targeted lists of devices in Devices.
About Webroot
Webroot provides cloud-based, real-time internet security against viruses, spyware, and other online threats. Its SecureAnywhere® suite of security products for endpoints, mobile devices, and corporate networks delivers advanced internet threat protection to customers.
You can leverage built-in functionality to manage deployment and monitoring of Webroot SecureAnywhere Endpoint Protection on supported endpoints. This functionality includes the ability to run numerous application-specific remote actions on devices on which Webroot SecureAnywhere Endpoint Protection is installed.
Benefits
- Automatic, scalable Webroot deployments via Software Management
- Remote Webroot-specific actions accessible to technicians on the device summary page or device list pages
- Monitoring capabilities for Webroot installation and status compliance
- Webroot-specific monitoring, such as alerting to infections or devices requiring attention
Requirements
- You must be an Administrator in Datto RMM in order to add Webroot variables at the site or global level. Refer to Define Webroot variables.
Supported versions
- 8.0.4.47 and later versions for both Windows and macOS
Supported operating systems
Windows
For a full list of supported Windows operating systems, as well as general, hardware, and software requirements, refer to the following Webroot article:
macOS
For a full list of supported Mac operating systems, as well as general, hardware, and software requirements, refer to the following Webroot article:
Logs
Webroot installations use built-in Software Management and jobs functionality, depending on the mechanism used. Refer to Deploy Webroot for more information.
How to...
Deploy Webroot
Define Webroot variables
You can configure Webroot installation parameters using variables at the global or site level.
NOTE Site variables used in components will be passed to jobs and monitors and will override any global variables of the same name. For a site variable to successfully override an existing global variable, the site variable information entered must perfectly match the original global variable information, including the letter case of the name and value. You can specify global variables in the Variables section in Global Settings. You can also update multiple sites' variables in bulk using a CSV template. Refer to the Import Site Variables section of Global Settings.
Click Add Variable and configure the following fields:
NOTE If you require assistance obtaining or locating the following variable values, please contact Webroot Support.
| Variable Name | Variable Value |
|---|---|
| usrWRSASerialSITE | Enter the site-specific License Key (for example, A1111-B2222-C3333-D4444-E5555). |
| usrWRSAGroupSITE | Enter the site-specific Console Group ID. |
NOTE The values are case-sensitive, so ensure that you enter the variables exactly as they appear.
NOTE Select Mask value for each variable if you wish to hide its value.
NOTE Webroot does not currently support Console Group assignment during macOS installations.
Once you have defined Webroot variables, we recommend using one of the following methods to deploy the Webroot SecureAnywhere software onto your target devices:
- Configure the installation automatically via a Software Management policy.
- Perform an ad-hoc installation via a job.
Installation via a Software Management policy
You can configure Webroot SecureAnywhere Endpoint Protection to be installed on a set of targeted devices using a Software Management policy. This type of policy allows you to configure third-party software application updates and define when those updates should be installed.
To learn how to create a Software Management policy, refer to Software Management policy.
IMPORTANT Multiple global (account-level) and site-level Software Management policies can be enabled at a time, but only one Software Management policy can be enabled per device at a time. If an additional Software Management policy is configured to target a device that already has a Software Management policy enabled, the additional policy will be automatically disabled at the device level.
NOTE In order for this deployment option to succeed, you are required to define the above variables.
NOTE When using this deployment option, we recommend that you enable the Show Webroot in Add/Remove Programs option in the Basic Configuration settings in the Webroot SecureAnywhere portal. If this option is disabled, the Datto RMM Agent will be prevented from returning a compliant status for the devices targeted by the Software Management policy after the installation of Webroot.
Installation via a job
Create a scheduled or quick job to deploy the software to targeted devices using the Webroot SecureAnywhere component, available from the ComStore. Refer to ComStore and Component Library for download instructions.
For quick jobs, refer to Quick jobs.
For scheduled jobs, refer to Scheduled jobs.
NOTE The above variables will be used if set (recommended). Otherwise, you will need to configure the variables within the monitor.
NOTE You will need to configure individual policies for Windows and macOS devices using the components appropriate for each operating system type.
Identify Webroot installation issues that require troubleshooting
Datto RMM's universal antivirus detection can identify devices targeted by a Webroot installation but on which no such installation has been detected. Refer to Antivirus detection.
Actions related to Webroot installation tasks executed in Datto RMM are written to the target device’s logs.
Enable Webroot monitoring
Compliance monitoring
The following options are available for monitoring the installation of Webroot on target devices:
- Monitor via a Software Management policy. Refer to Installation via a Software Management policy.
- Monitor via a policy using the Software Detection Monitor component, available from the ComStore. Refer to ComStore and Component Library for download instructions. This can be configured to alert in cases where Webroot has not been detected on a set of one or more targeted devices. You may optionally configure a response component to help automate deployment, if required (for example, the Webroot SecureAnywhere installer, should a Software Management policy not be implemented for this purpose).
- You have the option to configure Datto RMM's universal antivirus detection, which allows an endpoint to report the name and status of its antivirus product. To learn more, refer to Antivirus detection.
Webroot application monitoring
Monitoring Webroot health on a target device can be done via policy using the Webroot SecureAnywhere Monitor component, available from the ComStore. Refer to ComStore and Component Library for download instructions.
NOTE You will need to configure individual policies for Windows and macOS devices using the components appropriate for each operating system type.
Run Webroot-specific remote actions
NOTE At this time, the ability to run Webroot-specific remote actions is supported only on Windows operating systems.
- Navigate to Devices > All.
- Select any number of devices, at least one of which must have Webroot SecureAnywhere installed. Alternatively, click the name of a single device that has Webroot SecureAnywhere installed.
- If you selected multiple devices, click the Row Actions icon and select Webroot SecureAnywhere. If you clicked one device name, the device summary page will open. Click the More icon and select Webroot SecureAnywhere Endpoint Protection.
- Select one of the following actions from the drop-down list:
NOTE If you select more than one device, the remote action will run only on the devices that have Webroot SecureAnywhere Endpoint Protection installed.
| Action | Description |
|---|---|
| Update | Updates definitions on the device. |
| Full Scan | Runs a full system scan on the device. |
| Rearm | If real-time protection is disabled or paused, re-enables it. |
| Scan/Clean | Runs a scan on the device and automatically remove any detected infections. |
| Refresh Configuration | Triggers a program update by forcing the device to check in to the cloud. |
NOTE The same options are available on the device summary page within the System card. Refer to Antivirus Product.
Uninstall Webroot
For security reasons, the latest versions of Webroot SecureAnywhere do not support remote uninstallation. To uninstall the product, you must trigger the removal from within the Webroot SecureAnywhere Global Site Manager Console or manually on the device (via safe mode with networking).
